Aus Sicherheitsgründen wurde ihr Windows-System blockiert

Snolki · 29.12.2011, 10:58

Hallo ihr lieben vom Trojaner Board,

hab mir gestern wunderbarerweise beim surfen mal wieder einen Trojaner eingefangen.

Es erscheint so ein schöner farbiger Bildschirm und dann oben genannte Notiz - Aus Sicherheitsgründen wurde ihr Windows System blockiert. Und dann ein Button Bezahlen und Herunterladen.
Hab mich hier auch ein wenig durchgelesen also auch schon das mit der OTL Datei im abgesicherten Modus gemacht.

Wäre super wenn ihr mir helfen könnt, allerdings bin ich ein Mädchen und dazu noch blond, also wenns geht antwortet für ganz doofe.

Achja, generell, wie kann ich mich davor schützen? Das ist jetzt der zweite, vor 3 Monaten hatte ich den "BKA"-Trojaner.. Bringt es was noch ein Benutzerprofil zu erstellen das keinerlei Rechte hat und wo ich für jede Installation erstmal das Admin-Passwort eingeben muss? Oder muss ich einfach damit leben? Wenn das passiert, war ich eigentlich auch immer nur auf den Seiten die ich täglich besuche, aber wenn die nachher eine schöne Werbung oder sowas ham die versucht ist, liegt das daran??
Hab übrigens das aktuellste G-Data das ich immer schön brav update, aber das hat mich weder vor dem BKA noch vor dem jetzt geschützt.

Egal, anbei die Dateien.

kira · 29.12.2011, 12:56

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Zitat:

Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems

Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Hast du es denn in der Hosts selbst eingetragen bzw absichtlich zugefügt? Wenn ja, warum?

Code:

ATTFilter

O1 - Hosts:   
O1 - Hosts: 127.0.0.1 nero.com 
O1 - Hosts: 127.0.0.1 www.nero.com 
O1 - Hosts: 127.0.0.1 activate.nero.com 
O1 - Hosts: 127.0.0.1 www.activate.nero.com 
O1 - Hosts: 127.0.0.1 nero.de 
O1 - Hosts: 127.0.0.1 www.nero.de 
O1 - Hosts: 127.0.0.1 activate.nero.de 
O1 - Hosts: 127.0.0.1 www.activate.nero.de

Das Programm Nero, hast Du legal erworben?

2.
TDSSKiller von Kaspersky

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
deaktiviere vorübergehend dein AntiVirus-Programm
Starte die TDSSKiller.exe durch Doppelklick.
Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
Bestätige das ggfs. mit Y(es).
Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.

Hier findest Du eine ausführlichere Anleitung.

3.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung/virus-protect.org

4.
Systemscan mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

5.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Snolki · 29.12.2011, 13:38

Punkt 1: Also beabsichtigt sind die Hosts da nicht drinne.
Was die Originalversion angeht.. Muss ich leider sagen das ich das nicht genau weiß. Habe den PC inclusive der meisten Programme nicht selbst installiert, und von welchen Programmen ich jetzt Originale hab oder nicht, kann ich auch nicht beurteilen, da alle meine Original-CDs derzeit ein paar Kilometer weiter weg an meinem andren Computer liegen. Ich glaube aber das bei meinem Laufwerk auch die Nero 10 CD dabei war und dann sollte das auch das Original sein.

2.

Code:

ATTFilter

13:29:15.0947 1544	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:29:15.0994 1544	============================================================
13:29:15.0994 1544	Current date / time: 2011/12/29 13:29:15.0994
13:29:15.0994 1544	SystemInfo:
13:29:15.0994 1544	
13:29:15.0994 1544	OS Version: 6.1.7601 ServicePack: 1.0
13:29:15.0994 1544	Product type: Workstation
13:29:15.0994 1544	ComputerName: LORDVOLDEMORT
13:29:15.0994 1544	UserName: Mangliniel
13:29:15.0994 1544	Windows directory: C:\Windows
13:29:15.0994 1544	System windows directory: C:\Windows
13:29:15.0994 1544	Running under WOW64
13:29:15.0994 1544	Processor architecture: Intel x64
13:29:15.0994 1544	Number of processors: 4
13:29:15.0994 1544	Page size: 0x1000
13:29:15.0994 1544	Boot type: Safe boot with network
13:29:15.0994 1544	============================================================
13:29:16.0571 1544	Initialize success
13:29:18.0506 2036	============================================================
13:29:18.0506 2036	Scan started
13:29:18.0506 2036	Mode: Manual; 
13:29:18.0506 2036	============================================================
13:29:18.0771 2036	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:29:18.0771 2036	1394ohci - ok
13:29:18.0787 2036	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:29:18.0787 2036	ACPI - ok
13:29:18.0802 2036	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:29:18.0802 2036	AcpiPmi - ok
13:29:18.0865 2036	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:29:18.0865 2036	adp94xx - ok
13:29:18.0880 2036	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:29:18.0896 2036	adpahci - ok
13:29:18.0911 2036	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:29:18.0911 2036	adpu320 - ok
13:29:18.0943 2036	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:29:18.0943 2036	AFD - ok
13:29:18.0974 2036	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:29:18.0974 2036	agp440 - ok
13:29:19.0021 2036	AiCharger       (a41b855edc1f141851e27f984827942c) C:\Windows\system32\DRIVERS\AiCharger.sys
13:29:19.0021 2036	AiCharger - ok
13:29:19.0036 2036	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:29:19.0036 2036	aliide - ok
13:29:19.0052 2036	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:29:19.0052 2036	amdide - ok
13:29:19.0067 2036	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:29:19.0067 2036	AmdK8 - ok
13:29:19.0067 2036	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:29:19.0083 2036	AmdPPM - ok
13:29:19.0099 2036	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:29:19.0099 2036	amdsata - ok
13:29:19.0114 2036	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:29:19.0114 2036	amdsbs - ok
13:29:19.0130 2036	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:29:19.0130 2036	amdxata - ok
13:29:19.0145 2036	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:29:19.0161 2036	AppID - ok
13:29:19.0208 2036	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:29:19.0208 2036	arc - ok
13:29:19.0223 2036	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:29:19.0223 2036	arcsas - ok
13:29:19.0255 2036	asmthub3        (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\DRIVERS\asmthub3.sys
13:29:19.0270 2036	asmthub3 - ok
13:29:19.0270 2036	asmtxhci        (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\DRIVERS\asmtxhci.sys
13:29:19.0270 2036	asmtxhci - ok
13:29:19.0301 2036	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:29:19.0301 2036	AsyncMac - ok
13:29:19.0317 2036	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:29:19.0317 2036	atapi - ok
13:29:19.0333 2036	AthBTPort       (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys
13:29:19.0333 2036	AthBTPort - ok
13:29:19.0348 2036	ATHDFU          (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys
13:29:19.0348 2036	ATHDFU - ok
13:29:19.0411 2036	athur           (c24a645aedbdf5fa0a23f7581c6f9c63) C:\Windows\system32\DRIVERS\athurx.sys
13:29:19.0442 2036	athur - ok
13:29:19.0535 2036	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:29:19.0535 2036	b06bdrv - ok
13:29:19.0567 2036	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:29:19.0567 2036	b57nd60a - ok
13:29:19.0629 2036	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:29:19.0629 2036	Beep - ok
13:29:19.0660 2036	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:29:19.0660 2036	blbdrive - ok
13:29:19.0738 2036	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:29:19.0738 2036	bowser - ok
13:29:19.0738 2036	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:29:19.0738 2036	BrFiltLo - ok
13:29:19.0754 2036	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:29:19.0754 2036	BrFiltUp - ok
13:29:19.0769 2036	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:29:19.0769 2036	Brserid - ok
13:29:19.0785 2036	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:29:19.0785 2036	BrSerWdm - ok
13:29:19.0785 2036	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:29:19.0785 2036	BrUsbMdm - ok
13:29:19.0801 2036	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:29:19.0801 2036	BrUsbSer - ok
13:29:19.0832 2036	BTATH_A2DP      (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys
13:29:19.0832 2036	BTATH_A2DP - ok
13:29:20.0113 2036	BTATH_BUS       (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\DRIVERS\btath_bus.sys
13:29:20.0113 2036	BTATH_BUS - ok
13:29:20.0144 2036	BTATH_HCRP      (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:29:20.0144 2036	BTATH_HCRP - ok
13:29:20.0159 2036	BTATH_LWFLT     (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:29:20.0159 2036	BTATH_LWFLT - ok
13:29:20.0175 2036	BTATH_RCP       (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys
13:29:20.0175 2036	BTATH_RCP - ok
13:29:20.0222 2036	BtFilter        (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys
13:29:20.0222 2036	BtFilter - ok
13:29:20.0269 2036	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:29:20.0269 2036	BthEnum - ok
13:29:20.0284 2036	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:29:20.0284 2036	BTHMODEM - ok
13:29:20.0300 2036	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:29:20.0300 2036	BthPan - ok
13:29:20.0315 2036	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:29:20.0315 2036	BTHPORT - ok
13:29:20.0347 2036	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:29:20.0347 2036	BTHUSB - ok
13:29:20.0362 2036	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:29:20.0362 2036	cdfs - ok
13:29:20.0393 2036	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:29:20.0393 2036	cdrom - ok
13:29:20.0393 2036	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:29:20.0393 2036	circlass - ok
13:29:20.0425 2036	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:29:20.0425 2036	CLFS - ok
13:29:20.0456 2036	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:29:20.0456 2036	CmBatt - ok
13:29:20.0471 2036	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:29:20.0471 2036	cmdide - ok
13:29:20.0487 2036	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:29:20.0487 2036	CNG - ok
13:29:20.0503 2036	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:29:20.0503 2036	Compbatt - ok
13:29:20.0534 2036	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:29:20.0534 2036	CompositeBus - ok
13:29:20.0549 2036	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:29:20.0549 2036	crcdisk - ok
13:29:20.0596 2036	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:29:20.0596 2036	DfsC - ok
13:29:20.0612 2036	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:29:20.0612 2036	discache - ok
13:29:20.0627 2036	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:29:20.0627 2036	Disk - ok
13:29:20.0643 2036	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:29:20.0643 2036	drmkaud - ok
13:29:20.0674 2036	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:29:20.0690 2036	DXGKrnl - ok
13:29:20.0737 2036	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:29:20.0799 2036	ebdrv - ok
13:29:20.0830 2036	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:29:20.0846 2036	elxstor - ok
13:29:20.0846 2036	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:29:20.0846 2036	ErrDev - ok
13:29:20.0861 2036	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:29:20.0861 2036	exfat - ok
13:29:20.0877 2036	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:29:20.0877 2036	fastfat - ok
13:29:20.0877 2036	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:29:20.0877 2036	fdc - ok
13:29:20.0893 2036	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:29:20.0893 2036	FileInfo - ok
13:29:20.0908 2036	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:29:20.0908 2036	Filetrace - ok
13:29:20.0924 2036	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:29:20.0924 2036	flpydisk - ok
13:29:20.0939 2036	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:29:20.0955 2036	FltMgr - ok
13:29:20.0971 2036	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:29:20.0971 2036	FsDepends - ok
13:29:21.0002 2036	fssfltr         (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
13:29:21.0002 2036	fssfltr - ok
13:29:21.0017 2036	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:29:21.0017 2036	Fs_Rec - ok
13:29:21.0049 2036	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:29:21.0049 2036	fvevol - ok
13:29:21.0049 2036	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:29:21.0049 2036	gagp30kx - ok
13:29:21.0064 2036	GDBehave        (70f2b7c787602c857525fd1939ef680a) C:\Windows\system32\drivers\GDBehave.sys
13:29:21.0064 2036	GDBehave - ok
13:29:21.0080 2036	GDMnIcpt        (185b4958bf8ccc6ffa0eea5c0e7f65f6) C:\Windows\system32\drivers\MiniIcpt.sys
13:29:21.0080 2036	GDMnIcpt - ok
13:29:21.0095 2036	GdNetMon        (d826b9c59de0b310c9e560763560d8f9) C:\Windows\system32\drivers\GdNetMon64.sys
13:29:21.0095 2036	GdNetMon - ok
13:29:21.0127 2036	GDPkIcpt        (a7dbc5e8767e70dbf59114f826d4b1b6) C:\Windows\system32\drivers\PktIcpt.sys
13:29:21.0142 2036	GDPkIcpt - ok
13:29:21.0158 2036	gdwfpcd         (a59e3e53fa5ba6355a300b31782d2e34) C:\Windows\system32\drivers\gdwfpcd64.sys
13:29:21.0158 2036	gdwfpcd - ok
13:29:21.0173 2036	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:29:21.0173 2036	GEARAspiWDM - ok
13:29:21.0236 2036	GRD             (e10baa2ea50e575bbef0c5080da088a4) C:\Windows\system32\drivers\GRD.sys
13:29:21.0236 2036	GRD - ok
13:29:21.0251 2036	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:29:21.0251 2036	hcw85cir - ok
13:29:21.0283 2036	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:29:21.0283 2036	HdAudAddService - ok
13:29:21.0298 2036	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:29:21.0298 2036	HDAudBus - ok
13:29:21.0298 2036	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:29:21.0298 2036	HidBatt - ok
13:29:21.0314 2036	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:29:21.0314 2036	HidBth - ok
13:29:21.0329 2036	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:29:21.0329 2036	HidIr - ok
13:29:21.0329 2036	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:29:21.0329 2036	HidUsb - ok
13:29:21.0361 2036	HookCentre      (3bcb98418bf3cffb152109d3b10b1c85) C:\Windows\system32\drivers\HookCentre.sys
13:29:21.0361 2036	HookCentre - ok
13:29:21.0376 2036	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:29:21.0376 2036	HpSAMD - ok
13:29:21.0392 2036	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:29:21.0407 2036	HTTP - ok
13:29:21.0423 2036	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:29:21.0423 2036	hwpolicy - ok
13:29:21.0439 2036	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:29:21.0439 2036	i8042prt - ok
13:29:21.0470 2036	iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
13:29:21.0470 2036	iaStor - ok
13:29:21.0517 2036	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:29:21.0517 2036	iaStorV - ok
13:29:21.0532 2036	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:29:21.0532 2036	iirsp - ok
13:29:21.0595 2036	IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
13:29:21.0641 2036	IntcAzAudAddService - ok
13:29:21.0673 2036	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:29:21.0673 2036	intelide - ok
13:29:21.0688 2036	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:29:21.0688 2036	intelppm - ok
13:29:21.0704 2036	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:29:21.0704 2036	IpFilterDriver - ok
13:29:21.0719 2036	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:29:21.0719 2036	IPMIDRV - ok
13:29:21.0735 2036	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:29:21.0735 2036	IPNAT - ok
13:29:21.0766 2036	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:29:21.0766 2036	IRENUM - ok
13:29:21.0782 2036	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:29:21.0782 2036	isapnp - ok
13:29:21.0797 2036	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:29:21.0797 2036	iScsiPrt - ok
13:29:21.0844 2036	JSWPSLWF        (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
13:29:21.0844 2036	JSWPSLWF - ok
13:29:21.0860 2036	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:29:21.0860 2036	kbdclass - ok
13:29:21.0875 2036	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:29:21.0875 2036	kbdhid - ok
13:29:21.0891 2036	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:29:21.0891 2036	KSecDD - ok
13:29:21.0907 2036	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:29:21.0907 2036	KSecPkg - ok
13:29:21.0922 2036	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:29:21.0922 2036	ksthunk - ok
13:29:21.0953 2036	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:29:21.0953 2036	lltdio - ok
13:29:21.0985 2036	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:29:21.0985 2036	LSI_FC - ok
13:29:22.0000 2036	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:29:22.0000 2036	LSI_SAS - ok
13:29:22.0016 2036	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:29:22.0016 2036	LSI_SAS2 - ok
13:29:22.0016 2036	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:29:22.0016 2036	LSI_SCSI - ok
13:29:22.0031 2036	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:29:22.0031 2036	luafv - ok
13:29:22.0047 2036	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:29:22.0047 2036	megasas - ok
13:29:22.0078 2036	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:29:22.0078 2036	MegaSR - ok
13:29:22.0094 2036	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
13:29:22.0094 2036	MEIx64 - ok
13:29:22.0109 2036	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:29:22.0109 2036	Modem - ok
13:29:22.0141 2036	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:29:22.0141 2036	monitor - ok
13:29:22.0141 2036	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:29:22.0141 2036	mouclass - ok
13:29:22.0156 2036	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:29:22.0156 2036	mouhid - ok
13:29:22.0172 2036	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:29:22.0172 2036	mountmgr - ok
13:29:22.0203 2036	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:29:22.0203 2036	mpio - ok
13:29:22.0203 2036	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:29:22.0203 2036	mpsdrv - ok
13:29:22.0219 2036	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:29:22.0219 2036	MRxDAV - ok
13:29:22.0234 2036	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:29:22.0234 2036	mrxsmb - ok
13:29:22.0265 2036	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:29:22.0265 2036	mrxsmb10 - ok
13:29:22.0281 2036	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:29:22.0281 2036	mrxsmb20 - ok
13:29:22.0297 2036	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:29:22.0297 2036	msahci - ok
13:29:22.0312 2036	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:29:22.0312 2036	msdsm - ok
13:29:22.0328 2036	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:29:22.0328 2036	Msfs - ok
13:29:22.0343 2036	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:29:22.0343 2036	mshidkmdf - ok
13:29:22.0343 2036	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:29:22.0343 2036	msisadrv - ok
13:29:22.0375 2036	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:29:22.0375 2036	MSKSSRV - ok
13:29:22.0375 2036	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:29:22.0375 2036	MSPCLOCK - ok
13:29:22.0390 2036	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:29:22.0390 2036	MSPQM - ok
13:29:22.0421 2036	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:29:22.0421 2036	MsRPC - ok
13:29:22.0437 2036	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:29:22.0437 2036	mssmbios - ok
13:29:22.0453 2036	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:29:22.0453 2036	MSTEE - ok
13:29:22.0468 2036	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:29:22.0468 2036	MTConfig - ok
13:29:22.0468 2036	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:29:22.0468 2036	Mup - ok
13:29:22.0499 2036	mv91xx          (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
13:29:22.0499 2036	mv91xx - ok
13:29:22.0531 2036	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:29:22.0531 2036	NativeWifiP - ok
13:29:22.0546 2036	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:29:22.0562 2036	NDIS - ok
13:29:22.0562 2036	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:29:22.0577 2036	NdisCap - ok
13:29:22.0593 2036	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:29:22.0593 2036	NdisTapi - ok
13:29:22.0609 2036	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:29:22.0609 2036	Ndisuio - ok
13:29:22.0624 2036	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:29:22.0624 2036	NdisWan - ok
13:29:22.0640 2036	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:29:22.0640 2036	NDProxy - ok
13:29:22.0655 2036	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:29:22.0655 2036	NetBIOS - ok
13:29:22.0687 2036	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:29:22.0687 2036	NetBT - ok
13:29:22.0702 2036	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:29:22.0702 2036	nfrd960 - ok
13:29:22.0733 2036	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:29:22.0733 2036	Npfs - ok
13:29:22.0749 2036	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:29:22.0749 2036	nsiproxy - ok
13:29:22.0780 2036	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:29:22.0796 2036	Ntfs - ok
13:29:22.0827 2036	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:29:22.0827 2036	Null - ok
13:29:22.0858 2036	NVHDA           (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
13:29:22.0858 2036	NVHDA - ok
13:29:23.0061 2036	nvlddmkm        (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:29:23.0248 2036	nvlddmkm - ok
13:29:23.0279 2036	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:29:23.0279 2036	nvraid - ok
13:29:23.0295 2036	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:29:23.0295 2036	nvstor - ok
13:29:23.0311 2036	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:29:23.0311 2036	nv_agp - ok
13:29:23.0326 2036	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:29:23.0342 2036	ohci1394 - ok
13:29:23.0357 2036	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:29:23.0357 2036	Parport - ok
13:29:23.0373 2036	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:29:23.0373 2036	partmgr - ok
13:29:23.0389 2036	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:29:23.0389 2036	pci - ok
13:29:23.0404 2036	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:29:23.0404 2036	pciide - ok
13:29:23.0420 2036	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:29:23.0420 2036	pcmcia - ok
13:29:23.0420 2036	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:29:23.0420 2036	pcw - ok
13:29:23.0435 2036	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:29:23.0451 2036	PEAUTH - ok
13:29:23.0467 2036	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:29:23.0467 2036	PptpMiniport - ok
13:29:23.0482 2036	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:29:23.0482 2036	Processor - ok
13:29:23.0513 2036	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:29:23.0513 2036	Psched - ok
13:29:23.0545 2036	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:29:23.0560 2036	ql2300 - ok
13:29:23.0591 2036	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:29:23.0591 2036	ql40xx - ok
13:29:23.0607 2036	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:29:23.0607 2036	QWAVEdrv - ok
13:29:23.0623 2036	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:29:23.0623 2036	RasAcd - ok
13:29:23.0654 2036	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:29:23.0654 2036	RasAgileVpn - ok
13:29:23.0685 2036	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:29:23.0685 2036	Rasl2tp - ok
13:29:23.0701 2036	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:29:23.0701 2036	RasPppoe - ok
13:29:23.0701 2036	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:29:23.0701 2036	RasSstp - ok
13:29:23.0732 2036	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:29:23.0732 2036	rdbss - ok
13:29:23.0732 2036	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:29:23.0747 2036	rdpbus - ok
13:29:23.0763 2036	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:29:23.0763 2036	RDPCDD - ok
13:29:23.0779 2036	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:29:23.0794 2036	RDPENCDD - ok
13:29:23.0794 2036	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:29:23.0794 2036	RDPREFMP - ok
13:29:23.0810 2036	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:29:23.0810 2036	RDPWD - ok
13:29:23.0841 2036	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:29:23.0841 2036	rdyboost - ok
13:29:23.0872 2036	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:29:23.0872 2036	RFCOMM - ok
13:29:23.0888 2036	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:29:23.0888 2036	rspndr - ok
13:29:23.0919 2036	RTL8167         (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:29:23.0919 2036	RTL8167 - ok
13:29:23.0935 2036	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:29:23.0935 2036	sbp2port - ok
13:29:23.0966 2036	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:29:23.0966 2036	scfilter - ok
13:29:23.0997 2036	SCMNdisP        (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
13:29:23.0997 2036	SCMNdisP - ok
13:29:24.0028 2036	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:29:24.0028 2036	secdrv - ok
13:29:24.0059 2036	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:29:24.0059 2036	Serenum - ok
13:29:24.0059 2036	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:29:24.0059 2036	Serial - ok
13:29:24.0075 2036	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:29:24.0075 2036	sermouse - ok
13:29:24.0106 2036	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:29:24.0106 2036	sffdisk - ok
13:29:24.0122 2036	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:29:24.0122 2036	sffp_mmc - ok
13:29:24.0137 2036	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:29:24.0137 2036	sffp_sd - ok
13:29:24.0153 2036	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:29:24.0153 2036	sfloppy - ok
13:29:24.0169 2036	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:29:24.0169 2036	SiSRaid2 - ok
13:29:24.0169 2036	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:29:24.0169 2036	SiSRaid4 - ok
13:29:24.0184 2036	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:29:24.0184 2036	Smb - ok
13:29:24.0231 2036	snapman         (32cde417100c530964e79c53b4e994ca) C:\Windows\system32\DRIVERS\snapman.sys
13:29:24.0231 2036	snapman - ok
13:29:24.0262 2036	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:29:24.0262 2036	spldr - ok
13:29:24.0293 2036	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:29:24.0293 2036	srv - ok
13:29:24.0309 2036	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:29:24.0309 2036	srv2 - ok
13:29:24.0340 2036	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:29:24.0340 2036	srvnet - ok
13:29:24.0356 2036	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:29:24.0356 2036	stexstor - ok
13:29:24.0371 2036	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:29:24.0371 2036	swenum - ok
13:29:24.0387 2036	SysTool         (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\SysTool64.sys
13:29:24.0387 2036	SysTool - ok
13:29:24.0434 2036	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:29:24.0465 2036	Tcpip - ok
13:29:24.0481 2036	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:29:24.0481 2036	TCPIP6 - ok
13:29:24.0527 2036	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:29:24.0527 2036	tcpipreg - ok
13:29:24.0543 2036	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:29:24.0543 2036	TDPIPE - ok
13:29:24.0559 2036	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:29:24.0559 2036	TDTCP - ok
13:29:24.0574 2036	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:29:24.0574 2036	tdx - ok
13:29:24.0590 2036	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:29:24.0590 2036	TermDD - ok
13:29:24.0621 2036	timounter       (6adc063fd51f03ef0cab3e716a725bd2) C:\Windows\system32\DRIVERS\timntr.sys
13:29:24.0621 2036	timounter - ok
13:29:24.0683 2036	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:29:24.0683 2036	tssecsrv - ok
13:29:24.0715 2036	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:29:24.0715 2036	TsUsbFlt - ok
13:29:24.0746 2036	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:29:24.0746 2036	tunnel - ok
13:29:24.0746 2036	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:29:24.0746 2036	uagp35 - ok
13:29:24.0777 2036	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:29:24.0777 2036	udfs - ok
13:29:24.0808 2036	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:29:24.0808 2036	uliagpkx - ok
13:29:24.0824 2036	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:29:24.0824 2036	umbus - ok
13:29:24.0839 2036	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:29:24.0855 2036	UmPass - ok
13:29:24.0855 2036	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:29:24.0871 2036	usbccgp - ok
13:29:25.0136 2036	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:29:25.0136 2036	usbcir - ok
13:29:25.0151 2036	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:29:25.0151 2036	usbehci - ok
13:29:25.0183 2036	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:29:25.0183 2036	usbhub - ok
13:29:25.0198 2036	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:29:25.0198 2036	usbohci - ok
13:29:25.0214 2036	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:29:25.0214 2036	usbprint - ok
13:29:25.0245 2036	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:29:25.0245 2036	usbscan - ok
13:29:25.0261 2036	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:29:25.0261 2036	USBSTOR - ok
13:29:25.0276 2036	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:29:25.0276 2036	usbuhci - ok
13:29:25.0292 2036	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:29:25.0292 2036	vdrvroot - ok
13:29:25.0307 2036	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:29:25.0307 2036	vga - ok
13:29:25.0323 2036	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:29:25.0323 2036	VgaSave - ok
13:29:25.0354 2036	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:29:25.0354 2036	vhdmp - ok
13:29:25.0385 2036	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:29:25.0385 2036	viaide - ok
13:29:25.0401 2036	vididr          (96a4f56cbba3dcf5d90cda1bc218d040) C:\Windows\system32\DRIVERS\vididr.sys
13:29:25.0401 2036	vididr - ok
13:29:25.0432 2036	vidsflt53       (c69a784bec737cd7460ebf3c3834d65e) C:\Windows\system32\DRIVERS\vsflt53.sys
13:29:25.0432 2036	vidsflt53 - ok
13:29:25.0448 2036	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:29:25.0448 2036	volmgr - ok
13:29:25.0463 2036	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:29:25.0479 2036	volmgrx - ok
13:29:25.0495 2036	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:29:25.0495 2036	volsnap - ok
13:29:25.0526 2036	vpcbus          (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
13:29:25.0526 2036	vpcbus - ok
13:29:25.0541 2036	vpcnfltr        (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:29:25.0541 2036	vpcnfltr - ok
13:29:25.0557 2036	vpcusb          (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
13:29:25.0557 2036	vpcusb - ok
13:29:25.0604 2036	vpcvmm          (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
13:29:25.0604 2036	vpcvmm - ok
13:29:25.0635 2036	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:29:25.0635 2036	vsmraid - ok
13:29:25.0651 2036	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:29:25.0651 2036	vwifibus - ok
13:29:25.0666 2036	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:29:25.0666 2036	vwififlt - ok
13:29:25.0682 2036	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:29:25.0682 2036	WacomPen - ok
13:29:25.0697 2036	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:25.0697 2036	WANARP - ok
13:29:25.0697 2036	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:25.0697 2036	Wanarpv6 - ok
13:29:25.0713 2036	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:29:25.0713 2036	Wd - ok
13:29:25.0729 2036	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:29:25.0744 2036	Wdf01000 - ok
13:29:25.0760 2036	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:29:25.0760 2036	WfpLwf - ok
13:29:25.0760 2036	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:29:25.0760 2036	WIMMount - ok
13:29:25.0807 2036	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:29:25.0807 2036	WinUsb - ok
13:29:25.0822 2036	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:29:25.0838 2036	WmiAcpi - ok
13:29:25.0838 2036	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:29:25.0838 2036	ws2ifsl - ok
13:29:25.0869 2036	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:29:25.0869 2036	WudfPf - ok
13:29:25.0900 2036	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:29:25.0900 2036	WUDFRd - ok
13:29:25.0931 2036	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:29:25.0978 2036	\Device\Harddisk0\DR0 - ok
13:29:25.0978 2036	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
13:29:26.0368 2036	\Device\Harddisk2\DR2 - ok
13:29:26.0368 2036	Boot (0x1200)   (61100c80cf61a64eb55b2cb7ee690a22) \Device\Harddisk0\DR0\Partition0
13:29:26.0384 2036	\Device\Harddisk0\DR0\Partition0 - ok
13:29:26.0384 2036	Boot (0x1200)   (2588921edcaf35d2ab6ec5a327aaa1c9) \Device\Harddisk0\DR0\Partition1
13:29:26.0384 2036	\Device\Harddisk0\DR0\Partition1 - ok
13:29:26.0399 2036	Boot (0x1200)   (cac2d0bf57698bb1ff5b8c4155495abb) \Device\Harddisk0\DR0\Partition2
13:29:26.0399 2036	\Device\Harddisk0\DR0\Partition2 - ok
13:29:26.0415 2036	Boot (0x1200)   (81876f828bac6fa80a0e141bef9a4f8a) \Device\Harddisk2\DR2\Partition0
13:29:26.0415 2036	\Device\Harddisk2\DR2\Partition0 - ok
13:29:26.0415 2036	============================================================
13:29:26.0415 2036	Scan finished
13:29:26.0415 2036	============================================================
13:29:26.0415 1936	Detected object count: 0
13:29:26.0415 1936	Actual detected object count: 0
13:29:33.0123 2004	============================================================
13:29:33.0123 2004	Scan started
13:29:33.0123 2004	Mode: Manual; 
13:29:33.0123 2004	============================================================
13:29:33.0154 2004	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:29:33.0154 2004	1394ohci - ok
13:29:33.0170 2004	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:29:33.0170 2004	ACPI - ok
13:29:33.0201 2004	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:29:33.0201 2004	AcpiPmi - ok
13:29:33.0232 2004	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:29:33.0248 2004	adp94xx - ok
13:29:33.0248 2004	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:29:33.0248 2004	adpahci - ok
13:29:33.0264 2004	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:29:33.0264 2004	adpu320 - ok
13:29:33.0295 2004	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:29:33.0295 2004	AFD - ok
13:29:33.0326 2004	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:29:33.0326 2004	agp440 - ok
13:29:33.0357 2004	AiCharger       (a41b855edc1f141851e27f984827942c) C:\Windows\system32\DRIVERS\AiCharger.sys
13:29:33.0357 2004	AiCharger - ok
13:29:33.0451 2004	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:29:33.0451 2004	aliide - ok
13:29:33.0466 2004	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:29:33.0466 2004	amdide - ok
13:29:33.0482 2004	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:29:33.0482 2004	AmdK8 - ok
13:29:33.0498 2004	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:29:33.0498 2004	AmdPPM - ok
13:29:33.0513 2004	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:29:33.0513 2004	amdsata - ok
13:29:33.0529 2004	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:29:33.0529 2004	amdsbs - ok
13:29:33.0560 2004	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:29:33.0560 2004	amdxata - ok
13:29:33.0560 2004	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:29:33.0560 2004	AppID - ok
13:29:33.0576 2004	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:29:33.0576 2004	arc - ok
13:29:33.0591 2004	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:29:33.0591 2004	arcsas - ok
13:29:33.0888 2004	asmthub3        (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\DRIVERS\asmthub3.sys
13:29:33.0888 2004	asmthub3 - ok
13:29:33.0888 2004	asmtxhci        (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\DRIVERS\asmtxhci.sys
13:29:33.0888 2004	asmtxhci - ok
13:29:33.0903 2004	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:29:33.0903 2004	AsyncMac - ok
13:29:33.0919 2004	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:29:33.0919 2004	atapi - ok
13:29:33.0950 2004	AthBTPort       (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys
13:29:33.0950 2004	AthBTPort - ok
13:29:33.0966 2004	ATHDFU          (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys
13:29:33.0966 2004	ATHDFU - ok
13:29:34.0012 2004	athur           (c24a645aedbdf5fa0a23f7581c6f9c63) C:\Windows\system32\DRIVERS\athurx.sys
13:29:34.0028 2004	athur - ok
13:29:34.0044 2004	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:29:34.0044 2004	b06bdrv - ok
13:29:34.0044 2004	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:29:34.0044 2004	b57nd60a - ok
13:29:34.0075 2004	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:29:34.0075 2004	Beep - ok
13:29:34.0090 2004	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:29:34.0090 2004	blbdrive - ok
13:29:34.0122 2004	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:29:34.0122 2004	bowser - ok
13:29:34.0122 2004	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:29:34.0122 2004	BrFiltLo - ok
13:29:34.0153 2004	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:29:34.0153 2004	BrFiltUp - ok
13:29:34.0184 2004	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:29:34.0184 2004	Brserid - ok
13:29:34.0184 2004	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:29:34.0184 2004	BrSerWdm - ok
13:29:34.0184 2004	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:29:34.0184 2004	BrUsbMdm - ok
13:29:34.0200 2004	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:29:34.0200 2004	BrUsbSer - ok
13:29:34.0215 2004	BTATH_A2DP      (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys
13:29:34.0215 2004	BTATH_A2DP - ok
13:29:34.0231 2004	BTATH_BUS       (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\DRIVERS\btath_bus.sys
13:29:34.0231 2004	BTATH_BUS - ok
13:29:34.0246 2004	BTATH_HCRP      (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:29:34.0246 2004	BTATH_HCRP - ok
13:29:34.0262 2004	BTATH_LWFLT     (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:29:34.0262 2004	BTATH_LWFLT - ok
13:29:34.0278 2004	BTATH_RCP       (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys
13:29:34.0278 2004	BTATH_RCP - ok
13:29:34.0293 2004	BtFilter        (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys
13:29:34.0293 2004	BtFilter - ok
13:29:34.0309 2004	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:29:34.0309 2004	BthEnum - ok
13:29:34.0324 2004	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:29:34.0324 2004	BTHMODEM - ok
13:29:34.0340 2004	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:29:34.0340 2004	BthPan - ok
13:29:34.0356 2004	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:29:34.0356 2004	BTHPORT - ok
13:29:34.0371 2004	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:29:34.0371 2004	BTHUSB - ok
13:29:34.0387 2004	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:29:34.0387 2004	cdfs - ok
13:29:34.0402 2004	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:29:34.0402 2004	cdrom - ok
13:29:34.0402 2004	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:29:34.0402 2004	circlass - ok
13:29:34.0434 2004	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:29:34.0434 2004	CLFS - ok
13:29:34.0449 2004	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:29:34.0449 2004	CmBatt - ok
13:29:34.0465 2004	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:29:34.0465 2004	cmdide - ok
13:29:34.0496 2004	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:29:34.0496 2004	CNG - ok
13:29:34.0496 2004	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:29:34.0512 2004	Compbatt - ok
13:29:34.0527 2004	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:29:34.0527 2004	CompositeBus - ok
13:29:34.0527 2004	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:29:34.0527 2004	crcdisk - ok
13:29:34.0558 2004	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:29:34.0558 2004	DfsC - ok
13:29:34.0574 2004	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:29:34.0574 2004	discache - ok
13:29:34.0590 2004	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:29:34.0590 2004	Disk - ok
13:29:34.0621 2004	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:29:34.0621 2004	drmkaud - ok
13:29:34.0652 2004	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:29:34.0652 2004	DXGKrnl - ok
13:29:34.0699 2004	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:29:34.0714 2004	ebdrv - ok
13:29:34.0746 2004	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:29:34.0746 2004	elxstor - ok
13:29:34.0761 2004	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:29:34.0761 2004	ErrDev - ok
13:29:34.0777 2004	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:29:34.0777 2004	exfat - ok
13:29:34.0777 2004	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:29:34.0777 2004	fastfat - ok
13:29:34.0792 2004	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:29:34.0792 2004	fdc - ok
13:29:34.0808 2004	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:29:34.0808 2004	FileInfo - ok
13:29:34.0824 2004	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:29:34.0824 2004	Filetrace - ok
13:29:34.0824 2004	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:29:34.0824 2004	flpydisk - ok
13:29:34.0855 2004	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:29:34.0855 2004	FltMgr - ok
13:29:34.0870 2004	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:29:34.0870 2004	FsDepends - ok
13:29:34.0886 2004	fssfltr         (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
13:29:34.0886 2004	fssfltr - ok
13:29:34.0902 2004	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:29:34.0902 2004	Fs_Rec - ok
13:29:34.0933 2004	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:29:34.0933 2004	fvevol - ok
13:29:34.0933 2004	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:29:34.0933 2004	gagp30kx - ok
13:29:34.0948 2004	GDBehave        (70f2b7c787602c857525fd1939ef680a) C:\Windows\system32\drivers\GDBehave.sys
13:29:34.0964 2004	GDBehave - ok
13:29:34.0964 2004	GDMnIcpt        (185b4958bf8ccc6ffa0eea5c0e7f65f6) C:\Windows\system32\drivers\MiniIcpt.sys
13:29:34.0964 2004	GDMnIcpt - ok
13:29:34.0980 2004	GdNetMon        (d826b9c59de0b310c9e560763560d8f9) C:\Windows\system32\drivers\GdNetMon64.sys
13:29:34.0980 2004	GdNetMon - ok
13:29:35.0011 2004	GDPkIcpt        (a7dbc5e8767e70dbf59114f826d4b1b6) C:\Windows\system32\drivers\PktIcpt.sys
13:29:35.0011 2004	GDPkIcpt - ok
13:29:35.0026 2004	gdwfpcd         (a59e3e53fa5ba6355a300b31782d2e34) C:\Windows\system32\drivers\gdwfpcd64.sys
13:29:35.0026 2004	gdwfpcd - ok
13:29:35.0042 2004	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:29:35.0042 2004	GEARAspiWDM - ok
13:29:35.0073 2004	GRD             (e10baa2ea50e575bbef0c5080da088a4) C:\Windows\system32\drivers\GRD.sys
13:29:35.0073 2004	GRD - ok
13:29:35.0089 2004	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:29:35.0089 2004	hcw85cir - ok
13:29:35.0104 2004	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:29:35.0104 2004	HdAudAddService - ok
13:29:35.0120 2004	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:29:35.0120 2004	HDAudBus - ok
13:29:35.0120 2004	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:29:35.0120 2004	HidBatt - ok
13:29:35.0136 2004	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:29:35.0136 2004	HidBth - ok
13:29:35.0136 2004	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:29:35.0136 2004	HidIr - ok
13:29:35.0136 2004	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:29:35.0136 2004	HidUsb - ok
13:29:35.0167 2004	HookCentre      (3bcb98418bf3cffb152109d3b10b1c85) C:\Windows\system32\drivers\HookCentre.sys
13:29:35.0167 2004	HookCentre - ok
13:29:35.0182 2004	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:29:35.0182 2004	HpSAMD - ok
13:29:35.0214 2004	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:29:35.0214 2004	HTTP - ok
13:29:35.0229 2004	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:29:35.0229 2004	hwpolicy - ok
13:29:35.0245 2004	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:29:35.0245 2004	i8042prt - ok
13:29:35.0276 2004	iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
13:29:35.0292 2004	iaStor - ok
13:29:35.0307 2004	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:29:35.0307 2004	iaStorV - ok
13:29:35.0323 2004	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:29:35.0323 2004	iirsp - ok
13:29:35.0385 2004	IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
13:29:35.0385 2004	IntcAzAudAddService - ok
13:29:35.0401 2004	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:29:35.0401 2004	intelide - ok
13:29:35.0416 2004	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:29:35.0432 2004	intelppm - ok
13:29:35.0432 2004	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:29:35.0432 2004	IpFilterDriver - ok
13:29:35.0448 2004	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:29:35.0448 2004	IPMIDRV - ok
13:29:35.0463 2004	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:29:35.0463 2004	IPNAT - ok
13:29:35.0494 2004	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:29:35.0494 2004	IRENUM - ok
13:29:35.0510 2004	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:29:35.0510 2004	isapnp - ok
13:29:35.0526 2004	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:29:35.0526 2004	iScsiPrt - ok
13:29:35.0541 2004	JSWPSLWF        (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
13:29:35.0541 2004	JSWPSLWF - ok
13:29:35.0572 2004	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:29:35.0572 2004	kbdclass - ok
13:29:35.0572 2004	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:29:35.0572 2004	kbdhid - ok
13:29:35.0588 2004	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:29:35.0588 2004	KSecDD - ok
13:29:35.0604 2004	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:29:35.0604 2004	KSecPkg - ok
13:29:35.0619 2004	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:29:35.0619 2004	ksthunk - ok
13:29:35.0635 2004	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:29:35.0635 2004	lltdio - ok
13:29:35.0650 2004	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:29:35.0650 2004	LSI_FC - ok
13:29:35.0666 2004	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:29:35.0666 2004	LSI_SAS - ok
13:29:35.0682 2004	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:29:35.0682 2004	LSI_SAS2 - ok
13:29:35.0682 2004	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:29:35.0682 2004	LSI_SCSI - ok
13:29:35.0697 2004	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:29:35.0697 2004	luafv - ok
13:29:35.0713 2004	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:29:35.0713 2004	megasas - ok
13:29:35.0744 2004	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:29:35.0744 2004	MegaSR - ok
13:29:35.0760 2004	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
13:29:35.0760 2004	MEIx64 - ok
13:29:35.0791 2004	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:29:35.0791 2004	Modem - ok
13:29:35.0806 2004	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:29:35.0806 2004	monitor - ok
13:29:35.0806 2004	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:29:35.0806 2004	mouclass - ok
13:29:35.0822 2004	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:29:35.0822 2004	mouhid - ok
13:29:35.0838 2004	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:29:35.0838 2004	mountmgr - ok
13:29:35.0869 2004	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:29:35.0869 2004	mpio - ok
13:29:35.0869 2004	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:29:35.0869 2004	mpsdrv - ok
13:29:35.0869 2004	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:29:35.0884 2004	MRxDAV - ok
13:29:35.0900 2004	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:29:35.0900 2004	mrxsmb - ok
13:29:35.0931 2004	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:29:35.0931 2004	mrxsmb10 - ok
13:29:35.0947 2004	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:29:35.0947 2004	mrxsmb20 - ok
13:29:35.0962 2004	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:29:35.0962 2004	msahci - ok
13:29:35.0978 2004	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:29:35.0978 2004	msdsm - ok
13:29:35.0994 2004	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:29:35.0994 2004	Msfs - ok
13:29:36.0009 2004	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:29:36.0009 2004	mshidkmdf - ok
13:29:36.0009 2004	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:29:36.0009 2004	msisadrv - ok
13:29:36.0025 2004	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:29:36.0025 2004	MSKSSRV - ok
13:29:36.0040 2004	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:29:36.0040 2004	MSPCLOCK - ok
13:29:36.0040 2004	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:29:36.0040 2004	MSPQM - ok
13:29:36.0072 2004	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:29:36.0072 2004	MsRPC - ok
13:29:36.0087 2004	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:29:36.0087 2004	mssmbios - ok
13:29:36.0103 2004	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:29:36.0103 2004	MSTEE - ok
13:29:36.0118 2004	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:29:36.0118 2004	MTConfig - ok
13:29:36.0134 2004	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:29:36.0134 2004	Mup - ok
13:29:36.0165 2004	mv91xx          (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
13:29:36.0165 2004	mv91xx - ok
13:29:36.0165 2004	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:29:36.0165 2004	NativeWifiP - ok
13:29:36.0196 2004	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:29:36.0196 2004	NDIS - ok
13:29:36.0196 2004	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:29:36.0196 2004	NdisCap - ok
13:29:36.0212 2004	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:29:36.0212 2004	NdisTapi - ok
13:29:36.0243 2004	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:29:36.0243 2004	Ndisuio - ok
13:29:36.0259 2004	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:29:36.0259 2004	NdisWan - ok
13:29:36.0274 2004	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:29:36.0274 2004	NDProxy - ok
13:29:36.0290 2004	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:29:36.0290 2004	NetBIOS - ok
13:29:36.0321 2004	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:29:36.0321 2004	NetBT - ok
13:29:36.0337 2004	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:29:36.0337 2004	nfrd960 - ok
13:29:36.0352 2004	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:29:36.0352 2004	Npfs - ok
13:29:36.0368 2004	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:29:36.0368 2004	nsiproxy - ok
13:29:36.0399 2004	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:29:36.0415 2004	Ntfs - ok
13:29:36.0415 2004	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:29:36.0415 2004	Null - ok
13:29:36.0446 2004	NVHDA           (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
13:29:36.0446 2004	NVHDA - ok
13:29:36.0649 2004	nvlddmkm        (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:29:36.0696 2004	nvlddmkm - ok
13:29:36.0711 2004	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:29:36.0711 2004	nvraid - ok
13:29:36.0727 2004	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:29:36.0727 2004	nvstor - ok
13:29:36.0742 2004	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:29:36.0742 2004	nv_agp - ok
13:29:36.0758 2004	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:29:36.0758 2004	ohci1394 - ok
13:29:36.0758 2004	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:29:36.0758 2004	Parport - ok
13:29:36.0774 2004	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:29:36.0789 2004	partmgr - ok
13:29:36.0805 2004	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:29:36.0805 2004	pci - ok
13:29:36.0820 2004	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:29:36.0820 2004	pciide - ok
13:29:36.0820 2004	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:29:36.0820 2004	pcmcia - ok
13:29:36.0836 2004	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:29:36.0836 2004	pcw - ok
13:29:36.0852 2004	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:29:36.0852 2004	PEAUTH - ok
13:29:36.0883 2004	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:29:36.0883 2004	PptpMiniport - ok
13:29:36.0898 2004	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:29:36.0898 2004	Processor - ok
13:29:36.0930 2004	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:29:36.0930 2004	Psched - ok
13:29:36.0961 2004	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:29:36.0961 2004	ql2300 - ok
13:29:36.0976 2004	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:29:36.0976 2004	ql40xx - ok
13:29:36.0992 2004	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:29:36.0992 2004	QWAVEdrv - ok
13:29:37.0008 2004	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:29:37.0008 2004	RasAcd - ok
13:29:37.0023 2004	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:29:37.0023 2004	RasAgileVpn - ok
13:29:37.0054 2004	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:29:37.0054 2004	Rasl2tp - ok
13:29:37.0070 2004	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:29:37.0070 2004	RasPppoe - ok
13:29:37.0070 2004	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:29:37.0070 2004	RasSstp - ok
13:29:37.0101 2004	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:29:37.0101 2004	rdbss - ok
13:29:37.0101 2004	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:29:37.0101 2004	rdpbus - ok
13:29:37.0117 2004	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:29:37.0117 2004	RDPCDD - ok
13:29:37.0132 2004	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:29:37.0148 2004	RDPENCDD - ok
13:29:37.0164 2004	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:29:37.0164 2004	RDPREFMP - ok
13:29:37.0179 2004	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:29:37.0179 2004	RDPWD - ok
13:29:37.0195 2004	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:29:37.0195 2004	rdyboost - ok
13:29:37.0226 2004	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:29:37.0226 2004	RFCOMM - ok
13:29:37.0242 2004	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:29:37.0242 2004	rspndr - ok
13:29:37.0257 2004	RTL8167         (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:29:37.0257 2004	RTL8167 - ok
13:29:37.0273 2004	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:29:37.0273 2004	sbp2port - ok
13:29:37.0304 2004	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:29:37.0304 2004	scfilter - ok
13:29:37.0335 2004	SCMNdisP        (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
13:29:37.0335 2004	SCMNdisP - ok
13:29:37.0351 2004	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:29:37.0351 2004	secdrv - ok
13:29:37.0366 2004	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:29:37.0366 2004	Serenum - ok
13:29:37.0366 2004	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:29:37.0366 2004	Serial - ok
13:29:37.0382 2004	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:29:37.0382 2004	sermouse - ok
13:29:37.0413 2004	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:29:37.0413 2004	sffdisk - ok
13:29:37.0429 2004	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:29:37.0429 2004	sffp_mmc - ok
13:29:37.0444 2004	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:29:37.0444 2004	sffp_sd - ok
13:29:37.0444 2004	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:29:37.0444 2004	sfloppy - ok
13:29:37.0460 2004	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:29:37.0460 2004	SiSRaid2 - ok
13:29:37.0460 2004	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:29:37.0460 2004	SiSRaid4 - ok
13:29:37.0476 2004	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:29:37.0476 2004	Smb - ok
13:29:37.0507 2004	snapman         (32cde417100c530964e79c53b4e994ca) C:\Windows\system32\DRIVERS\snapman.sys
13:29:37.0507 2004	snapman - ok
13:29:37.0522 2004	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:29:37.0522 2004	spldr - ok
13:29:37.0554 2004	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:29:37.0554 2004	srv - ok
13:29:37.0569 2004	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:29:37.0569 2004	srv2 - ok
13:29:37.0585 2004	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:29:37.0585 2004	srvnet - ok
13:29:37.0616 2004	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:29:37.0616 2004	stexstor - ok
13:29:37.0616 2004	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:29:37.0616 2004	swenum - ok
13:29:37.0632 2004	SysTool         (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\SysTool64.sys
13:29:37.0632 2004	SysTool - ok
13:29:37.0694 2004	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:29:37.0694 2004	Tcpip - ok
13:29:37.0741 2004	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:29:37.0741 2004	TCPIP6 - ok
13:29:37.0788 2004	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:29:37.0788 2004	tcpipreg - ok
13:29:37.0819 2004	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:29:37.0819 2004	TDPIPE - ok
13:29:37.0819 2004	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:29:37.0819 2004	TDTCP - ok
13:29:37.0834 2004	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:29:37.0834 2004	tdx - ok
13:29:37.0850 2004	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:29:37.0850 2004	TermDD - ok
13:29:37.0881 2004	timounter       (6adc063fd51f03ef0cab3e716a725bd2) C:\Windows\system32\DRIVERS\timntr.sys
13:29:37.0881 2004	timounter - ok
13:29:37.0897 2004	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:29:37.0897 2004	tssecsrv - ok
13:29:37.0928 2004	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:29:37.0928 2004	TsUsbFlt - ok
13:29:37.0959 2004	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:29:37.0959 2004	tunnel - ok
13:29:37.0975 2004	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:29:37.0975 2004	uagp35 - ok
13:29:37.0990 2004	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:29:38.0006 2004	udfs - ok
13:29:38.0022 2004	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:29:38.0022 2004	uliagpkx - ok
13:29:38.0037 2004	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:29:38.0037 2004	umbus - ok
13:29:38.0053 2004	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:29:38.0053 2004	UmPass - ok
13:29:38.0068 2004	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:29:38.0068 2004	usbccgp - ok
13:29:38.0100 2004	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:29:38.0100 2004	usbcir - ok
13:29:38.0131 2004	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:29:38.0131 2004	usbehci - ok
13:29:38.0146 2004	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:29:38.0146 2004	usbhub - ok
13:29:38.0162 2004	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:29:38.0162 2004	usbohci - ok
13:29:38.0162 2004	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:29:38.0162 2004	usbprint - ok
13:29:38.0193 2004	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:29:38.0193 2004	usbscan - ok
13:29:38.0209 2004	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:29:38.0209 2004	USBSTOR - ok
13:29:38.0224 2004	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:29:38.0224 2004	usbuhci - ok
13:29:38.0240 2004	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:29:38.0240 2004	vdrvroot - ok
13:29:38.0240 2004	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:29:38.0240 2004	vga - ok
13:29:38.0256 2004	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:29:38.0256 2004	VgaSave - ok
13:29:38.0271 2004	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:29:38.0271 2004	vhdmp - ok
13:29:38.0287 2004	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:29:38.0287 2004	viaide - ok
13:29:38.0302 2004	vididr          (96a4f56cbba3dcf5d90cda1bc218d040) C:\Windows\system32\DRIVERS\vididr.sys
13:29:38.0302 2004	vididr - ok
13:29:38.0334 2004	vidsflt53       (c69a784bec737cd7460ebf3c3834d65e) C:\Windows\system32\DRIVERS\vsflt53.sys
13:29:38.0334 2004	vidsflt53 - ok
13:29:38.0349 2004	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:29:38.0349 2004	volmgr - ok
13:29:38.0365 2004	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:29:38.0365 2004	volmgrx - ok
13:29:38.0380 2004	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:29:38.0396 2004	volsnap - ok
13:29:38.0412 2004	vpcbus          (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
13:29:38.0412 2004	vpcbus - ok
13:29:38.0443 2004	vpcnfltr        (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:29:38.0443 2004	vpcnfltr - ok
13:29:38.0458 2004	vpcusb          (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
13:29:38.0458 2004	vpcusb - ok
13:29:38.0474 2004	vpcvmm          (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
13:29:38.0474 2004	vpcvmm - ok
13:29:38.0505 2004	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:29:38.0505 2004	vsmraid - ok
13:29:38.0505 2004	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:29:38.0505 2004	vwifibus - ok
13:29:38.0521 2004	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:29:38.0521 2004	vwififlt - ok
13:29:38.0536 2004	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:29:38.0536 2004	WacomPen - ok
13:29:38.0552 2004	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:38.0552 2004	WANARP - ok
13:29:38.0552 2004	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:38.0552 2004	Wanarpv6 - ok
13:29:38.0568 2004	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:29:38.0568 2004	Wd - ok
13:29:38.0583 2004	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:29:38.0583 2004	Wdf01000 - ok
13:29:38.0614 2004	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:29:38.0614 2004	WfpLwf - ok
13:29:38.0614 2004	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:29:38.0614 2004	WIMMount - ok
13:29:38.0646 2004	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:29:38.0646 2004	WinUsb - ok
13:29:38.0661 2004	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:29:38.0661 2004	WmiAcpi - ok
13:29:38.0677 2004	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:29:38.0677 2004	ws2ifsl - ok
13:29:38.0692 2004	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:29:38.0692 2004	WudfPf - ok
13:29:38.0708 2004	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:29:38.0724 2004	WUDFRd - ok
13:29:38.0724 2004	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:29:38.0770 2004	\Device\Harddisk0\DR0 - ok
13:29:38.0770 2004	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
13:29:39.0192 2004	\Device\Harddisk2\DR2 - ok
13:29:39.0192 2004	Boot (0x1200)   (61100c80cf61a64eb55b2cb7ee690a22) \Device\Harddisk0\DR0\Partition0
13:29:39.0192 2004	\Device\Harddisk0\DR0\Partition0 - ok
13:29:39.0192 2004	Boot (0x1200)   (2588921edcaf35d2ab6ec5a327aaa1c9) \Device\Harddisk0\DR0\Partition1
13:29:39.0192 2004	\Device\Harddisk0\DR0\Partition1 - ok
13:29:39.0223 2004	Boot (0x1200)   (cac2d0bf57698bb1ff5b8c4155495abb) \Device\Harddisk0\DR0\Partition2
13:29:39.0223 2004	\Device\Harddisk0\DR0\Partition2 - ok
13:29:39.0223 2004	Boot (0x1200)   (81876f828bac6fa80a0e141bef9a4f8a) \Device\Harddisk2\DR2\Partition0
13:29:39.0223 2004	\Device\Harddisk2\DR2\Partition0 - ok
13:29:39.0223 2004	============================================================
13:29:39.0223 2004	Scan finished
13:29:39.0223 2004	============================================================
13:29:39.0223 1952	Detected object count: 0
13:29:39.0223 1952	Actual detected object count: 0

Das Programm hat übrigens garnicht nach Neustart gefragt. Ist das normal?
Ich hab auch keine Möglichkeit mein GDATA zu deaktivieren, weil das im abgesicherten Modus garnicht bei den aktiven Programmen rechts in der Taskleiste angezeigt wird?
Nächste Schritte folgen gleich.

Snolki · 29.12.2011, 14:41

3.

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.29.02

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Mangliniel :: LORDVOLDEMORT [Administrator]

Schutz: Deaktiviert

29.12.2011 13:59:26
mbam-log-2011-12-29 (13-59-26).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 393120
Laufzeit: 25 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|iexploer.exe (Trojan.Agent) -> Daten: C:\Users\Mangliniel\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Mangliniel\AppData\Roaming\Microsoft\Internet Explorer\iexploer.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

4.
OTL Datei:
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL logfile created on: 29.12.2011 14:37:20 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = E:\Users\Mangliniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,79 Gb Available Physical Memory | 85,09% Memory free
15,95 Gb Paging File | 14,85 Gb Available in Paging File | 93,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 142,30 Gb Free Space | 72,89% Space Free | Partition Type: NTFS
Drive D: | 3,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1201,95 Gb Total Space | 1057,74 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
Drive F: | 15,10 Gb Total Space | 15,07 Gb Free Space | 99,81% Space Free | Partition Type: FAT32
 
Computer Name: LORDVOLDEMORT | User Name: Mangliniel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.29 10:34:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
PRC - [2011.12.26 14:22:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.26 14:22:13 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.26 14:12:58 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.08.03 02:31:28 | 000,255,592 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.28 14:36:53 | 001,506,824 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.10.28 14:36:11 | 000,457,536 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.10.28 02:41:08 | 002,191,808 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2011.08.17 14:00:02 | 000,464,392 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011.08.10 13:21:12 | 001,556,816 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.06.22 10:18:40 | 001,191,656 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.29 23:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.04.01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.08.04 13:44:24 | 000,266,240 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010.03.22 19:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.28 20:18:31 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.11.04 14:56:26 | 000,053,112 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2011.11.04 14:56:08 | 000,111,992 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2011.11.04 14:56:08 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2011.11.04 14:56:08 | 000,050,552 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2011.09.03 06:17:44 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011.09.03 06:17:37 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2011.09.03 06:17:36 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV:64bit: - [2011.09.03 06:17:32 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.08.31 22:57:18 | 000,059,256 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2011.08.31 22:56:49 | 000,031,608 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:64bit: - [2011.05.13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.05.10 10:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.04.26 10:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.28 20:45:54 | 000,412,776 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.15 18:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.11.15 18:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.10.27 14:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010.10.27 14:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.10.27 14:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010.10.27 14:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.10.27 14:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.10.20 19:05:18 | 000,014,592 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.11 00:11:00 | 001,924,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010.09.17 10:53:28 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.05.15 01:28:00 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2007.01.19 17:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2006.11.10 14:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SysTool64.sys -- (SysTool)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 E4 F3 DF 49 96 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.26 14:22:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.17 21:04:26 | 000,000,000 | ---D | M]
 
[2011.08.31 19:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mangliniel\AppData\Roaming\mozilla\Extensions
[2011.12.27 23:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mangliniel\AppData\Roaming\mozilla\Firefox\Profiles\ibw3krsn.default\extensions
[2011.12.26 14:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.31 22:57:01 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2011.08.31 22:57:01 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
() (No name found) -- C:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.26 14:22:13 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.08.30 21:35:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.30 21:29:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.30 21:35:55 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.30 21:35:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.30 21:35:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.30 21:35:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.08.31 21:48:37 | 000,001,041 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 nero.com 
O1 - Hosts: 127.0.0.1 www.nero.com 
O1 - Hosts: 127.0.0.1 activate.nero.com 
O1 - Hosts: 127.0.0.1 www.activate.nero.com 
O1 - Hosts: 127.0.0.1 nero.de 
O1 - Hosts: 127.0.0.1 www.nero.de 
O1 - Hosts: 127.0.0.1 activate.nero.de 
O1 - Hosts: 127.0.0.1 www.activate.nero.de
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.180.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FFAF03A-B067-4513-91CC-673710028321}: DhcpNameServer = 192.168.180.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.29 13:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Roaming\Malwarebytes
[2011.12.29 13:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.29 13:56:58 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.29 13:56:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.29 13:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.29 13:29:06 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- E:\Users\Mangliniel\Desktop\TDSSKiller.exe
[2011.12.29 10:41:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
[2011.12.28 20:18:31 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.12.28 19:31:38 | 000,000,000 | R--D | C] -- C:\Users\Mangliniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011.12.26 14:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.12.26 12:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia
[2011.12.26 12:04:48 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011.12.18 16:17:10 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Männerherzen
[2011.12.18 16:17:02 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Küss den Frosch
[2011.12.18 16:14:12 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Die Schlümpfe
[2011.12.18 09:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.18 09:22:28 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.12.18 09:22:28 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.12.18 09:22:28 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPod
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.12.18 09:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.12.18 09:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.12.18 09:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.18 09:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.12.17 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Roaming\Apple Computer
[2011.12.17 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Local\Apple Computer
[2011.12.17 21:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.12.17 21:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.12.17 21:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.12.17 21:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.12.17 21:04:11 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Local\Apple
[2011.12.17 21:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.12.16 22:43:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 22:43:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 22:43:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 22:43:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 22:43:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 22:43:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 22:43:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.16 22:43:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.16 22:43:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.16 22:43:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.16 22:43:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.16 19:52:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.16 19:52:54 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.16 19:52:54 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.29 14:29:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.29 14:29:46 | 2129,285,119 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.29 14:28:44 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2011.12.29 13:56:59 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.29 13:10:48 | 000,023,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 13:10:48 | 000,023,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 13:10:09 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.29 13:10:09 | 000,659,312 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.29 13:10:09 | 000,619,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.29 13:10:09 | 000,131,444 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.29 13:10:09 | 000,107,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.29 13:05:34 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011.12.29 10:59:43 | 001,529,724 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.29 10:34:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
[2011.12.28 20:18:31 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.12.27 23:23:28 | 000,504,917 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2011.12.27 23:23:28 | 000,035,379 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2011.12.27 08:00:20 | 000,419,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.26 14:12:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.12.23 14:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Mangliniel\Desktop\TDSSKiller.exe
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2011.12.29 13:56:59 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.29 10:59:43 | 001,529,724 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.17 21:04:11 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.11.29 18:42:26 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2011.09.25 09:27:12 | 000,017,408 | ---- | C] () -- C:\Users\Mangliniel\AppData\Local\WebpageIcons.db
[2011.09.17 10:13:17 | 000,504,917 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.09.10 21:33:37 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011.09.01 19:04:02 | 000,014,319 | ---- | C] () -- C:\Windows\UN060501.INI
[2011.08.31 19:03:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.08.31 19:03:28 | 000,026,272 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
 
========== LOP Check ==========
 
[2011.09.03 06:18:32 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\Acronis
[2011.10.02 09:04:13 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\Canon
[2011.09.01 19:04:30 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\NASNaviator2
[2011.12.29 14:28:44 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2011.12.27 23:19:16 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

und Extras:
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 29.12.2011 14:37:20 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = E:\Users\Mangliniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,79 Gb Available Physical Memory | 85,09% Memory free
15,95 Gb Paging File | 14,85 Gb Available in Paging File | 93,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 142,30 Gb Free Space | 72,89% Space Free | Partition Type: NTFS
Drive D: | 3,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1201,95 Gb Total Space | 1057,74 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
Drive F: | 15,10 Gb Total Space | 15,07 Gb Free Space | 99,81% Space Free | Partition Type: FAT32
 
Computer Name: LORDVOLDEMORT | User Name: Mangliniel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{6006059E-013D-4B77-BC5C-4DD5E4A6570D}" = G Data InternetSecurity 2012
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B683A28-2172-4CF1-B85D-41375E80652A}" = Acronis True Image WD*Edition
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 N150 Wireless USB Adapter
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"SyncBack_is1" = SyncBack
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.12.2011 14:23:54 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006
 
Error - 28.12.2011 14:23:55 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 28.12.2011 14:23:55 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004
 
Error - 28.12.2011 14:23:55 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
 befindet (Fehler=0x8007043c).
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
 befindet (Fehler=0x8007043c).
 
Error - 29.12.2011 05:59:45 | Computer Name = LordVoldemort | Source = Outlook | ID = 1000
Description = Fehler bei der Ausführung des Add-Ins. Outlook ist während des Rückrufs
 'OnConnection' der Schnittstelle 'IDTExtensibility2' beim Aufrufen des Add-Ins 
'G Data Outlook Add-In' abgestürzt. 
 
Error - 29.12.2011 06:00:02 | Computer Name = LordVoldemort | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.6109.5005,
 Zeitstempel: 0x4e79b881  Name des fehlerhaften Moduls: GDOfficeAddinX86.dll, Version:
 22.0.11301.253, Zeitstempel: 0x4eaa0fc1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000426b8
ID
 des fehlerhaften Prozesses: 0x738  Startzeit der fehlerhaften Anwendung: 0x01ccc610951474cf
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\G Data\AVKMail\GDOfficeAddinX86.dll
Berichtskennung:
 dfb8cca4-3203-11e1-8df1-f46d04e5aa6b
 
[ System Events ]
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:19 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >

--- --- ---

Snolki · 29.12.2011, 14:48

Last but not least:

5.

Code:

ATTFilter

7-Zip 9.20 (x64 edition)	Igor Pavlov	01.09.2011	4,53MB	9.20.00.0
Acronis True Image WD*Edition	Acronis	02.09.2011	179,4MB	13.0.14157
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	30.08.2011	6,00MB	10.3.183.7
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	25.12.2011	6,00MB	11.1.102.55
Adobe Reader X (10.1.0) - Deutsch	Adobe Systems Incorporated	30.08.2011	118,5MB	10.1.0
Apple Application Support	Apple Inc.	17.12.2011	61,2MB	2.1.6
Apple Mobile Device Support	Apple Inc.	17.12.2011	24,9MB	4.0.0.97
Apple Software Update	Apple Inc.	17.12.2011	2,38MB	2.1.3.127
Asmedia ASM104x USB 3.0 Host Controller Driver	Asmedia Technology	30.08.2011	2,09MB	1.2.9.0
ASUS Ai Charger	ASUSTeK Computer Inc.	30.08.2011		1.00.09
Bing Bar	Microsoft Corporation	29.09.2011	24,3MB	7.0.619.0
Bluetooth Win7 Suite (64)	Atheros Communications	30.08.2011	59,1MB	7.2.0.40
Bonjour	Apple Inc.	17.12.2011	1,86MB	3.0.0.10
Canon MP550 series MP Drivers		15.09.2011		
CCleaner	Piriform	28.12.2011		3.14
G Data InternetSecurity 2012	G Data Software AG	30.08.2011	84,9MB	22.0.0.0
Intel(R) Control Center	Intel Corporation	31.08.2011		1.2.1.1007
Intel(R) Management Engine Components	Intel Corporation	31.08.2011		7.0.0.1144
Intel(R) Rapid Storage Technology	Intel Corporation	31.08.2011		10.5.0.1026
iTunes	Apple Inc.	17.12.2011	172,4MB	10.5.2.11
Java(TM) 6 Update 27	Oracle	30.08.2011	95,0MB	6.0.270
JDownloader 0.9	AppWork GmbH	30.08.2011		0.9
Macromedia Dreamweaver 8	Macromedia	25.12.2011	167,9MB	8.0.0.2751
Macromedia Extension Manager	Ihr Firmenname	25.12.2011	4,90MB	1.7.270
Malwarebytes Anti-Malware Version 1.60.0.1800	Malwarebytes Corporation	28.12.2011	18,6MB	1.60.0.1800
marvell 91xx driver	Marvell	30.08.2011		1.0.0.1045
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	30.08.2011	38,8MB	4.0.30319
Microsoft Office Outlook Connector	Microsoft Corporation	29.09.2011	3,36MB	14.0.5118.5000
Microsoft Office Professional Plus 2010	Microsoft Corporation	20.11.2011		14.0.6029.1000
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit	Microsoft Corporation	29.09.2011	1,38MB	14.0.5120.5000
Microsoft Silverlight	Microsoft Corporation	20.10.2011	40,5MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	29.09.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	31.08.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	30.08.2011	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	30.08.2011	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	31.08.2011	0,59MB	9.0.30729.6161
Mozilla Firefox 9.0.1 (x86 de)	Mozilla	25.12.2011	38,1MB	9.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	31.08.2011	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	31.08.2011	1,33MB	4.20.9876.0
Nero BackItUp 10	Nero AG	30.08.2011	117,7MB	5.8.10400.4.100
Nero Burning ROM 10	Nero AG	30.08.2011	168,3MB	10.6.10600.4.100
Nero BurnRights 10	Nero AG	30.08.2011	6,15MB	4.4.10300.1.100
Nero CoverDesigner 10	Nero AG	30.08.2011	91,4MB	5.6.10500.3.100
Nero DiscSpeed 10	Nero AG	30.08.2011	7,22MB	6.4.10400.0.100
Nero Express 10	Nero AG	30.08.2011	165,4MB	10.6.10600.4.100
Nero InfoTool 10	Nero AG	30.08.2011	8,07MB	7.4.10200.0.100
Nero Multimedia Suite 10	Nero AG	30.08.2011	1.426MB	10.6.11300
Nero Recode 10	Nero AG	30.08.2011	79,3MB	4.10.10600.4.100
Nero RescueAgent 10	Nero AG	30.08.2011	6,53MB	3.6.10500.3.100
Nero SoundTrax 10	Nero AG	30.08.2011	98,2MB	4.10.10300.2.100
Nero StartSmart 10	Nero AG	30.08.2011	143,8MB	10.6.10400.2.100
Nero Vision 10	Nero AG	30.08.2011	223MB	7.4.10800.7.100
Nero WaveEditor 10	Nero AG	30.08.2011	79,2MB	5.10.10400.3.100
NETGEAR WNA1100 N150 Wireless USB Adapter	NETGEAR	03.09.2011		1.0.0.133
NVIDIA 3D Vision Controller-Treiber 280.19	NVIDIA Corporation	30.08.2011		280.19
NVIDIA 3D Vision Treiber 280.26	NVIDIA Corporation	30.08.2011		280.26
NVIDIA Grafiktreiber 280.26	NVIDIA Corporation	30.08.2011		280.26
NVIDIA HD-Audiotreiber 1.2.23.3	NVIDIA Corporation	30.08.2011		1.2.23.3
NVIDIA PhysX-Systemsoftware 9.10.0514	NVIDIA Corporation	30.08.2011		9.10.0514
NVIDIA Update 1.4.28	NVIDIA Corporation	30.08.2011		1.4.28
Paint.NET v3.5.8	dotPDN LLC	31.08.2011	10,4MB	3.58.0
Pando Media Booster	Pando Networks Inc.	31.08.2011	5,47MB	2.3.6.0
PDFCreator	Frank Heindörfer, Philip Chinery	21.10.2011		0.9.8
Picasa 3	Google, Inc.	30.08.2011		3.8
QuickTime	Apple Inc.	16.12.2011	74,3MB	7.60.92.0
Realtek Ethernet Controller Driver	Realtek	30.08.2011		7.37.1229.2010
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	30.08.2011		6.0.1.6235
SyncBack	2BrightSparks	03.09.2011	4,57MB	
System Requirements Lab		30.08.2011		
VLC media player 1.1.11	VideoLAN	30.08.2011		1.1.11
Winamp	Nullsoft, Inc	31.08.2011		5.621 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	31.08.2011	75,00KB	1.0.0.1
Windows Live Essentials	Microsoft Corporation	30.09.2011		15.4.3538.0513
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	29.09.2011	5,58MB	15.4.5722.2
WinRAR 4.01 (64-bit)	win.rar GmbH	30.08.2011		4.01.0
YouTube Downloader 3.3	BienneSoft	09.09.2011		
Zattoo4 4.0.5	Zattoo Inc.	24.09.2011		4.0.5

kira · 31.12.2011, 08:02

kannst Du mit dem PC im normalen Modus arbeiten?
sollte nämlich alle Punkte dort abgearbeitet werden!

Snolki · 31.12.2011, 08:25

Guten Morgen!

Ja, normaler Modus klappt wieder.

kira · 31.12.2011, 08:41

dann bitte alle Punkte nochmal wiederholen - bis auf Punkt 5. - (im normalen Modus):-> Posting #2-> http://www.trojaner-board.de/107152-...tml#post743737

Snolki · 31.12.2011, 11:58

2.

Code:

ATTFilter

08:57:41.0646 3952	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
08:57:42.0097 3952	============================================================
08:57:42.0097 3952	Current date / time: 2011/12/31 08:57:42.0097
08:57:42.0097 3952	SystemInfo:
08:57:42.0097 3952	
08:57:42.0097 3952	OS Version: 6.1.7601 ServicePack: 1.0
08:57:42.0097 3952	Product type: Workstation
08:57:42.0097 3952	ComputerName: LORDVOLDEMORT
08:57:42.0097 3952	UserName: Mangliniel
08:57:42.0097 3952	Windows directory: C:\Windows
08:57:42.0097 3952	System windows directory: C:\Windows
08:57:42.0097 3952	Running under WOW64
08:57:42.0097 3952	Processor architecture: Intel x64
08:57:42.0097 3952	Number of processors: 4
08:57:42.0097 3952	Page size: 0x1000
08:57:42.0097 3952	Boot type: Normal boot
08:57:42.0097 3952	============================================================
08:57:42.0336 3952	Initialize success
08:57:43.0310 2408	============================================================
08:57:43.0310 2408	Scan started
08:57:43.0310 2408	Mode: Manual; 
08:57:43.0310 2408	============================================================
08:57:43.0777 2408	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:57:43.0779 2408	1394ohci - ok
08:57:43.0804 2408	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:57:43.0807 2408	ACPI - ok
08:57:43.0819 2408	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:57:43.0820 2408	AcpiPmi - ok
08:57:43.0871 2408	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:57:43.0875 2408	adp94xx - ok
08:57:43.0938 2408	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:57:43.0940 2408	adpahci - ok
08:57:43.0967 2408	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:57:43.0968 2408	adpu320 - ok
08:57:44.0018 2408	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
08:57:44.0022 2408	AFD - ok
08:57:44.0039 2408	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:57:44.0040 2408	agp440 - ok
08:57:44.0094 2408	AiCharger       (a41b855edc1f141851e27f984827942c) C:\Windows\system32\DRIVERS\AiCharger.sys
08:57:44.0095 2408	AiCharger - ok
08:57:44.0117 2408	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:57:44.0117 2408	aliide - ok
08:57:44.0131 2408	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:57:44.0132 2408	amdide - ok
08:57:44.0146 2408	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:57:44.0147 2408	AmdK8 - ok
08:57:44.0159 2408	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:57:44.0160 2408	AmdPPM - ok
08:57:44.0180 2408	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:57:44.0181 2408	amdsata - ok
08:57:44.0196 2408	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:57:44.0198 2408	amdsbs - ok
08:57:44.0215 2408	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:57:44.0216 2408	amdxata - ok
08:57:44.0237 2408	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:57:44.0238 2408	AppID - ok
08:57:44.0287 2408	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:57:44.0288 2408	arc - ok
08:57:44.0305 2408	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:57:44.0306 2408	arcsas - ok
08:57:44.0335 2408	asmthub3        (e3b9c89d2ed4a538ab2fc6ec76fa2b17) C:\Windows\system32\DRIVERS\asmthub3.sys
08:57:44.0337 2408	asmthub3 - ok
08:57:44.0348 2408	asmtxhci        (88ce83be5176020be39194a6369af2c2) C:\Windows\system32\DRIVERS\asmtxhci.sys
08:57:44.0351 2408	asmtxhci - ok
08:57:44.0382 2408	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:57:44.0382 2408	AsyncMac - ok
08:57:44.0408 2408	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:57:44.0409 2408	atapi - ok
08:57:44.0428 2408	AthBTPort       (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys
08:57:44.0429 2408	AthBTPort - ok
08:57:44.0450 2408	ATHDFU          (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys
08:57:44.0451 2408	ATHDFU - ok
08:57:44.0504 2408	athur           (c24a645aedbdf5fa0a23f7581c6f9c63) C:\Windows\system32\DRIVERS\athurx.sys
08:57:44.0515 2408	athur - ok
08:57:44.0537 2408	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:57:44.0539 2408	b06bdrv - ok
08:57:44.0565 2408	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:57:44.0566 2408	b57nd60a - ok
08:57:44.0598 2408	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:57:44.0599 2408	Beep - ok
08:57:44.0639 2408	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:57:44.0640 2408	blbdrive - ok
08:57:44.0674 2408	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:57:44.0675 2408	bowser - ok
08:57:44.0681 2408	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:57:44.0682 2408	BrFiltLo - ok
08:57:44.0698 2408	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:57:44.0698 2408	BrFiltUp - ok
08:57:44.0710 2408	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:57:44.0712 2408	Brserid - ok
08:57:44.0720 2408	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:57:44.0720 2408	BrSerWdm - ok
08:57:44.0727 2408	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:57:44.0727 2408	BrUsbMdm - ok
08:57:44.0736 2408	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:57:44.0736 2408	BrUsbSer - ok
08:57:44.0761 2408	BTATH_A2DP      (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys
08:57:44.0764 2408	BTATH_A2DP - ok
08:57:44.0778 2408	BTATH_BUS       (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\DRIVERS\btath_bus.sys
08:57:44.0778 2408	BTATH_BUS - ok
08:57:44.0801 2408	BTATH_HCRP      (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys
08:57:44.0803 2408	BTATH_HCRP - ok
08:57:44.0809 2408	BTATH_LWFLT     (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys
08:57:44.0810 2408	BTATH_LWFLT - ok
08:57:44.0827 2408	BTATH_RCP       (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys
08:57:44.0828 2408	BTATH_RCP - ok
08:57:44.0861 2408	BtFilter        (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys
08:57:44.0863 2408	BtFilter - ok
08:57:44.0873 2408	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
08:57:44.0873 2408	BthEnum - ok
08:57:44.0883 2408	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:57:44.0884 2408	BTHMODEM - ok
08:57:44.0899 2408	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
08:57:44.0899 2408	BthPan - ok
08:57:44.0920 2408	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
08:57:44.0923 2408	BTHPORT - ok
08:57:44.0936 2408	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
08:57:44.0937 2408	BTHUSB - ok
08:57:44.0949 2408	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:57:44.0949 2408	cdfs - ok
08:57:44.0962 2408	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:57:44.0964 2408	cdrom - ok
08:57:44.0973 2408	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:57:44.0974 2408	circlass - ok
08:57:45.0000 2408	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:57:45.0003 2408	CLFS - ok
08:57:45.0025 2408	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:57:45.0026 2408	CmBatt - ok
08:57:45.0049 2408	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:57:45.0050 2408	cmdide - ok
08:57:45.0077 2408	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
08:57:45.0081 2408	CNG - ok
08:57:45.0111 2408	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:57:45.0112 2408	Compbatt - ok
08:57:45.0124 2408	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:57:45.0125 2408	CompositeBus - ok
08:57:45.0134 2408	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:57:45.0136 2408	crcdisk - ok
08:57:45.0181 2408	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:57:45.0183 2408	DfsC - ok
08:57:45.0213 2408	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:57:45.0214 2408	discache - ok
08:57:45.0227 2408	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:57:45.0229 2408	Disk - ok
08:57:45.0254 2408	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:57:45.0256 2408	drmkaud - ok
08:57:45.0321 2408	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:57:45.0332 2408	DXGKrnl - ok
08:57:45.0402 2408	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:57:45.0418 2408	ebdrv - ok
08:57:45.0466 2408	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:57:45.0470 2408	elxstor - ok
08:57:45.0491 2408	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:57:45.0492 2408	ErrDev - ok
08:57:45.0507 2408	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:57:45.0510 2408	exfat - ok
08:57:45.0524 2408	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:57:45.0527 2408	fastfat - ok
08:57:45.0541 2408	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:57:45.0542 2408	fdc - ok
08:57:45.0558 2408	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:57:45.0560 2408	FileInfo - ok
08:57:45.0573 2408	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:57:45.0574 2408	Filetrace - ok
08:57:45.0582 2408	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:57:45.0583 2408	flpydisk - ok
08:57:45.0610 2408	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:57:45.0615 2408	FltMgr - ok
08:57:45.0634 2408	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:57:45.0636 2408	FsDepends - ok
08:57:45.0676 2408	fssfltr         (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
08:57:45.0678 2408	fssfltr - ok
08:57:45.0700 2408	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
08:57:45.0701 2408	Fs_Rec - ok
08:57:45.0726 2408	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:57:45.0730 2408	fvevol - ok
08:57:45.0738 2408	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:57:45.0739 2408	gagp30kx - ok
08:57:45.0774 2408	GDBehave        (70f2b7c787602c857525fd1939ef680a) C:\Windows\system32\drivers\GDBehave.sys
08:57:45.0776 2408	GDBehave - ok
08:57:45.0798 2408	GDMnIcpt        (185b4958bf8ccc6ffa0eea5c0e7f65f6) C:\Windows\system32\drivers\MiniIcpt.sys
08:57:45.0801 2408	GDMnIcpt - ok
08:57:45.0813 2408	GdNetMon        (d826b9c59de0b310c9e560763560d8f9) C:\Windows\system32\drivers\GdNetMon64.sys
08:57:45.0815 2408	GdNetMon - ok
08:57:45.0839 2408	GDPkIcpt        (a7dbc5e8767e70dbf59114f826d4b1b6) C:\Windows\system32\drivers\PktIcpt.sys
08:57:45.0841 2408	GDPkIcpt - ok
08:57:45.0861 2408	gdwfpcd         (a59e3e53fa5ba6355a300b31782d2e34) C:\Windows\system32\drivers\gdwfpcd64.sys
08:57:45.0862 2408	gdwfpcd - ok
08:57:45.0887 2408	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:57:45.0888 2408	GEARAspiWDM - ok
08:57:45.0929 2408	GRD             (e10baa2ea50e575bbef0c5080da088a4) C:\Windows\system32\drivers\GRD.sys
08:57:45.0931 2408	GRD - ok
08:57:45.0960 2408	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:57:45.0962 2408	hcw85cir - ok
08:57:45.0989 2408	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:57:45.0995 2408	HdAudAddService - ok
08:57:46.0027 2408	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:57:46.0029 2408	HDAudBus - ok
08:57:46.0036 2408	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:57:46.0037 2408	HidBatt - ok
08:57:46.0049 2408	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:57:46.0051 2408	HidBth - ok
08:57:46.0059 2408	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:57:46.0061 2408	HidIr - ok
08:57:46.0071 2408	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:57:46.0072 2408	HidUsb - ok
08:57:46.0106 2408	HookCentre      (3bcb98418bf3cffb152109d3b10b1c85) C:\Windows\system32\drivers\HookCentre.sys
08:57:46.0107 2408	HookCentre - ok
08:57:46.0131 2408	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:57:46.0133 2408	HpSAMD - ok
08:57:46.0175 2408	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:57:46.0184 2408	HTTP - ok
08:57:46.0194 2408	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:57:46.0195 2408	hwpolicy - ok
08:57:46.0211 2408	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:57:46.0213 2408	i8042prt - ok
08:57:46.0246 2408	iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
08:57:46.0250 2408	iaStor - ok
08:57:46.0299 2408	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:57:46.0304 2408	iaStorV - ok
08:57:46.0319 2408	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:57:46.0320 2408	iirsp - ok
08:57:46.0393 2408	IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
08:57:46.0433 2408	IntcAzAudAddService - ok
08:57:46.0448 2408	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:57:46.0448 2408	intelide - ok
08:57:46.0464 2408	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:57:46.0465 2408	intelppm - ok
08:57:46.0478 2408	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:57:46.0479 2408	IpFilterDriver - ok
08:57:46.0491 2408	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:57:46.0492 2408	IPMIDRV - ok
08:57:46.0509 2408	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:57:46.0510 2408	IPNAT - ok
08:57:46.0528 2408	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:57:46.0529 2408	IRENUM - ok
08:57:46.0544 2408	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:57:46.0545 2408	isapnp - ok
08:57:46.0563 2408	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:57:46.0566 2408	iScsiPrt - ok
08:57:46.0600 2408	JSWPSLWF        (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
08:57:46.0600 2408	JSWPSLWF - ok
08:57:46.0616 2408	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
08:57:46.0618 2408	kbdclass - ok
08:57:46.0637 2408	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
08:57:46.0638 2408	kbdhid - ok
08:57:46.0658 2408	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
08:57:46.0660 2408	KSecDD - ok
08:57:46.0672 2408	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
08:57:46.0675 2408	KSecPkg - ok
08:57:46.0690 2408	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:57:46.0690 2408	ksthunk - ok
08:57:46.0711 2408	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:57:46.0712 2408	lltdio - ok
08:57:46.0731 2408	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:57:46.0732 2408	LSI_FC - ok
08:57:46.0751 2408	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:57:46.0752 2408	LSI_SAS - ok
08:57:46.0763 2408	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:57:46.0764 2408	LSI_SAS2 - ok
08:57:46.0773 2408	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:57:46.0774 2408	LSI_SCSI - ok
08:57:46.0786 2408	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:57:46.0788 2408	luafv - ok
08:57:46.0834 2408	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
08:57:46.0835 2408	MBAMProtector - ok
08:57:46.0842 2408	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:57:46.0843 2408	megasas - ok
08:57:46.0870 2408	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:57:46.0872 2408	MegaSR - ok
08:57:46.0895 2408	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
08:57:46.0896 2408	MEIx64 - ok
08:57:46.0910 2408	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:57:46.0910 2408	Modem - ok
08:57:46.0929 2408	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:57:46.0929 2408	monitor - ok
08:57:46.0941 2408	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:57:46.0942 2408	mouclass - ok
08:57:46.0956 2408	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:57:46.0957 2408	mouhid - ok
08:57:46.0973 2408	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:57:46.0974 2408	mountmgr - ok
08:57:46.0994 2408	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:57:46.0996 2408	mpio - ok
08:57:47.0003 2408	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:57:47.0004 2408	mpsdrv - ok
08:57:47.0012 2408	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:57:47.0013 2408	MRxDAV - ok
08:57:47.0039 2408	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:57:47.0041 2408	mrxsmb - ok
08:57:47.0065 2408	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:57:47.0069 2408	mrxsmb10 - ok
08:57:47.0096 2408	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:57:47.0098 2408	mrxsmb20 - ok
08:57:47.0118 2408	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:57:47.0120 2408	msahci - ok
08:57:47.0139 2408	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:57:47.0141 2408	msdsm - ok
08:57:47.0179 2408	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:57:47.0180 2408	Msfs - ok
08:57:47.0199 2408	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:57:47.0200 2408	mshidkmdf - ok
08:57:47.0209 2408	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:57:47.0209 2408	msisadrv - ok
08:57:47.0246 2408	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:57:47.0247 2408	MSKSSRV - ok
08:57:47.0255 2408	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:57:47.0256 2408	MSPCLOCK - ok
08:57:47.0272 2408	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:57:47.0273 2408	MSPQM - ok
08:57:47.0305 2408	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:57:47.0310 2408	MsRPC - ok
08:57:47.0336 2408	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:57:47.0336 2408	mssmbios - ok
08:57:47.0348 2408	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:57:47.0349 2408	MSTEE - ok
08:57:47.0366 2408	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:57:47.0367 2408	MTConfig - ok
08:57:47.0375 2408	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:57:47.0377 2408	Mup - ok
08:57:47.0411 2408	mv91xx          (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
08:57:47.0415 2408	mv91xx - ok
08:57:47.0443 2408	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:57:47.0447 2408	NativeWifiP - ok
08:57:47.0494 2408	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:57:47.0503 2408	NDIS - ok
08:57:47.0554 2408	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:57:47.0556 2408	NdisCap - ok
08:57:47.0570 2408	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:57:47.0572 2408	NdisTapi - ok
08:57:47.0594 2408	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:57:47.0596 2408	Ndisuio - ok
08:57:47.0613 2408	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:57:47.0616 2408	NdisWan - ok
08:57:47.0628 2408	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:57:47.0630 2408	NDProxy - ok
08:57:47.0647 2408	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:57:47.0648 2408	NetBIOS - ok
08:57:47.0669 2408	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:57:47.0672 2408	NetBT - ok
08:57:47.0703 2408	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:57:47.0704 2408	nfrd960 - ok
08:57:47.0726 2408	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:57:47.0727 2408	Npfs - ok
08:57:47.0743 2408	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:57:47.0744 2408	nsiproxy - ok
08:57:47.0840 2408	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:57:47.0859 2408	Ntfs - ok
08:57:47.0883 2408	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:57:47.0884 2408	Null - ok
08:57:47.0926 2408	NVHDA           (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
08:57:47.0929 2408	NVHDA - ok
08:57:48.0161 2408	nvlddmkm        (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:57:48.0357 2408	nvlddmkm - ok
08:57:48.0372 2408	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:57:48.0374 2408	nvraid - ok
08:57:48.0397 2408	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:57:48.0399 2408	nvstor - ok
08:57:48.0423 2408	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:57:48.0425 2408	nv_agp - ok
08:57:48.0440 2408	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:57:48.0442 2408	ohci1394 - ok
08:57:48.0462 2408	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:57:48.0463 2408	Parport - ok
08:57:48.0478 2408	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
08:57:48.0479 2408	partmgr - ok
08:57:48.0497 2408	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:57:48.0499 2408	pci - ok
08:57:48.0517 2408	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:57:48.0518 2408	pciide - ok
08:57:48.0526 2408	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:57:48.0528 2408	pcmcia - ok
08:57:48.0538 2408	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:57:48.0539 2408	pcw - ok
08:57:48.0560 2408	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:57:48.0565 2408	PEAUTH - ok
08:57:48.0612 2408	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:57:48.0614 2408	PptpMiniport - ok
08:57:48.0627 2408	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:57:48.0629 2408	Processor - ok
08:57:48.0655 2408	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:57:48.0657 2408	Psched - ok
08:57:48.0702 2408	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:57:48.0731 2408	ql2300 - ok
08:57:48.0751 2408	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:57:48.0753 2408	ql40xx - ok
08:57:48.0774 2408	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:57:48.0775 2408	QWAVEdrv - ok
08:57:48.0793 2408	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:57:48.0794 2408	RasAcd - ok
08:57:48.0814 2408	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:57:48.0816 2408	RasAgileVpn - ok
08:57:48.0853 2408	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:57:48.0855 2408	Rasl2tp - ok
08:57:48.0879 2408	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:57:48.0881 2408	RasPppoe - ok
08:57:48.0890 2408	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:57:48.0892 2408	RasSstp - ok
08:57:48.0919 2408	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:57:48.0923 2408	rdbss - ok
08:57:48.0930 2408	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:57:48.0932 2408	rdpbus - ok
08:57:48.0966 2408	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:57:48.0967 2408	RDPCDD - ok
08:57:48.0982 2408	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:57:48.0983 2408	RDPENCDD - ok
08:57:49.0002 2408	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:57:49.0003 2408	RDPREFMP - ok
08:57:49.0027 2408	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
08:57:49.0030 2408	RDPWD - ok
08:57:49.0048 2408	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:57:49.0052 2408	rdyboost - ok
08:57:49.0091 2408	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
08:57:49.0094 2408	RFCOMM - ok
08:57:49.0107 2408	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:57:49.0109 2408	rspndr - ok
08:57:49.0148 2408	RTL8167         (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:57:49.0152 2408	RTL8167 - ok
08:57:49.0174 2408	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:57:49.0176 2408	sbp2port - ok
08:57:49.0203 2408	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:57:49.0205 2408	scfilter - ok
08:57:49.0234 2408	SCMNdisP        (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys
08:57:49.0235 2408	SCMNdisP - ok
08:57:49.0270 2408	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:57:49.0271 2408	secdrv - ok
08:57:49.0293 2408	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:57:49.0294 2408	Serenum - ok
08:57:49.0303 2408	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:57:49.0305 2408	Serial - ok
08:57:49.0324 2408	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:57:49.0326 2408	sermouse - ok
08:57:49.0346 2408	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:57:49.0347 2408	sffdisk - ok
08:57:49.0359 2408	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:57:49.0360 2408	sffp_mmc - ok
08:57:49.0375 2408	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:57:49.0376 2408	sffp_sd - ok
08:57:49.0393 2408	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:57:49.0394 2408	sfloppy - ok
08:57:49.0404 2408	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:57:49.0405 2408	SiSRaid2 - ok
08:57:49.0411 2408	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:57:49.0413 2408	SiSRaid4 - ok
08:57:49.0424 2408	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:57:49.0425 2408	Smb - ok
08:57:49.0478 2408	snapman         (32cde417100c530964e79c53b4e994ca) C:\Windows\system32\DRIVERS\snapman.sys
08:57:49.0482 2408	snapman - ok
08:57:49.0501 2408	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:57:49.0503 2408	spldr - ok
08:57:49.0546 2408	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:57:49.0552 2408	srv - ok
08:57:49.0575 2408	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:57:49.0580 2408	srv2 - ok
08:57:49.0596 2408	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:57:49.0598 2408	srvnet - ok
08:57:49.0627 2408	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:57:49.0629 2408	stexstor - ok
08:57:49.0650 2408	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:57:49.0651 2408	swenum - ok
08:57:49.0668 2408	SysTool         (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\SysTool64.sys
08:57:49.0669 2408	SysTool - ok
08:57:49.0729 2408	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
08:57:49.0778 2408	Tcpip - ok
08:57:49.0801 2408	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
08:57:49.0808 2408	TCPIP6 - ok
08:57:49.0833 2408	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:57:49.0834 2408	tcpipreg - ok
08:57:49.0853 2408	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:57:49.0854 2408	TDPIPE - ok
08:57:49.0862 2408	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
08:57:49.0864 2408	TDTCP - ok
08:57:49.0888 2408	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:57:49.0890 2408	tdx - ok
08:57:49.0909 2408	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:57:49.0911 2408	TermDD - ok
08:57:49.0953 2408	timounter       (6adc063fd51f03ef0cab3e716a725bd2) C:\Windows\system32\DRIVERS\timntr.sys
08:57:49.0964 2408	timounter - ok
08:57:49.0989 2408	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:57:49.0990 2408	tssecsrv - ok
08:57:50.0014 2408	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:57:50.0016 2408	TsUsbFlt - ok
08:57:50.0047 2408	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:57:50.0050 2408	tunnel - ok
08:57:50.0058 2408	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:57:50.0060 2408	uagp35 - ok
08:57:50.0083 2408	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:57:50.0087 2408	udfs - ok
08:57:50.0113 2408	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:57:50.0115 2408	uliagpkx - ok
08:57:50.0138 2408	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
08:57:50.0139 2408	umbus - ok
08:57:50.0154 2408	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:57:50.0155 2408	UmPass - ok
08:57:50.0180 2408	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:57:50.0182 2408	usbccgp - ok
08:57:50.0203 2408	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:57:50.0205 2408	usbcir - ok
08:57:50.0221 2408	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:57:50.0222 2408	usbehci - ok
08:57:50.0243 2408	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:57:50.0248 2408	usbhub - ok
08:57:50.0260 2408	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:57:50.0261 2408	usbohci - ok
08:57:50.0277 2408	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:57:50.0279 2408	usbprint - ok
08:57:50.0301 2408	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:57:50.0303 2408	usbscan - ok
08:57:50.0322 2408	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:57:50.0324 2408	USBSTOR - ok
08:57:50.0347 2408	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:57:50.0348 2408	usbuhci - ok
08:57:50.0368 2408	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:57:50.0370 2408	vdrvroot - ok
08:57:50.0380 2408	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:57:50.0381 2408	vga - ok
08:57:50.0399 2408	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:57:50.0400 2408	VgaSave - ok
08:57:50.0418 2408	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:57:50.0422 2408	vhdmp - ok
08:57:50.0441 2408	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:57:50.0443 2408	viaide - ok
08:57:50.0459 2408	vididr          (96a4f56cbba3dcf5d90cda1bc218d040) C:\Windows\system32\DRIVERS\vididr.sys
08:57:50.0462 2408	vididr - ok
08:57:50.0491 2408	vidsflt53       (c69a784bec737cd7460ebf3c3834d65e) C:\Windows\system32\DRIVERS\vsflt53.sys
08:57:50.0494 2408	vidsflt53 - ok
08:57:50.0508 2408	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:57:50.0509 2408	volmgr - ok
08:57:50.0545 2408	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:57:50.0550 2408	volmgrx - ok
08:57:50.0574 2408	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:57:50.0578 2408	volsnap - ok
08:57:50.0609 2408	vpcbus          (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
08:57:50.0612 2408	vpcbus - ok
08:57:50.0643 2408	vpcnfltr        (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
08:57:50.0645 2408	vpcnfltr - ok
08:57:50.0660 2408	vpcusb          (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
08:57:50.0662 2408	vpcusb - ok
08:57:50.0718 2408	vpcvmm          (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
08:57:50.0722 2408	vpcvmm - ok
08:57:50.0731 2408	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:57:50.0734 2408	vsmraid - ok
08:57:50.0753 2408	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:57:50.0754 2408	vwifibus - ok
08:57:50.0780 2408	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:57:50.0782 2408	vwififlt - ok
08:57:50.0798 2408	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:57:50.0799 2408	WacomPen - ok
08:57:50.0818 2408	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:57:50.0820 2408	WANARP - ok
08:57:50.0823 2408	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:57:50.0824 2408	Wanarpv6 - ok
08:57:50.0845 2408	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:57:50.0846 2408	Wd - ok
08:57:50.0858 2408	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:57:50.0863 2408	Wdf01000 - ok
08:57:50.0875 2408	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:57:50.0876 2408	WfpLwf - ok
08:57:50.0882 2408	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:57:50.0883 2408	WIMMount - ok
08:57:50.0924 2408	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:57:50.0925 2408	WinUsb - ok
08:57:50.0948 2408	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:57:50.0949 2408	WmiAcpi - ok
08:57:50.0965 2408	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:57:50.0967 2408	ws2ifsl - ok
08:57:51.0006 2408	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:57:51.0008 2408	WudfPf - ok
08:57:51.0035 2408	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:57:51.0038 2408	WUDFRd - ok
08:57:51.0072 2408	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:57:51.0114 2408	\Device\Harddisk0\DR0 - ok
08:57:51.0117 2408	Boot (0x1200)   (61100c80cf61a64eb55b2cb7ee690a22) \Device\Harddisk0\DR0\Partition0
08:57:51.0118 2408	\Device\Harddisk0\DR0\Partition0 - ok
08:57:51.0127 2408	Boot (0x1200)   (2588921edcaf35d2ab6ec5a327aaa1c9) \Device\Harddisk0\DR0\Partition1
08:57:51.0128 2408	\Device\Harddisk0\DR0\Partition1 - ok
08:57:51.0146 2408	Boot (0x1200)   (cac2d0bf57698bb1ff5b8c4155495abb) \Device\Harddisk0\DR0\Partition2
08:57:51.0147 2408	\Device\Harddisk0\DR0\Partition2 - ok
08:57:51.0147 2408	============================================================
08:57:51.0147 2408	Scan finished
08:57:51.0147 2408	============================================================
08:57:51.0157 1272	Detected object count: 0
08:57:51.0157 1272	Actual detected object count: 0
08:57:56.0233 3036	Deinitialize success

3.

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.31.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mangliniel :: LORDVOLDEMORT [Administrator]

Schutz: Aktiviert

31.12.2011 08:58:50
mbam-log-2011-12-31 (08-58-50).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 401658
Laufzeit: 35 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Snolki · 31.12.2011, 12:04

4.
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL logfile created on: 31.12.2011 11:59:21 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = E:\Users\Mangliniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 73,31% Memory free
15,95 Gb Paging File | 13,51 Gb Available in Paging File | 84,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 103,49 Gb Free Space | 53,01% Space Free | Partition Type: NTFS
Drive D: | 3,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1201,95 Gb Total Space | 1057,74 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
 
Computer Name: LORDVOLDEMORT | User Name: Mangliniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.29 10:34:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
PRC - [2011.12.26 14:22:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.10.28 14:36:53 | 001,506,824 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2011.10.28 14:36:43 | 001,617,416 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2011.10.28 14:36:11 | 000,457,536 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2011.09.01 18:24:38 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.08.17 14:00:02 | 001,011,208 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2011.08.17 14:00:02 | 000,464,392 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.07.11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2011.07.11 22:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011.06.22 10:17:14 | 000,395,392 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.06.22 10:15:44 | 002,637,824 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.29 23:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.29 23:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.01.04 14:34:12 | 004,545,024 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
PRC - [2010.10.19 14:38:54 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
PRC - [2010.08.04 13:44:24 | 000,266,240 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.31 11:48:49 | 000,204,800 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\winamp.lng
MOD - [2011.12.31 11:48:49 | 000,155,648 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\vis_milk2.lng
MOD - [2011.12.31 11:48:49 | 000,088,064 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\vis_avs.lng
MOD - [2011.12.31 11:48:49 | 000,056,320 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_local.lng
MOD - [2011.12.31 11:48:49 | 000,047,616 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_disc.lng
MOD - [2011.12.31 11:48:49 | 000,047,104 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_pmp.lng
MOD - [2011.12.31 11:48:49 | 000,039,424 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_wifi.lng
MOD - [2011.12.31 11:48:49 | 000,036,864 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_ipod.lng
MOD - [2011.12.31 11:48:49 | 000,036,352 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ombrowser.lng
MOD - [2011.12.31 11:48:49 | 000,034,816 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_plg.lng
MOD - [2011.12.31 11:48:49 | 000,023,040 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_mp3.lng
MOD - [2011.12.31 11:48:49 | 000,020,480 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_android.lng
MOD - [2011.12.31 11:48:49 | 000,020,480 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_midi.lng
MOD - [2011.12.31 11:48:49 | 000,018,944 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_mod.lng
MOD - [2011.12.31 11:48:49 | 000,016,384 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\out_ds.lng
MOD - [2011.12.31 11:48:49 | 000,015,360 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_wm.lng
MOD - [2011.12.31 11:48:49 | 000,014,848 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_wire.lng
MOD - [2011.12.31 11:48:49 | 000,014,336 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_online.lng
MOD - [2011.12.31 11:48:49 | 000,014,336 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_cdda.lng
MOD - [2011.12.31 11:48:49 | 000,012,800 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_playlists.lng
MOD - [2011.12.31 11:48:49 | 000,011,776 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_usb.lng
MOD - [2011.12.31 11:48:49 | 000,011,776 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_nsv.lng
MOD - [2011.12.31 11:48:49 | 000,011,776 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_skinmanager.lng
MOD - [2011.12.31 11:48:49 | 000,011,264 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_vorbis.lng
MOD - [2011.12.31 11:48:49 | 000,010,752 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_undo.lng
MOD - [2011.12.31 11:48:49 | 000,010,240 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_timerestore.lng
MOD - [2011.12.31 11:48:49 | 000,009,728 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_downloads.lng
MOD - [2011.12.31 11:48:49 | 000,009,216 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_nopro.lng
MOD - [2011.12.31 11:48:49 | 000,008,704 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_history.lng
MOD - [2011.12.31 11:48:49 | 000,008,704 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_devices.lng
MOD - [2011.12.31 11:48:49 | 000,008,192 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_transcode.lng
MOD - [2011.12.31 11:48:49 | 000,008,192 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_tray.lng
MOD - [2011.12.31 11:48:49 | 000,007,680 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\vis_nsfs.lng
MOD - [2011.12.31 11:48:49 | 000,007,680 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\out_wave.lng
MOD - [2011.12.31 11:48:49 | 000,007,168 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_orgler.lng
MOD - [2011.12.31 11:48:49 | 000,006,656 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_autotag.lng
MOD - [2011.12.31 11:48:49 | 000,006,656 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_wav.lng
MOD - [2011.12.31 11:48:49 | 000,006,656 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_dshow.lng
MOD - [2011.12.31 11:48:49 | 000,006,144 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\tagz.lng
MOD - [2011.12.31 11:48:49 | 000,006,144 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\out_disk.lng
MOD - [2011.12.31 11:48:49 | 000,005,632 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_wave.lng
MOD - [2011.12.31 11:48:49 | 000,005,632 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_flac.lng
MOD - [2011.12.31 11:48:49 | 000,005,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_rg.lng
MOD - [2011.12.31 11:48:49 | 000,005,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_impex.lng
MOD - [2011.12.31 11:48:49 | 000,005,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_bookmarks.lng
MOD - [2011.12.31 11:48:49 | 000,005,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_mp4.lng
MOD - [2011.12.31 11:48:49 | 000,005,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_avi.lng
MOD - [2011.12.31 11:48:49 | 000,004,608 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_activesync.lng
MOD - [2011.12.31 11:48:49 | 000,004,608 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_enqplay.lng
MOD - [2011.12.31 11:48:49 | 000,004,608 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_wv.lng
MOD - [2011.12.31 11:48:49 | 000,004,608 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_mkv.lng
MOD - [2011.12.31 11:48:49 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\winampa.lng
MOD - [2011.12.31 11:48:49 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_p4s.lng
MOD - [2011.12.31 11:48:49 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_orb.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\pmp_njb.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_nowplaying.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\ml_addons.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_swf.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_linein.lng
MOD - [2011.12.31 11:48:49 | 000,003,584 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\in_flv.lng
MOD - [2011.12.31 11:48:49 | 000,003,072 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\playlist.lng
MOD - [2011.12.31 11:48:48 | 000,069,120 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\burnlib.lng
MOD - [2011.12.31 11:48:48 | 000,041,984 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_jumpex.lng
MOD - [2011.12.31 11:48:48 | 000,023,552 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_classicart.lng
MOD - [2011.12.31 11:48:48 | 000,023,040 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_ff.lng
MOD - [2011.12.31 11:48:48 | 000,021,504 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_ml.lng
MOD - [2011.12.31 11:48:48 | 000,013,824 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\dsp_sps.lng
MOD - [2011.12.31 11:48:48 | 000,011,264 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_hotkeys.lng
MOD - [2011.12.31 11:48:48 | 000,010,752 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\auth.lng
MOD - [2011.12.31 11:48:48 | 000,007,168 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_crasher.lng
MOD - [2011.12.31 11:48:48 | 000,006,656 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_fhgaac.lng
MOD - [2011.12.31 11:48:48 | 000,006,144 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_wma.lng
MOD - [2011.12.31 11:48:48 | 000,005,632 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_lame.lng
MOD - [2011.12.31 11:48:48 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\gen_find_on_disk.lng
MOD - [2011.12.31 11:48:48 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_wav.lng
MOD - [2011.12.31 11:48:48 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_vorbis.lng
MOD - [2011.12.31 11:48:48 | 000,004,096 | ---- | M] () -- C:\Users\MANGLI~1\AppData\Local\Temp\WLZ9368.tmp\enc_flac.lng
MOD - [2011.12.26 14:22:13 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.26 14:12:58 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.22 06:26:40 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e8339b699235ebf2f904ccb8383de342\IAStorUtil.ni.dll
MOD - [2011.10.22 06:26:40 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33cecc66284ef59208b639ec72b0f565\IAStorCommon.ni.dll
MOD - [2011.10.22 06:04:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.22 06:04:02 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.22 06:03:58 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.22 06:03:50 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.22 06:03:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.22 06:03:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.22 06:03:43 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.22 06:03:39 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.01 18:24:38 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011.09.01 18:12:12 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011.09.01 18:12:12 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011.09.01 18:12:12 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011.09.01 18:12:12 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2011.09.01 18:12:12 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011.09.01 18:12:11 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011.09.01 18:12:11 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2011.09.01 18:12:11 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011.09.01 18:12:11 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011.09.01 18:12:11 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011.09.01 18:12:11 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2011.09.01 18:12:11 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011.09.01 18:12:11 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011.09.01 18:12:11 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011.09.01 18:12:11 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011.09.01 18:12:11 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2011.09.01 18:12:11 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011.09.01 18:12:10 | 001,090,048 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\aacdec.w5s
MOD - [2011.09.01 18:12:10 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2011.09.01 18:12:10 | 000,113,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
MOD - [2011.09.01 18:12:10 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2011.09.01 18:12:10 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2011.09.01 18:12:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2011.09.01 18:12:09 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2011.09.01 18:12:09 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2011.09.01 18:12:09 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2011.09.01 18:12:09 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2011.09.01 18:12:09 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2011.09.01 18:12:09 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2011.09.01 18:12:09 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011.09.01 18:12:09 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2011.09.01 18:12:09 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2011.09.01 18:12:09 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011.09.01 18:12:09 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011.09.01 18:12:02 | 000,293,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2011.09.01 18:12:01 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2011.09.01 18:12:01 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2011.09.01 18:12:01 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2011.09.01 18:12:00 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2011.09.01 18:12:00 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2011.09.01 18:12:00 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011.09.01 18:11:56 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011.09.01 18:11:56 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011.09.01 18:11:56 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2011.09.01 18:11:55 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011.09.01 18:11:53 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011.09.01 18:11:53 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011.09.01 18:11:52 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011.09.01 18:11:52 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011.09.01 18:11:52 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011.09.01 18:11:52 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011.09.01 18:11:52 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011.09.01 18:11:52 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011.09.01 18:11:52 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011.09.01 18:11:52 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2011.09.01 18:11:51 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2011.09.01 18:11:51 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2011.09.01 18:11:51 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011.09.01 18:11:51 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011.09.01 18:11:51 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011.09.01 18:11:51 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2011.09.01 18:11:51 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011.09.01 18:11:51 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2011.09.01 18:11:50 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2011.09.01 18:11:49 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011.09.01 18:11:49 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011.09.01 18:11:49 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\libmp4v2.dll
MOD - [2011.09.01 18:11:49 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011.08.03 02:31:28 | 000,255,592 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2011.01.04 14:34:12 | 004,545,024 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.08.28 15:50:18 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
MOD - [2009.07.14 18:58:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.28 14:36:53 | 001,506,824 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.10.28 14:36:11 | 000,457,536 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.10.28 02:41:08 | 002,191,808 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2011.08.17 14:00:02 | 000,464,392 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011.08.10 13:21:12 | 001,556,816 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.03 02:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.06.22 10:18:40 | 001,191,656 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.29 23:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.04.01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.08.04 13:44:24 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010.03.22 19:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.28 20:18:31 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.11.04 14:56:26 | 000,053,112 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2011.11.04 14:56:08 | 000,111,992 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2011.11.04 14:56:08 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2011.11.04 14:56:08 | 000,050,552 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2011.09.03 06:17:44 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011.09.03 06:17:37 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2011.09.03 06:17:36 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV:64bit: - [2011.09.03 06:17:32 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.08.31 22:57:18 | 000,059,256 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2011.08.31 22:56:49 | 000,031,608 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:64bit: - [2011.05.13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.05.10 10:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.04.26 10:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.28 20:45:54 | 000,412,776 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.15 18:05:02 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.11.15 18:05:00 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.10.27 14:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010.10.27 14:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.10.27 14:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.10.27 14:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010.10.27 14:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.10.27 14:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.10.20 19:05:18 | 000,014,592 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.11 00:11:00 | 001,924,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010.09.17 10:53:28 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.05.15 01:28:00 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2007.01.19 17:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2006.11.10 14:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SysTool64.sys -- (SysTool)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 E4 F3 DF 49 96 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.26 14:22:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.17 21:04:26 | 000,000,000 | ---D | M]
 
[2011.08.31 19:49:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mangliniel\AppData\Roaming\mozilla\Extensions
[2011.12.27 23:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mangliniel\AppData\Roaming\mozilla\Firefox\Profiles\ibw3krsn.default\extensions
[2011.12.26 14:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.31 22:57:01 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2011.08.31 22:57:01 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
() (No name found) -- C:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.26 14:22:13 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.08.30 21:35:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.30 21:29:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.30 21:35:55 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.30 21:35:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.30 21:35:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.30 21:35:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.08.31 21:48:37 | 000,001,041 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:   
O1 - Hosts: 127.0.0.1 nero.com 
O1 - Hosts: 127.0.0.1 www.nero.com 
O1 - Hosts: 127.0.0.1 activate.nero.com 
O1 - Hosts: 127.0.0.1 www.activate.nero.com 
O1 - Hosts: 127.0.0.1 nero.de 
O1 - Hosts: 127.0.0.1 www.nero.de 
O1 - Hosts: 127.0.0.1 activate.nero.de 
O1 - Hosts: 127.0.0.1 www.activate.nero.de
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.180.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FFAF03A-B067-4513-91CC-673710028321}: DhcpNameServer = 192.168.180.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.31 11:46:42 | 000,000,000 | R--D | C] -- C:\Users\Mangliniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011.12.29 14:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.29 13:57:02 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Roaming\Malwarebytes
[2011.12.29 13:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.29 13:56:58 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.29 13:56:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.29 13:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.29 13:29:06 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- E:\Users\Mangliniel\Desktop\TDSSKiller.exe
[2011.12.29 10:41:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
[2011.12.28 20:18:31 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.12.26 14:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.12.26 12:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2011.12.26 12:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia
[2011.12.26 12:04:48 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011.12.18 16:17:10 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Männerherzen
[2011.12.18 16:17:02 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Küss den Frosch
[2011.12.18 16:14:12 | 000,000,000 | ---D | C] -- E:\Users\Mangliniel\Documents\Die Schlümpfe
[2011.12.18 09:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.18 09:22:28 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.12.18 09:22:28 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.12.18 09:22:28 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPod
[2011.12.18 09:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.12.18 09:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.12.18 09:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.12.18 09:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.18 09:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.12.17 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Roaming\Apple Computer
[2011.12.17 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Local\Apple Computer
[2011.12.17 21:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.12.17 21:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.12.17 21:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.12.17 21:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.12.17 21:04:11 | 000,000,000 | ---D | C] -- C:\Users\Mangliniel\AppData\Local\Apple
[2011.12.17 21:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.12.16 22:43:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 22:43:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 22:43:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 22:43:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 22:43:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 22:43:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 22:43:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.16 22:43:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.16 22:43:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.16 22:43:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.16 22:43:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.16 19:52:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.16 19:52:54 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.16 19:52:54 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.31 11:54:58 | 000,023,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.31 11:54:58 | 000,023,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.31 11:51:03 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.31 11:51:03 | 000,659,312 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.31 11:51:03 | 000,619,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.31 11:51:03 | 000,131,444 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.31 11:51:03 | 000,107,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.31 11:47:54 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2011.12.31 11:46:38 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011.12.31 11:46:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.31 11:46:05 | 2129,285,119 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.29 18:01:51 | 000,506,694 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2011.12.29 18:01:51 | 000,035,427 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2011.12.29 10:59:43 | 001,529,724 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.29 10:34:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Users\Mangliniel\Desktop\OTL.exe
[2011.12.28 20:18:31 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.12.27 08:00:20 | 000,419,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.26 14:12:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.12.23 14:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- E:\Users\Mangliniel\Desktop\TDSSKiller.exe
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2011.12.29 10:59:43 | 001,529,724 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.17 21:04:11 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.09.25 09:27:12 | 000,017,408 | ---- | C] () -- C:\Users\Mangliniel\AppData\Local\WebpageIcons.db
[2011.09.17 10:13:17 | 000,506,694 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.09.10 21:33:37 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011.09.01 19:04:02 | 000,014,319 | ---- | C] () -- C:\Windows\UN060501.INI
[2011.08.31 19:03:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.08.31 19:03:28 | 000,026,272 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
 
========== LOP Check ==========
 
[2011.09.03 06:18:32 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\Acronis
[2011.10.02 09:04:13 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\Canon
[2011.09.01 19:04:30 | 000,000,000 | ---D | M] -- C:\Users\Mangliniel\AppData\Roaming\NASNaviator2
[2011.12.31 11:47:54 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2011.12.27 23:19:16 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 31.12.2011 11:59:21 - Run 4
OTL by OldTimer - Version 3.2.31.0     Folder = E:\Users\Mangliniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 73,31% Memory free
15,95 Gb Paging File | 13,51 Gb Available in Paging File | 84,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 103,49 Gb Free Space | 53,01% Space Free | Partition Type: NTFS
Drive D: | 3,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1201,95 Gb Total Space | 1057,74 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
 
Computer Name: LORDVOLDEMORT | User Name: Mangliniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{6006059E-013D-4B77-BC5C-4DD5E4A6570D}" = G Data InternetSecurity 2012
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B683A28-2172-4CF1-B85D-41375E80652A}" = Acronis True Image WD*Edition
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 N150 Wireless USB Adapter
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"SyncBack_is1" = SyncBack
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.12.2011 14:23:55 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004
 
Error - 28.12.2011 14:23:55 | Computer Name = LordVoldemort | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
 befindet (Fehler=0x8007043c).
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
 
Error - 29.12.2011 05:59:44 | Computer Name = LordVoldemort | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
 befindet (Fehler=0x8007043c).
 
Error - 29.12.2011 05:59:45 | Computer Name = LordVoldemort | Source = Outlook | ID = 1000
Description = Fehler bei der Ausführung des Add-Ins. Outlook ist während des Rückrufs
 'OnConnection' der Schnittstelle 'IDTExtensibility2' beim Aufrufen des Add-Ins 
'G Data Outlook Add-In' abgestürzt. 
 
Error - 29.12.2011 06:00:02 | Computer Name = LordVoldemort | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.6109.5005,
 Zeitstempel: 0x4e79b881  Name des fehlerhaften Moduls: GDOfficeAddinX86.dll, Version:
 22.0.11301.253, Zeitstempel: 0x4eaa0fc1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000426b8
ID
 des fehlerhaften Prozesses: 0x738  Startzeit der fehlerhaften Anwendung: 0x01ccc610951474cf
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\G Data\AVKMail\GDOfficeAddinX86.dll
Berichtskennung:
 dfb8cca4-3203-11e1-8df1-f46d04e5aa6b
 
Error - 29.12.2011 09:49:46 | Computer Name = LordVoldemort | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
 nicht initialisiert werden.  Details: Could not query the status of the EventSystem
 service.  System Error: Der Computer wird heruntergefahren.  .
 
Error - 31.12.2011 03:26:11 | Computer Name = LordVoldemort | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Outlook: Rejected Safe Mode action : Schwerwiegender Fehler
 in Outlook beim g data outlook add-in-Add-In. Falls diese Fehlermeldung mehrmals
 angezeigt wurde, sollten Sie dieses Add-In deaktivieren und überprüfen, ob ein 
Update verfügbar ist. Möchten Sie dieses Add-In deaktivieren?.
 
[ System Events ]
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:18 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:19 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 29.12.2011 09:30:20 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 30.12.2011 05:10:32 | Computer Name = LordVoldemort | Source = DCOM | ID = 10005
Description = 
 
Error - 30.12.2011 05:10:32 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 G Data Personal Firewall erreicht.
 
Error - 30.12.2011 05:10:32 | Computer Name = LordVoldemort | Source = Service Control Manager | ID = 7000
Description = Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 31.12.2011 03:08:36 | Computer Name = LordVoldemort | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >

--- --- ---

kira · 01.01.2012, 10:42

1.
Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software):

Code:

ATTFilter

Bing Bar 
-> Bing Bar aus Firefox und Internet Explorer entfernen

Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers

Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...
- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

2.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

4.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
[2011.08.30 21:29:49 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.30 21:35:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
[2011.12.31 11:47:54 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

5.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

6.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

7.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Snolki · 01.01.2012, 16:08

frohes neues Jahr. :-D

so... 4.

Code:

ATTFilter

All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" removed from keyword.URL
File C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97eaab70-d42b-11e0-96a7-806e6f6e6963}\ not found.
File D:\.\Bin\ASSETUP.exe not found.
File C:\Windows\Tasks\AutoKMS.job not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Mangliniel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Ute
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 443940753 bytes
->Flash cache emptied: 3409 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1053 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 423,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 01012012_151425

Files\Folders moved on Reboot...
C:\Users\Mangliniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

5.

Code:

ATTFilter

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/01/2012 at 04:05 PM

Application Version : 5.0.1142

Core Rules Database Version : 8091
Trace Rules Database Version: 5903

Scan type       : Complete Scan
Total Scan Time : 00:34:06

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 610
Memory threats detected   : 0
Registry items scanned    : 77100
Registry threats detected : 0
File items scanned        : 68941
File threats detected     : 239

Adware.Tracking Cookie
	ia.media-imdb.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4MDAQ6AY ]
	.netgear.122.2o7.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.c.gigcount.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	counters.gigya.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.loyaltypartner.122.2o7.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	logging.ourstats.de [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	a.visualrevenue.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.msnportal.112.2o7.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.abcb2b.112.2o7.net [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	abcmedianet.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	abcmedianet.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	abcmedianet.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.w3counter.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ E:\USERS\MANGLINIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IBW3KRSN.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	adserver.icmedienhaus.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ads20.wwe-media.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	tracking.mlsat02.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	secure.img-cdn.mediaplex.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	logging.ourstats.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tacoda.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.dyntracker.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wgk4epdjacq.stats.esomniture.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wgkoqpd5mho.stats.esomniture.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.aerlingus.122.2o7.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	nedstat.hostelbookers.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	nedstat.hostelbookers.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webservices.evolvemediacorp.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webservices.evolvemediacorp.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.webservices.evolvemediacorp.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	media.gan-online.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\UTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TY9AEW3F.DEFAULT\COOKIES.SQLITE ]

Trojan.VXGame-Variant/D
	E:\USERS\MANGLINIEL\DOWNLOADS\DREAMWEAVER.V8.0.GERMAN.INCL.KEYGEN-ACME.BY.GEAR.FOR.WWW.GOLDESEL.TO\AC-MMUL4.EXE

Snolki · 01.01.2012, 21:23

Schritt 6+7 ist auch erfüllt. Alles ok + keine Probleme mehr aufgetreten bisher.

kira · 02.01.2012, 13:10

1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:

Code:

ATTFilter

CCleaner

- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Alle Systemwiederherstellungspunkte löschen, auch den Letzten

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Lesestoff Nr.1:

Wie erstelle ich ein eingeschränktes Benutzerkonto?
Software immer auf dem neuesten Stand halten!:
ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
Ein sicherer Browser als IE z.B. *Ein Wechsel des Standardbrowsers zu...von SETI@home* - Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox - Standardbrowser
Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
- Unbekannten E-Mail-Anhang NICHT öffnen!
Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)
Die fünf häufigsten Passwort-Fehler[/b[

"Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Bei der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
Sponsor-Programm, Toolbars möglist abwählen (so wird oft Art von Adware/Spyware mitinstalliert)

NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!

Programme und Treiber:
Nur vom Hersteller!

Onlinebanking:
Gib deine Passwörter niemals preis!
Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

Comnputer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab

Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
Webseiten ohne Gültiges Impressum nicht besuchen
Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
► Ausserdem machst Du dich damit strafbar!
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen
Virenscanner
BSI für Bürger
SETI@home - [Sicherheit] Sicherheitskonzept
Entwicklung schädlicher Websites/viruslist.com
Brennpunkt: Bilder und Töne
Gefährliche Bilder, schräge Töne/BSI

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!

Zitat:

Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -

Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:

Löschen der temporären Dateien in Windows
Verlauf, Cache und Cookies: Spuren beseitigen nach dem Surfen
hier nachlesen und hier microsoft.com
Wenn dein System reibungslos läuft, kannst zeitweise die alte Wiederherstellungspunkte entfernen: -> Alle Systemwiederherstellungspunkte bis auf den Letzten löschen
Oft den PC zu optimieren nütz wenig, der braucht jetzt eine Radikalkur (nach ca. 3-4 jahren, aber hängt von der Häufigkeit der Nutzung bzw Belastung ab): Anleitung: Neuaufsetzen des Systems + Absicherung
Staub, Fingerabdrücke, Handschweiß – PC und Peripherie sehen mit der Zeit ganz schön eklig aus, ausserdem laut, reagiert langsam und wird schnell heiß:
-> verschmutzte PCs sauber machen
-> Frühjahrsputz für den PC: Tipps zur Reinigung und Entrümpelung

wünsch Dir alles Gute

Wenn Du uns unterstützen möchtest→ Spendekonto

gruß
kira

31.12.2011, 08:02	#6
kira /// Helfer-Team	Aus Sicherheitsgründen wurde ihr Windows-System blockiert kannst Du mit dem PC im normalen Modus arbeiten? sollte nämlich alle Punkte dort abgearbeitet werden! __________________ --> Aus Sicherheitsgründen wurde ihr Windows-System blockiert

Aus Sicherheitsgründen wurde ihr Windows-System blockiert

Plagegeister aller Art und deren Bekämpfung: Aus Sicherheitsgründen wurde ihr Windows-System blockiert