| |
| |||||||
Log-Analyse und Auswertung: Email Account gehackt, Trojaner installiert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
18.11.2011, 23:33
| #1 |
| |  Email Account gehackt, Trojaner installiert? Hallo, von meinem GMX werden seit kurzem Spam Emails an zufällige und teilweise ungültige Email Adressen versendet. Ich habe von GMX auch bereits eine Email erhalten das mein account wohlmöglich gehackt wurde und das Versenden von Emails vorerst deaktiviert wurde. Ich habe mein Passwort bereits geändert, befürchte aber, dass eventuell Trojaner oder ähnliches auf meinem Rechner installiert sein könnten. Die OTL Logs sind weiter unten gepostet. Gmer habe ich nicht ausgeführt da ich ein 64 Bit System habe. Ich hoffe ihr könnt mir weiterhelfen. Vielen Dank im voraus schonmal OTL Extras logfile created on: 18.11.2011 22:08:52 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = F:\Downloads 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 48,24% Memory free 7,82 Gb Paging File | 5,13 Gb Available in Paging File | 65,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 109,22 Gb Total Space | 59,56 Gb Free Space | 54,53% Space Free | Partition Type: NTFS Drive D: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 136,72 Gb Total Space | 118,10 Gb Free Space | 86,38% Space Free | Partition Type: NTFS Drive F: | 205,08 Gb Total Space | 136,38 Gb Free Space | 66,50% Space Free | Partition Type: NTFS Computer Name: EDDY-PC | User Name: Eddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- F:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "E:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit) "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software "{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}" = Validity Sensors DDK "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{975DFE7C-8E56-45BC-A329-401E6B1F8102}" = Dell Backup and Recovery Manager "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A139EC3F-DF45-99FE-DE96-4E6E2CE36CE7}" = ATI AVIVO64 Codecs "{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B542E96F-9AC3-212D-BAB4-D66BC295AEDE}" = ccc-utility64 "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 "{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}" = DigitalPersona Fingerprint Software 5.20 "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E033338C-BDDC-63E2-918F-15169BCD4492}" = ATI Catalyst Install Manager "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Dell Support Center" = Dell Support Center "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{022DF03A-678C-AC30-3819-BCD3227564C8}" = Catalyst Control Center InstallProxy "{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11 "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F48FF9D-281D-7F2C-8F66-45C40DC7E013}" = CCC Help Japanese "{184BF682-537C-4CAE-8789-6696508A4032}" = Brother MFL-Pro Suite MFC-5895CW "{193407D5-C986-22F3-1694-4F9625E503AA}" = ccc-core-static "{1C433C00-DA63-51AB-4D8E-9377432763C5}" = CCC Help Dutch "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2419CAAE-0B3E-6896-D47D-04026ECA00F1}" = CCC Help Swedish "{2434D575-4014-8528-FC00-0EF27CE0F50E}" = CCC Help Chinese Traditional "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3612864B-2293-CD9D-5BF3-4598102C33CA}" = CCC Help Spanish "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{38A09062-500A-3CE0-E843-F8ED59CC8D24}" = CCC Help Portuguese "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{453AD50D-00F8-D8B4-4F29-390B0E13A617}" = CCC Help Korean "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{55D0A664-DD43-9976-D01D-8A9DF99DBBAF}" = CCC Help Finnish "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{5CCB3104-F556-C34D-A953-EF7383002A7C}" = CCC Help German "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{669EE176-1A65-12C0-7AA1-38FB30FEDE93}" = CCC Help English "{66E1241C-B39B-496A-BDDF-23121D2AFF98}" = Catalyst Control Center - Branding "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{83D47EC0-35CD-E315-14F5-4533D3F727EF}" = CCC Help Chinese Standard "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{891D6D33-1824-1C11-DB44-205736478E74}" = PX Profile Update "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A943BFF-F4FB-A63D-073D-8F747E1F6A36}" = CCC Help Danish "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A4A712B1-C542-0AA9-A7ED-0453EB18DAAC}" = Catalyst Control Center Localization All "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B12B2D78-0FDC-29D3-7DDB-375C5FC8FAD9}" = CCC Help Norwegian "{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}" = Trend Micro Client/Server Security Agent "{C181E444-FEF3-4DB7-8A6E-F09791C18346}" = Eu3 - DEMO "{C1C10CA1-0DC0-650A-4434-98516DE45B4D}" = Catalyst Control Center Profiles Mobile "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C3B09208-B8B9-9890-AF04-F17D6383D7B7}" = CCC Help Italian "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid "{C5F626FE-14BE-6A63-BCC1-43633997AB99}" = CCC Help French "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}" = Adobe Flash Player 10 ActiveX "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver "{F2ED896D-9825-6718-4824-A2E497324703}" = CCC Help Russian "{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "avast" = avast! Free Antivirus "Dell Webcam Central" = Dell Webcam Central "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5 "Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de) "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "Steam App 10500" = Empire: Total War "vShare.tv plugin" = vShare.tv plugin 1.3 "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC Error - 03.11.2011 17:55:25 | Computer Name = Eddy-PC | Source = ATIeRecord | ID = 16398 Description = ATI EEU failed to post message to CCC [ System Events ] Error - 02.11.2011 01:12:58 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 05.11.2011 23:03:22 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 05.11.2011 23:03:22 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 09.11.2011 17:58:01 | Computer Name = Eddy-PC | Source = DCOM | ID = 10010 Description = Error - 11.11.2011 09:22:51 | Computer Name = Eddy-PC | Source = WMPNetworkSvc | ID = 866300 Description = Error - 11.11.2011 14:13:04 | Computer Name = Eddy-PC | Source = Tcpip | ID = 4199 Description = Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.2 mit dem Computer mit der Netzwerkhardwareadresse 00-1F-1F-A6-F8-91 ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Error - 11.11.2011 14:19:40 | Computer Name = Eddy-PC | Source = DCOM | ID = 10010 Description = Error - 13.11.2011 05:48:39 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 13.11.2011 05:48:39 | Computer Name = Eddy-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 13.11.2011 09:38:26 | Computer Name = Eddy-PC | Source = BROWSER | ID = 8032 Description = < End of report > OTL logfile created on: 18.11.2011 22:08:48 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = F:\Downloads 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 48,24% Memory free 7,82 Gb Paging File | 5,13 Gb Available in Paging File | 65,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 109,22 Gb Total Space | 59,56 Gb Free Space | 54,53% Space Free | Partition Type: NTFS Drive D: | 4,24 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 136,72 Gb Total Space | 118,10 Gb Free Space | 86,38% Space Free | Partition Type: NTFS Drive F: | 205,08 Gb Total Space | 136,38 Gb Free Space | 66,50% Space Free | Partition Type: NTFS Computer Name: EDDY-PC | User Name: Eddy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.11.18 22:07:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Downloads\OTL.exe PRC - [2011.11.18 22:05:38 | 000,050,477 | ---- | M] () -- F:\Downloads\Defogger.exe PRC - [2011.11.13 10:48:27 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2011.11.09 06:16:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- F:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.10.15 13:29:30 | 001,242,448 | ---- | M] (Valve Corporation) -- E:\Spiele\Total War Empire\steam.exe PRC - [2011.09.06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- E:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- E:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2010.12.29 19:54:10 | 000,740,688 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe PRC - [2010.12.15 16:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010.11.17 18:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe PRC - [2010.11.06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.11.06 05:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.11.03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2010.11.03 18:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2010.11.03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2010.11.03 17:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe PRC - [2010.10.06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.10.06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2010.07.05 19:37:32 | 000,045,056 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe PRC - [2010.07.05 19:37:28 | 000,017,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009.07.06 20:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe PRC - [2009.05.16 01:44:06 | 000,435,584 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe PRC - [2009.02.24 14:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe ========== Modules (No Company Name) ========== MOD - [2011.11.18 22:05:38 | 000,050,477 | ---- | M] () -- F:\Downloads\Defogger.exe MOD - [2011.11.13 10:48:26 | 014,410,024 | ---- | M] () -- E:\Spiele\Total War Empire\bin\libcef.dll MOD - [2011.11.13 10:48:26 | 000,914,216 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avcodec-52.dll MOD - [2011.11.13 10:48:26 | 000,194,344 | ---- | M] () -- E:\Spiele\Total War Empire\bin\chromehtml.dll MOD - [2011.11.13 10:48:26 | 000,155,432 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avformat-52.dll MOD - [2011.11.13 10:48:26 | 000,091,432 | ---- | M] () -- E:\Spiele\Total War Empire\bin\avutil-50.dll MOD - [2011.11.09 06:16:46 | 001,989,592 | ---- | M] () -- F:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.10.24 09:37:42 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.10.23 22:26:55 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll MOD - [2011.10.23 22:26:55 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9cdcbab4b98eff0399edc83e8728c516\IAStorCommon.ni.dll MOD - [2011.10.23 22:26:54 | 003,325,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll MOD - [2011.10.23 22:26:52 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5146ed6dcbec6f5cafc972c011e13663\IAStorUtil.ni.dll MOD - [2011.10.23 22:26:49 | 012,431,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll MOD - [2011.10.23 22:26:41 | 001,586,688 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll MOD - [2011.10.23 22:26:23 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll MOD - [2011.10.23 22:26:19 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll MOD - [2011.10.23 22:26:17 | 007,949,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll MOD - [2011.10.23 22:26:11 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll MOD - [2011.05.10 16:22:20 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.05.10 16:22:15 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.12.15 16:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe MOD - [2009.02.27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.27 15:27:22 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.12.03 16:26:34 | 003,143,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.11.13 10:48:27 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011.01.25 10:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2010.12.29 19:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Programme\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2010.12.27 23:50:30 | 031,124,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Programme\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2010.12.03 16:14:58 | 002,696,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010.11.06 05:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.11.03 18:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2010.11.03 18:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2010.11.03 17:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010.10.06 03:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.10.06 03:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.09.14 04:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010.09.14 04:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU) SRV - [2010.07.05 19:37:32 | 000,045,056 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe -- (svcGenericHost) SRV - [2010.06.22 19:27:44 | 002,057,096 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe -- (tmlisten) SRV - [2010.06.22 19:18:54 | 001,835,912 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe -- (ntrtscan) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.15 23:39:26 | 000,595,960 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe -- (TmPfw) SRV - [2009.07.15 23:36:48 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe -- (TmProxy) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.09.06 21:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2011.09.06 21:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2011.09.06 21:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2011.09.06 21:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2011.09.06 21:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011.09.06 21:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.27 15:57:46 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.01.27 14:51:56 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.01.25 10:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2011.01.08 02:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.01.08 02:42:34 | 012,262,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.12.21 15:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2010.12.13 15:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010.12.10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.12.10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.12.03 23:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2010.12.01 11:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.06 05:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.11.04 11:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2010.11.04 09:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2010.10.30 01:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.10.26 20:08:08 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.10.20 00:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2010.10.15 09:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.09.21 15:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.09.14 04:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2010.09.14 04:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2010.09.14 04:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2010.09.14 04:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010.08.20 17:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.12.31 11:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2009.09.23 02:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2009.09.23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2009.09.23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2009.07.15 23:38:10 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp) DRV:64bit: - [2009.07.15 23:37:58 | 000,200,720 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf) DRV:64bit: - [2009.07.15 23:37:36 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2010.07.31 00:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV - [2010.05.11 05:10:54 | 000,265,744 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys -- (TmFilter) DRV - [2010.05.11 05:10:08 | 000,042,000 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys -- (TmPreFilter) DRV - [2010.05.11 04:57:28 | 002,007,056 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys -- (VSApiNt) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USSMB/8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011.05.10 14:16:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension [2011.05.10 14:17:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: E:\Programme\AVAST Software\Avast\WebRep\FF [2011.10.14 18:45:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: F:\Programme\Mozilla Firefox\components [2011.11.09 06:16:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: F:\Programme\Mozilla Firefox\plugins [2011.10.27 17:44:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: F:\Programme\Mozilla Firefox\components [2011.11.09 06:16:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: F:\Programme\Mozilla Firefox\plugins [2011.10.27 17:44:58 | 000,000,000 | ---D | M] [2011.10.14 17:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eddy\AppData\Roaming\mozilla\Extensions [2011.10.14 17:49:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eddy\AppData\Roaming\mozilla\Firefox\Profiles\03f7fmlx.default\extensions () (No name found) -- C:\USERS\EDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\03F7FMLX.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - E:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [DBRMTray] C:\Dell\DBRM\Reminder\DbrmTrayicon.exe (Microsoft) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] E:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BCSSync] E:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe (Trend Micro Inc.) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Steam] E:\Spiele\Total War Empire\Steam.exe (Valve Corporation) O4:64bit: - HKLM..\RunOnce: [DBRMTray] C:\Dell\DBRM\Reminder\TrayApp.exe (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06F77D90-E4D8-4B8A-8E95-E4024565C123}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F3B849-8135-430B-A6CE-5F8216231F53}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll (Trend Micro Inc.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.11.18 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2011.11.18 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011.11.18 20:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2011.11.18 20:01:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2011.11.18 20:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011.11.18 19:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2011.11.18 19:59:20 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Microsoft Help [2011.11.18 19:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011.11.18 06:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Client-Server Security Agent [2011.11.16 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Google [2011.11.12 16:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.10.30 19:31:42 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\pdfforge [2011.10.30 19:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2011.10.27 17:46:44 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Apple Computer [2011.10.27 17:46:41 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\Apple Computer [2011.10.27 17:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.10.27 17:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.10.27 17:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.10.27 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Apple [2011.10.27 17:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.10.27 17:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.10.26 18:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) [2011.10.26 18:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2011.10.26 12:27:23 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Diagnostics [2011.10.25 20:50:53 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\SoftGrid Client [2011.10.25 20:50:53 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\SoftGrid Client [2011.10.25 20:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.10.25 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011.10.25 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2011.10.25 20:50:03 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\TP [2011.10.24 14:04:41 | 000,000,000 | R--D | C] -- C:\Users\Eddy\AppData\Roaming\Brother [2011.10.24 13:50:54 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Local\Scansoft [2011.10.24 13:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother [2011.10.24 13:45:27 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\windows\SysWow64\BRCrypt.dll [2011.10.24 13:45:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx [2011.10.24 13:45:16 | 000,118,784 | ---- | C] (Brother Industries,LTD.) -- C:\windows\SysWow64\BrMfNt.dll [2011.10.24 13:45:15 | 000,179,712 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrfxDA5b.dll [2011.10.24 13:45:14 | 000,207,872 | ---- | C] (brother) -- C:\windows\SysNative\NSSRH64.dll [2011.10.24 13:45:14 | 000,082,944 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrNetSti.dll [2011.10.24 13:45:14 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\windows\SysNative\BrWiaNCp.dll [2011.10.24 13:45:14 | 000,047,616 | ---- | C] (Brother Industries,Ltd) -- C:\windows\SysNative\Brnsplg.dll [2011.10.24 13:45:05 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysWow64\BroSNMP.dll [2011.10.24 13:45:05 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2.dll [2011.10.24 13:45:05 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2L.dll [2011.10.24 13:45:05 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\windows\SysWow64\BrDctF2S.dll [2011.10.24 13:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother [2011.10.24 13:45:03 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\windows\SysNative\BrWia09b.dll [2011.10.24 13:44:58 | 000,167,936 | ---- | C] (brother) -- C:\windows\SysWow64\NSSearch.dll [2011.10.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\InstallShield [2011.10.24 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance [2011.10.24 13:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2011.10.24 13:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 11 [2011.10.24 13:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ScanSoft Shared [2011.10.24 13:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft [2011.10.24 13:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanSoft [2011.10.24 13:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2011.10.21 08:50:35 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\skypePM [2011.10.21 08:49:34 | 000,000,000 | ---D | C] -- C:\Users\Eddy\AppData\Roaming\Skype ========== Files - Modified Within 30 Days ========== [2011.11.18 22:06:35 | 000,000,000 | ---- | M] () -- C:\Users\Eddy\defogger_reenable [2011.11.18 21:00:50 | 001,529,582 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2011.11.18 21:00:50 | 000,667,478 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2011.11.18 21:00:50 | 000,627,984 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2011.11.18 21:00:50 | 000,134,308 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2011.11.18 21:00:50 | 000,110,594 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2011.11.18 20:57:12 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011.11.18 06:15:53 | 000,013,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.18 06:15:53 | 000,013,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.18 06:09:13 | 000,000,031 | ---- | M] () -- C:\tmuninst.ini [2011.11.18 06:07:35 | 3148,226,560 | -HS- | M] () -- C:\hiberfil.sys [2011.11.10 06:07:24 | 000,322,456 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2011.10.26 21:42:52 | 001,560,176 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.10.24 13:47:43 | 000,002,142 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk [2011.10.24 13:47:20 | 000,000,236 | ---- | M] () -- C:\windows\Brpfx04a.ini [2011.10.24 13:47:20 | 000,000,093 | ---- | M] () -- C:\windows\brpcfx.ini [2011.10.24 13:46:15 | 000,000,425 | ---- | M] () -- C:\windows\BRWMARK.INI [2011.10.24 13:46:15 | 000,000,027 | ---- | M] () -- C:\windows\BRPP2KA.INI [2011.10.24 13:45:27 | 000,000,066 | ---- | M] () -- C:\windows\Brfaxrx.ini [2011.10.24 13:45:27 | 000,000,050 | ---- | M] () -- C:\windows\SysNative\bridf09d.dat [2011.10.21 08:50:36 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat ========== Files Created - No Company Name ========== [2011.11.18 22:06:35 | 000,000,000 | ---- | C] () -- C:\Users\Eddy\defogger_reenable [2011.10.30 19:31:40 | 000,087,040 | ---- | C] () -- C:\windows\SysNative\pdfcmnnt.dll [2011.10.27 17:43:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.10.25 20:50:27 | 001,560,176 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.10.24 13:47:43 | 000,002,142 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk [2011.10.24 13:47:20 | 000,000,236 | ---- | C] () -- C:\windows\Brpfx04a.ini [2011.10.24 13:47:20 | 000,000,093 | ---- | C] () -- C:\windows\brpcfx.ini [2011.10.24 13:46:15 | 000,000,425 | ---- | C] () -- C:\windows\BRWMARK.INI [2011.10.24 13:46:15 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI [2011.10.24 13:45:27 | 000,000,050 | ---- | C] () -- C:\windows\SysNative\bridf09d.dat [2011.10.24 13:45:16 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\BrMuSNMP.dll [2011.10.24 13:45:16 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini [2011.10.24 13:45:15 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat [2011.10.24 13:45:14 | 000,143,360 | ---- | C] () -- C:\windows\SysNative\BrSNMP64.dll [2011.10.24 13:39:28 | 000,031,864 | ---- | C] () -- C:\windows\maxlink.ini [2011.10.21 08:50:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.05.10 16:03:41 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll [2011.05.10 16:03:19 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin [2011.05.10 16:03:19 | 000,207,376 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin [2011.05.10 16:03:19 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin [2011.05.10 16:03:18 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2011.05.10 16:02:03 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini [2011.05.10 16:02:00 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini [2011.05.10 16:02:00 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini [2011.05.10 16:02:00 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini [2011.05.10 16:02:00 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini [2011.05.10 16:02:00 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini [2011.05.10 16:02:00 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini [2011.05.10 13:55:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2011.05.10 13:48:47 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat [2011.05.10 13:44:31 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll [2011.03.21 03:49:03 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin [2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin [2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin [2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.10.14 16:59:58 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\DigitalPersona [2011.10.30 19:31:42 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\pdfforge [2011.10.26 21:41:13 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\SoftGrid Client [2011.10.15 15:55:54 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\The Creative Assembly [2011.10.25 20:51:04 | 000,000,000 | ---D | M] -- C:\Users\Eddy\AppData\Roaming\TP [2009.07.14 06:08:49 | 000,026,040 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.10.14 17:01:05 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.05.10 14:12:19 | 000,000,000 | ---D | M] -- C:\Apps [2009.04.28 17:27:08 | 000,000,000 | -HSD | M] -- C:\Boot [2011.10.14 16:56:50 | 000,000,000 | ---D | M] -- C:\Dell [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.10.14 16:59:24 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.05.10 13:43:54 | 000,000,000 | ---D | M] -- C:\Intel [2011.05.10 13:45:28 | 000,000,000 | ---D | M] -- C:\logs [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.10.25 20:50:13 | 000,000,000 | R--D | M] -- C:\Program Files [2011.11.18 20:01:47 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.11.18 19:58:45 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.10.14 16:59:24 | 000,000,000 | -HSD | M] -- C:\Programme [2011.05.10 14:18:45 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.11.18 22:12:38 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.10.14 16:59:38 | 000,000,000 | R--D | M] -- C:\Users [2011.10.24 13:47:20 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2011.03.21 03:52:40 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2011.03.21 03:58:53 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.03.21 03:52:40 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe [2011.03.21 03:50:26 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2011.03.21 03:58:53 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2011.03.21 03:50:26 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2011.03.21 03:58:53 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2011.03.21 03:50:26 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2011.03.21 03:58:53 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.03.21 03:52:40 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe [2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2011.03.21 03:50:26 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [2011.03.21 03:52:40 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\windows\SysNative\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\windows\SysNative\winlogon.exe [2011.03.21 03:58:53 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > |
|
20.11.2011, 13:36
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Email Account gehackt, Trojaner installiert? Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ |
|
20.11.2011, 18:23
| #3 |
| | Email Account gehackt, Trojaner installiert? Hier die logs von malwarebyte und ESET.
__________________Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8199 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 20.11.2011 16:02:05 mbam-log-2011-11-20 (16-02-05).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|Q:\|) Durchsuchte Objekte: 377531 Laufzeit: 49 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internet# version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=cbc486693c9d3c4d85c830e8dcee92f5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-20 05:19:22 # local_time=2011-11-20 06:19:22 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=512 16777215 100 0 16770826 16770826 0 0 # compatibility_mode=5893 16776573 100 94 8013 73434205 0 0 # compatibility_mode=8192 67108863 100 0 6315 6315 0 0 # scanned=217231 # found=0 # cleaned=0 # scan_time=5207 |
|
21.11.2011, 10:04
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Email Account gehackt, Trojaner installiert? Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.11.2011, 11:15
| #5 |
| | Email Account gehackt, Trojaner installiert? Nein dort ist nur diese eine Logdatei. Habe den vollständigen Suchlauf ausgeführt. Sollte es noch weitere Logdateien geben? |
|
21.11.2011, 11:44
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Email Account gehackt, Trojaner installiert? Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Email Account gehackt, Trojaner installiert? |
|
21.11.2011, 12:02
| #7 |
| | Email Account gehackt, Trojaner installiert? Hier das logfile 11:57:41.0264 4128 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50 11:57:42.0009 4128 ============================================================ 11:57:42.0009 4128 Current date / time: 2011/11/21 11:57:42.0009 11:57:42.0009 4128 SystemInfo: 11:57:42.0009 4128 11:57:42.0009 4128 OS Version: 6.1.7600 ServicePack: 0.0 11:57:42.0009 4128 Product type: Workstation 11:57:42.0009 4128 ComputerName: EDDY-PC 11:57:42.0009 4128 UserName: Eddy 11:57:42.0009 4128 Windows directory: C:\windows 11:57:42.0009 4128 System windows directory: C:\windows 11:57:42.0009 4128 Running under WOW64 11:57:42.0009 4128 Processor architecture: Intel x64 11:57:42.0009 4128 Number of processors: 4 11:57:42.0009 4128 Page size: 0x1000 11:57:42.0009 4128 Boot type: Normal boot 11:57:42.0009 4128 ============================================================ 11:57:42.0438 4128 Initialize success 11:58:36.0749 5776 ============================================================ 11:58:36.0749 5776 Scan started 11:58:36.0749 5776 Mode: Manual; SigCheck; TDLFS; 11:58:36.0749 5776 ============================================================ 11:58:37.0349 5776 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys 11:58:37.0462 5776 1394ohci - ok 11:58:37.0739 5776 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\windows\system32\DRIVERS\Accelern.sys 11:58:37.0780 5776 Acceler - ok 11:58:38.0075 5776 ACPI (794ff35015209b9d44f1360c42c9776d) C:\windows\system32\DRIVERS\ACPI.sys 11:58:38.0120 5776 ACPI - ok 11:58:38.0390 5776 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 11:58:38.0455 5776 AcpiPmi - ok 11:58:38.0749 5776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 11:58:38.0796 5776 adp94xx - ok 11:58:39.0077 5776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 11:58:39.0121 5776 adpahci - ok 11:58:39.0389 5776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 11:58:39.0426 5776 adpu320 - ok 11:58:39.0738 5776 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys 11:58:39.0822 5776 AFD - ok 11:58:40.0090 5776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 11:58:40.0122 5776 agp440 - ok 11:58:40.0421 5776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 11:58:40.0449 5776 aliide - ok 11:58:40.0742 5776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 11:58:40.0771 5776 amdide - ok 11:58:41.0052 5776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 11:58:41.0112 5776 AmdK8 - ok 11:58:41.0609 5776 amdkmdag (b797496bca3bce8020f1cb573e0e5993) C:\windows\system32\DRIVERS\atikmdag.sys 11:58:41.0858 5776 amdkmdag - ok 11:58:42.0168 5776 amdkmdap (1ba2b45e0fdce093ec27bd11b3194861) C:\windows\system32\DRIVERS\atikmpag.sys 11:58:42.0239 5776 amdkmdap - ok 11:58:42.0513 5776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 11:58:42.0573 5776 AmdPPM - ok 11:58:42.0857 5776 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys 11:58:42.0889 5776 amdsata - ok 11:58:43.0156 5776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 11:58:43.0193 5776 amdsbs - ok 11:58:43.0466 5776 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys 11:58:43.0496 5776 amdxata - ok 11:58:43.0782 5776 ApfiltrService (7380b9072ebc65a54da3074e14bf34b9) C:\windows\system32\DRIVERS\Apfiltr.sys 11:58:43.0819 5776 ApfiltrService - ok 11:58:44.0104 5776 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 11:58:44.0189 5776 AppID - ok 11:58:44.0473 5776 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 11:58:44.0504 5776 arc - ok 11:58:44.0772 5776 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 11:58:44.0805 5776 arcsas - ok 11:58:45.0077 5776 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\windows\system32\drivers\aswFsBlk.sys 11:58:45.0104 5776 aswFsBlk - ok 11:58:45.0366 5776 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\windows\system32\drivers\aswMonFlt.sys 11:58:45.0393 5776 aswMonFlt - ok 11:58:45.0676 5776 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\windows\system32\drivers\aswRdr.sys 11:58:45.0703 5776 aswRdr - ok 11:58:45.0997 5776 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\windows\system32\drivers\aswSnx.sys 11:58:46.0052 5776 aswSnx - ok 11:58:46.0318 5776 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\windows\system32\drivers\aswSP.sys 11:58:46.0354 5776 aswSP - ok 11:58:46.0614 5776 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\windows\system32\drivers\aswTdi.sys 11:58:46.0643 5776 aswTdi - ok 11:58:46.0888 5776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 11:58:46.0963 5776 AsyncMac - ok 11:58:47.0228 5776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 11:58:47.0257 5776 atapi - ok 11:58:47.0567 5776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 11:58:47.0641 5776 b06bdrv - ok 11:58:47.0921 5776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 11:58:47.0978 5776 b57nd60a - ok 11:58:48.0244 5776 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 11:58:48.0335 5776 Beep - ok 11:58:48.0617 5776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 11:58:48.0663 5776 blbdrive - ok 11:58:48.0974 5776 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys 11:58:49.0027 5776 bowser - ok 11:58:49.0290 5776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 11:58:49.0347 5776 BrFiltLo - ok 11:58:49.0603 5776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 11:58:49.0648 5776 BrFiltUp - ok 11:58:49.0909 5776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 11:58:49.0960 5776 Brserid - ok 11:58:50.0215 5776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 11:58:50.0273 5776 BrSerWdm - ok 11:58:50.0536 5776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 11:58:50.0598 5776 BrUsbMdm - ok 11:58:50.0867 5776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 11:58:50.0910 5776 BrUsbSer - ok 11:58:51.0194 5776 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys 11:58:51.0251 5776 BthEnum - ok 11:58:51.0521 5776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 11:58:51.0572 5776 BTHMODEM - ok 11:58:51.0830 5776 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys 11:58:51.0886 5776 BthPan - ok 11:58:52.0180 5776 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys 11:58:52.0250 5776 BTHPORT - ok 11:58:52.0522 5776 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys 11:58:52.0570 5776 BTHUSB - ok 11:58:52.0845 5776 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\windows\system32\DRIVERS\btmaux.sys 11:58:52.0872 5776 btmaux - ok 11:58:53.0165 5776 btmhsf (0c468d8da95be16bfdd380bb9de88259) C:\windows\system32\DRIVERS\btmhsf.sys 11:58:53.0206 5776 btmhsf - ok 11:58:53.0465 5776 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 11:58:53.0555 5776 cdfs - ok 11:58:53.0813 5776 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 11:58:53.0880 5776 cdrom - ok 11:58:54.0158 5776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 11:58:54.0203 5776 circlass - ok 11:58:54.0389 5776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 11:58:54.0435 5776 CLFS - ok 11:58:54.0589 5776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 11:58:54.0643 5776 CmBatt - ok 11:58:54.0895 5776 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 11:58:54.0925 5776 cmdide - ok 11:58:55.0179 5776 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 11:58:55.0235 5776 CNG - ok 11:58:55.0489 5776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 11:58:55.0518 5776 Compbatt - ok 11:58:55.0771 5776 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 11:58:55.0820 5776 CompositeBus - ok 11:58:56.0093 5776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 11:58:56.0124 5776 crcdisk - ok 11:58:56.0426 5776 CSC (4a6173c2279b498cd8f57cae504564cb) C:\windows\system32\drivers\csc.sys 11:58:56.0493 5776 CSC - ok 11:58:56.0805 5776 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\windows\system32\DRIVERS\CtClsFlt.sys 11:58:56.0858 5776 CtClsFlt - ok 11:58:57.0160 5776 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys 11:58:57.0209 5776 DfsC - ok 11:58:57.0482 5776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 11:58:57.0574 5776 discache - ok 11:58:57.0850 5776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 11:58:57.0880 5776 Disk - ok 11:58:58.0169 5776 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 11:58:58.0221 5776 drmkaud - ok 11:58:58.0506 5776 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys 11:58:58.0590 5776 DXGKrnl - ok 11:58:58.0936 5776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 11:58:59.0057 5776 ebdrv - ok 11:58:59.0344 5776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 11:58:59.0407 5776 elxstor - ok 11:58:59.0670 5776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 11:58:59.0729 5776 ErrDev - ok 11:59:00.0027 5776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 11:59:00.0142 5776 exfat - ok 11:59:00.0410 5776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 11:59:00.0510 5776 fastfat - ok 11:59:00.0820 5776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 11:59:00.0883 5776 fdc - ok 11:59:01.0155 5776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 11:59:01.0187 5776 FileInfo - ok 11:59:01.0439 5776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 11:59:01.0560 5776 Filetrace - ok 11:59:01.0819 5776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 11:59:01.0859 5776 flpydisk - ok 11:59:02.0106 5776 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 11:59:02.0147 5776 FltMgr - ok 11:59:02.0477 5776 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 11:59:02.0508 5776 FsDepends - ok 11:59:02.0763 5776 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 11:59:02.0793 5776 Fs_Rec - ok 11:59:03.0057 5776 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 11:59:03.0101 5776 fvevol - ok 11:59:03.0371 5776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 11:59:03.0404 5776 gagp30kx - ok 11:59:03.0646 5776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 11:59:03.0700 5776 hcw85cir - ok 11:59:03.0975 5776 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 11:59:04.0038 5776 HdAudAddService - ok 11:59:04.0296 5776 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 11:59:04.0351 5776 HDAudBus - ok 11:59:04.0606 5776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 11:59:04.0654 5776 HidBatt - ok 11:59:04.0919 5776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 11:59:04.0984 5776 HidBth - ok 11:59:05.0250 5776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 11:59:05.0307 5776 HidIr - ok 11:59:05.0594 5776 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 11:59:05.0642 5776 HidUsb - ok 11:59:05.0920 5776 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 11:59:05.0953 5776 HpSAMD - ok 11:59:06.0230 5776 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 11:59:06.0375 5776 HTTP - ok 11:59:06.0629 5776 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 11:59:06.0657 5776 hwpolicy - ok 11:59:06.0928 5776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 11:59:06.0967 5776 i8042prt - ok 11:59:07.0246 5776 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys 11:59:07.0289 5776 iaStor - ok 11:59:07.0586 5776 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys 11:59:07.0639 5776 iaStorV - ok 11:59:07.0909 5776 iBtFltCoex (fc85972037815fa7b413e790b426acb2) C:\windows\system32\DRIVERS\iBtFltCoex.sys 11:59:07.0954 5776 iBtFltCoex - ok 11:59:08.0508 5776 igfx (78527e6a4d78b1153925914c55872beb) C:\windows\system32\DRIVERS\igdkmd64.sys 11:59:08.0833 5776 igfx - ok 11:59:09.0097 5776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 11:59:09.0128 5776 iirsp - ok 11:59:09.0411 5776 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys 11:59:09.0457 5776 IntcDAud - ok 11:59:09.0717 5776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 11:59:09.0745 5776 intelide - ok 11:59:10.0252 5776 intelkmd (78527e6a4d78b1153925914c55872beb) C:\windows\system32\DRIVERS\igdpmd64.sys 11:59:10.0639 5776 intelkmd - ok 11:59:10.0899 5776 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 11:59:10.0947 5776 intelppm - ok 11:59:11.0196 5776 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 11:59:11.0314 5776 IpFilterDriver - ok 11:59:11.0568 5776 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 11:59:11.0614 5776 IPMIDRV - ok 11:59:11.0891 5776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 11:59:11.0980 5776 IPNAT - ok 11:59:12.0261 5776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 11:59:12.0312 5776 IRENUM - ok 11:59:12.0561 5776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 11:59:12.0590 5776 isapnp - ok 11:59:12.0839 5776 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 11:59:12.0878 5776 iScsiPrt - ok 11:59:13.0140 5776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 11:59:13.0170 5776 kbdclass - ok 11:59:13.0428 5776 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 11:59:13.0476 5776 kbdhid - ok 11:59:13.0736 5776 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 11:59:13.0770 5776 KSecDD - ok 11:59:14.0036 5776 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 11:59:14.0071 5776 KSecPkg - ok 11:59:14.0318 5776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 11:59:14.0422 5776 ksthunk - ok 11:59:14.0703 5776 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 11:59:14.0796 5776 lltdio - ok 11:59:15.0088 5776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 11:59:15.0122 5776 LSI_FC - ok 11:59:15.0391 5776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 11:59:15.0425 5776 LSI_SAS - ok 11:59:15.0694 5776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 11:59:15.0725 5776 LSI_SAS2 - ok 11:59:15.0991 5776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 11:59:16.0025 5776 LSI_SCSI - ok 11:59:16.0255 5776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 11:59:16.0354 5776 luafv - ok 11:59:16.0614 5776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 11:59:16.0645 5776 megasas - ok 11:59:16.0905 5776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 11:59:16.0947 5776 MegaSR - ok 11:59:17.0219 5776 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys 11:59:17.0245 5776 MEIx64 - ok 11:59:17.0532 5776 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 11:59:17.0618 5776 Modem - ok 11:59:17.0862 5776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 11:59:17.0920 5776 monitor - ok 11:59:18.0159 5776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 11:59:18.0189 5776 mouclass - ok 11:59:18.0440 5776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 11:59:18.0488 5776 mouhid - ok 11:59:18.0722 5776 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 11:59:18.0753 5776 mountmgr - ok 11:59:18.0837 5776 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 11:59:18.0872 5776 mpio - ok 11:59:19.0125 5776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 11:59:19.0233 5776 mpsdrv - ok 11:59:19.0500 5776 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 11:59:19.0561 5776 MRxDAV - ok 11:59:19.0824 5776 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys 11:59:19.0872 5776 mrxsmb - ok 11:59:20.0135 5776 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys 11:59:20.0194 5776 mrxsmb10 - ok 11:59:20.0454 5776 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys 11:59:20.0505 5776 mrxsmb20 - ok 11:59:20.0766 5776 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\windows\system32\DRIVERS\msahci.sys 11:59:20.0796 5776 msahci - ok 11:59:21.0049 5776 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 11:59:21.0085 5776 msdsm - ok 11:59:21.0368 5776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 11:59:21.0454 5776 Msfs - ok 11:59:21.0706 5776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 11:59:21.0793 5776 mshidkmdf - ok 11:59:22.0054 5776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 11:59:22.0082 5776 msisadrv - ok 11:59:22.0350 5776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 11:59:22.0421 5776 MSKSSRV - ok 11:59:22.0655 5776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 11:59:22.0725 5776 MSPCLOCK - ok 11:59:22.0977 5776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 11:59:23.0071 5776 MSPQM - ok 11:59:23.0318 5776 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 11:59:23.0365 5776 MsRPC - ok 11:59:23.0399 5776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 11:59:23.0408 5776 mssmbios - ok 11:59:23.0662 5776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 11:59:23.0741 5776 MSTEE - ok 11:59:23.0992 5776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 11:59:24.0039 5776 MTConfig - ok 11:59:24.0300 5776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 11:59:24.0332 5776 Mup - ok 11:59:24.0635 5776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 11:59:24.0715 5776 NativeWifiP - ok 11:59:25.0012 5776 NDIS (a3151b3463eea7e47f618f115d0d142e) C:\windows\system32\drivers\ndis.sys 11:59:25.0096 5776 NDIS - ok 11:59:25.0364 5776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 11:59:25.0461 5776 NdisCap - ok 11:59:25.0727 5776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 11:59:25.0785 5776 NdisTapi - ok 11:59:26.0039 5776 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 11:59:26.0135 5776 Ndisuio - ok 11:59:26.0399 5776 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 11:59:26.0493 5776 NdisWan - ok 11:59:26.0739 5776 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 11:59:26.0846 5776 NDProxy - ok 11:59:27.0113 5776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 11:59:27.0213 5776 NetBIOS - ok 11:59:27.0588 5776 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 11:59:27.0692 5776 NetBT - ok 11:59:28.0176 5776 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\windows\system32\DRIVERS\NETwNs64.sys 11:59:28.0667 5776 NETwNs64 - ok 11:59:28.0940 5776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 11:59:28.0970 5776 nfrd960 - ok 11:59:29.0245 5776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 11:59:29.0354 5776 Npfs - ok 11:59:29.0617 5776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 11:59:29.0725 5776 nsiproxy - ok 11:59:30.0020 5776 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys 11:59:30.0130 5776 Ntfs - ok 11:59:30.0394 5776 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 11:59:30.0461 5776 Null - ok 11:59:30.0546 5776 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys 11:59:30.0581 5776 nusb3hub - ok 11:59:30.0861 5776 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys 11:59:30.0913 5776 nusb3xhc - ok 11:59:31.0188 5776 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys 11:59:31.0223 5776 nvraid - ok 11:59:31.0505 5776 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys 11:59:31.0541 5776 nvstor - ok 11:59:31.0820 5776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 11:59:31.0857 5776 nv_agp - ok 11:59:32.0121 5776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 11:59:32.0169 5776 ohci1394 - ok 11:59:32.0461 5776 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 11:59:32.0501 5776 Parport - ok 11:59:32.0753 5776 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 11:59:32.0785 5776 partmgr - ok 11:59:32.0972 5776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 11:59:33.0021 5776 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 11:59:33.0292 5776 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 11:59:33.0327 5776 pci - ok 11:59:33.0578 5776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 11:59:33.0607 5776 pciide - ok 11:59:33.0867 5776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 11:59:33.0907 5776 pcmcia - ok 11:59:34.0165 5776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 11:59:34.0196 5776 pcw - ok 11:59:34.0457 5776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 11:59:34.0591 5776 PEAUTH - ok 11:59:34.0886 5776 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 11:59:34.0961 5776 PptpMiniport - ok 11:59:35.0215 5776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 11:59:35.0263 5776 Processor - ok 11:59:35.0542 5776 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 11:59:35.0622 5776 Psched - ok 11:59:35.0886 5776 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys 11:59:35.0913 5776 PxHlpa64 - ok 11:59:36.0195 5776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 11:59:36.0279 5776 ql2300 - ok 11:59:36.0539 5776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 11:59:36.0574 5776 ql40xx - ok 11:59:36.0827 5776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 11:59:36.0891 5776 QWAVEdrv - ok 11:59:37.0149 5776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 11:59:37.0237 5776 RasAcd - ok 11:59:37.0528 5776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 11:59:37.0600 5776 RasAgileVpn - ok 11:59:37.0845 5776 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 11:59:37.0951 5776 Rasl2tp - ok 11:59:38.0217 5776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 11:59:38.0326 5776 RasPppoe - ok 11:59:38.0591 5776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 11:59:38.0705 5776 RasSstp - ok 11:59:38.0974 5776 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 11:59:39.0046 5776 rdbss - ok 11:59:39.0308 5776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 11:59:39.0363 5776 rdpbus - ok 11:59:39.0622 5776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 11:59:39.0700 5776 RDPCDD - ok 11:59:39.0967 5776 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\windows\system32\drivers\rdpdr.sys 11:59:40.0016 5776 RDPDR - ok 11:59:40.0282 5776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 11:59:40.0361 5776 RDPENCDD - ok 11:59:40.0612 5776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 11:59:40.0708 5776 RDPREFMP - ok 11:59:40.0971 5776 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 11:59:41.0088 5776 RDPWD - ok 11:59:41.0353 5776 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 11:59:41.0391 5776 rdyboost - ok 11:59:41.0707 5776 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys 11:59:41.0766 5776 RFCOMM - ok 11:59:42.0047 5776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 11:59:42.0151 5776 rspndr - ok 11:59:42.0462 5776 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys 11:59:42.0498 5776 RSUSBSTOR - ok 11:59:42.0776 5776 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys 11:59:42.0820 5776 RTL8167 - ok 11:59:43.0080 5776 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\windows\system32\DRIVERS\vms3cap.sys 11:59:43.0129 5776 s3cap - ok 11:59:43.0388 5776 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 11:59:43.0422 5776 sbp2port - ok 11:59:43.0673 5776 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 11:59:43.0772 5776 scfilter - ok 11:59:44.0047 5776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 11:59:44.0136 5776 secdrv - ok 11:59:44.0406 5776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 11:59:44.0450 5776 Serenum - ok 11:59:44.0721 5776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 11:59:44.0778 5776 Serial - ok 11:59:45.0042 5776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 11:59:45.0094 5776 sermouse - ok 11:59:45.0376 5776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 11:59:45.0420 5776 sffdisk - ok 11:59:45.0682 5776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 11:59:45.0728 5776 sffp_mmc - ok 11:59:45.0987 5776 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys 11:59:46.0024 5776 sffp_sd - ok 11:59:46.0276 5776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 11:59:46.0328 5776 sfloppy - ok 11:59:46.0614 5776 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\windows\system32\DRIVERS\Sftfslh.sys 11:59:46.0682 5776 Sftfs - ok 11:59:46.0950 5776 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\windows\system32\DRIVERS\Sftplaylh.sys 11:59:46.0986 5776 Sftplay - ok 11:59:47.0255 5776 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\windows\system32\DRIVERS\Sftredirlh.sys 11:59:47.0280 5776 Sftredir - ok 11:59:47.0541 5776 Sftvol (393b22addd89979eb1c60898f51c3648) C:\windows\system32\DRIVERS\Sftvollh.sys 11:59:47.0566 5776 Sftvol - ok 11:59:47.0862 5776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 11:59:47.0892 5776 SiSRaid2 - ok 11:59:48.0146 5776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 11:59:48.0178 5776 SiSRaid4 - ok 11:59:48.0455 5776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 11:59:48.0567 5776 Smb - ok 11:59:48.0856 5776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 11:59:48.0886 5776 spldr - ok 11:59:49.0175 5776 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys 11:59:49.0243 5776 srv - ok 11:59:49.0519 5776 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys 11:59:49.0588 5776 srv2 - ok 11:59:49.0865 5776 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys 11:59:49.0917 5776 srvnet - ok 11:59:50.0216 5776 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\windows\system32\DRIVERS\stdcfltn.sys 11:59:50.0243 5776 stdcfltn - ok 11:59:50.0532 5776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 11:59:50.0562 5776 stexstor - ok 11:59:50.0862 5776 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys 11:59:50.0924 5776 STHDA - ok 11:59:51.0195 5776 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys 11:59:51.0247 5776 StillCam - ok 11:59:51.0534 5776 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\windows\system32\DRIVERS\vmstorfl.sys 11:59:51.0565 5776 storflt - ok 11:59:51.0839 5776 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\windows\system32\DRIVERS\storvsc.sys 11:59:51.0869 5776 storvsc - ok 11:59:52.0122 5776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 11:59:52.0151 5776 swenum - ok 11:59:52.0507 5776 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys 11:59:52.0605 5776 Tcpip - ok 11:59:52.0928 5776 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys 11:59:52.0974 5776 TCPIP6 - ok 11:59:53.0235 5776 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 11:59:53.0334 5776 tcpipreg - ok 11:59:53.0583 5776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 11:59:53.0690 5776 TDPIPE - ok 11:59:53.0955 5776 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 11:59:54.0037 5776 TDTCP - ok 11:59:54.0297 5776 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 11:59:54.0394 5776 tdx - ok 11:59:54.0653 5776 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 11:59:54.0684 5776 TermDD - ok 11:59:54.0940 5776 TmFilter (2d5adaf5bf9f3eb97bda7c250a638ebf) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys 11:59:54.0985 5776 TmFilter - ok 11:59:55.0278 5776 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\windows\system32\DRIVERS\tmlwf.sys 11:59:55.0311 5776 tmlwf - ok 11:59:55.0525 5776 TmPreFilter (3dc786f0a14a6262c3f0f366b34f687f) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys 11:59:55.0550 5776 TmPreFilter - ok 11:59:55.0848 5776 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\windows\system32\DRIVERS\tmtdi.sys 11:59:55.0877 5776 tmtdi - ok 11:59:56.0146 5776 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\windows\system32\DRIVERS\tmwfp.sys 11:59:56.0192 5776 tmwfp - ok 11:59:56.0471 5776 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 11:59:56.0558 5776 tssecsrv - ok 11:59:56.0835 5776 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 11:59:56.0918 5776 tunnel - ok 11:59:57.0188 5776 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys 11:59:57.0215 5776 TurboB - ok 11:59:57.0475 5776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 11:59:57.0508 5776 uagp35 - ok 11:59:57.0771 5776 udfs (31ba4a33afab6a69ea092b18017f737f) C:\windows\system32\DRIVERS\udfs.sys 11:59:57.0828 5776 udfs - ok 11:59:58.0106 5776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 11:59:58.0137 5776 uliagpkx - ok 11:59:58.0387 5776 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 11:59:58.0434 5776 umbus - ok 11:59:58.0691 5776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 11:59:58.0737 5776 UmPass - ok 11:59:59.0023 5776 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys 11:59:59.0081 5776 usbccgp - ok 11:59:59.0357 5776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 11:59:59.0415 5776 usbcir - ok 11:59:59.0691 5776 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\drivers\usbehci.sys 11:59:59.0741 5776 usbehci - ok 12:00:00.0023 5776 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys 12:00:00.0084 5776 usbhub - ok 12:00:00.0348 5776 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\drivers\usbohci.sys 12:00:00.0395 5776 usbohci - ok 12:00:00.0662 5776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 12:00:00.0707 5776 usbprint - ok 12:00:00.0964 5776 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS 12:00:01.0014 5776 USBSTOR - ok 12:00:01.0287 5776 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys 12:00:01.0331 5776 usbuhci - ok 12:00:01.0615 5776 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys 12:00:01.0669 5776 usbvideo - ok 12:00:01.0979 5776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 12:00:02.0009 5776 vdrvroot - ok 12:00:02.0309 5776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 12:00:02.0355 5776 vga - ok 12:00:02.0630 5776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 12:00:02.0731 5776 VgaSave - ok 12:00:03.0001 5776 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 12:00:03.0038 5776 vhdmp - ok 12:00:03.0295 5776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 12:00:03.0327 5776 viaide - ok 12:00:03.0583 5776 vmbus (1501699d7eda984abc4155a7da5738d1) C:\windows\system32\DRIVERS\vmbus.sys 12:00:03.0623 5776 vmbus - ok 12:00:03.0879 5776 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\windows\system32\DRIVERS\VMBusHID.sys 12:00:03.0927 5776 VMBusHID - ok 12:00:04.0188 5776 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 12:00:04.0221 5776 volmgr - ok 12:00:04.0481 5776 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 12:00:04.0525 5776 volmgrx - ok 12:00:04.0786 5776 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 12:00:04.0829 5776 volsnap - ok 12:00:05.0131 5776 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\windows\system32\DRIVERS\vpchbus.sys 12:00:05.0173 5776 vpcbus - ok 12:00:05.0448 5776 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\windows\system32\DRIVERS\vpcnfltr.sys 12:00:05.0482 5776 vpcnfltr - ok 12:00:05.0756 5776 vpcusb (31924e31bc315773e6d149b157db46d5) C:\windows\system32\DRIVERS\vpcusb.sys 12:00:05.0794 5776 vpcusb - ok 12:00:06.0051 5776 vpcvmm (510d250a08c09850f5c78ca2011b3b62) C:\windows\system32\drivers\vpcvmm.sys 12:00:06.0098 5776 vpcvmm - ok 12:00:06.0380 5776 VSApiNt (742421e475fed2b000efb5bdad9cfeae) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys 12:00:06.0513 5776 VSApiNt - ok 12:00:06.0800 5776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 12:00:06.0841 5776 vsmraid - ok 12:00:07.0103 5776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 12:00:07.0152 5776 vwifibus - ok 12:00:07.0424 5776 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 12:00:07.0490 5776 vwififlt - ok 12:00:07.0753 5776 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys 12:00:07.0802 5776 vwifimp - ok 12:00:08.0067 5776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 12:00:08.0120 5776 WacomPen - ok 12:00:08.0395 5776 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 12:00:08.0495 5776 WANARP - ok 12:00:08.0498 5776 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 12:00:08.0530 5776 Wanarpv6 - ok 12:00:08.0821 5776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 12:00:08.0852 5776 Wd - ok 12:00:09.0116 5776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 12:00:09.0178 5776 Wdf01000 - ok 12:00:09.0457 5776 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\windows\system32\DRIVERS\WDKMD.sys 12:00:09.0485 5776 wdkmd - ok 12:00:09.0770 5776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 12:00:09.0858 5776 WfpLwf - ok 12:00:10.0102 5776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 12:00:10.0133 5776 WIMMount - ok 12:00:10.0450 5776 WinUSB (4d52c872018af7e18d078978dcc3f6f2) C:\windows\system32\DRIVERS\WinUSB.sys 12:00:10.0498 5776 WinUSB - ok 12:00:10.0778 5776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 12:00:10.0819 5776 WmiAcpi - ok 12:00:11.0118 5776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 12:00:11.0200 5776 ws2ifsl - ok 12:00:11.0466 5776 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\windows\system32\drivers\WudfPf.sys 12:00:11.0513 5776 WudfPf - ok 12:00:11.0783 5776 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\windows\system32\DRIVERS\WUDFRd.sys 12:00:11.0832 5776 WUDFRd - ok 12:00:12.0127 5776 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys 12:00:12.0196 5776 yukonw7 - ok 12:00:12.0262 5776 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 12:00:12.0487 5776 \Device\Harddisk0\DR0 - ok 12:00:12.0494 5776 Boot (0x1200) (de4cfc9a6bceac4db23f9f39b2598578) \Device\Harddisk0\DR0\Partition0 12:00:12.0496 5776 \Device\Harddisk0\DR0\Partition0 - ok 12:00:12.0521 5776 Boot (0x1200) (cb30233e1566a8beebee7c4916004825) \Device\Harddisk0\DR0\Partition1 12:00:12.0524 5776 \Device\Harddisk0\DR0\Partition1 - ok 12:00:12.0547 5776 Boot (0x1200) (25c3fdae1f52b4ef29acea9a3fb7492e) \Device\Harddisk0\DR0\Partition2 12:00:12.0550 5776 \Device\Harddisk0\DR0\Partition2 - ok 12:00:12.0575 5776 Boot (0x1200) (1053f5b693a80b72ffb301f36ae40b04) \Device\Harddisk0\DR0\Partition3 12:00:12.0578 5776 \Device\Harddisk0\DR0\Partition3 - ok 12:00:12.0579 5776 ============================================================ 12:00:12.0580 5776 Scan finished 12:00:12.0580 5776 ============================================================ 12:00:12.0601 4640 Detected object count: 0 12:00:12.0601 4640 Actual detected object count: 0 |
|
21.11.2011, 12:13
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Email Account gehackt, Trojaner installiert? Auch unauffällig. Passwort zum Mailacc wurde geändertn? Tritt das Problem noch auf?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.11.2011, 17:50
| #9 |
| | Email Account gehackt, Trojaner installiert? Ja das Passwort habe ich geändert. Ich wollte nur sicher gehen, dass das alte Passwort nicht über irgendwelche Trojaner oder ähnliches auf meinem Rechner ausgespäht wurde. Kann das Passwort auch über Bruteforce Attacken oder andere Methoden geknackt worden sein? Ich habe den Account heute wieder frei schalten lassen. Ich werde beobachten ob das Problem wieder auftritt oder nicht. |
|
| Themen zu Email Account gehackt, Trojaner installiert? |
| 64 bit system, 64-bit, adobe, autorun, bho, browser, c:\windows\system32\rundll32.exe, desktop, document, email, email account, error, excel, excel.exe, failed, flash player, format, helper, igdpmd64.sys, install.exe, ip-adresse, logfile, microsoft office starter 2010, microsoft office word, mozilla, plug-in, realtek, registry, required, rundll, scan, security, shell32.dll, shortcut, software, spam, studio, system, trojaner, usb, usb 2.0, usb 3.0, version=1.0, visual studio, webcheck, windows |
Linear-Darstellung
