Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.06.2012, 23:49   #1
Jemi
 
Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Standard

Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.



Hallo,

jetzt hat es mich auch erwischt.
Ich hatte auf diesem Rechner bisher die Mcafee Suite. Sie war auf dem System vorinstalliert und ich habe sie drauf gelassen.

Mcafee hat nichts gefunden. Allerdings war plötzlich die Firewall von Mcafee deaktiviert und ließ sich auch nicht mehr aktivieren. Dann habe ich versucht stattdessen die Windows Firewall zu aktivieren - geht auch nicht. Ich habe dann kurzerhand den Mcafee runtergeworfen und mir Avira installiert. Allerdings kann ich auch bei Avira die Firewall nicht aktivieren. Sie ist ausgegraut.

Nach einem großen Scan hat Avira einiges "ausgespuckt"

Code:
ATTFilter
 

Beginne mit der Desinfektion:
C:\Windows\System32\services.exe
  [FUND]      Enthält Erkennungsmuster des Windows-Virus W32/Patched.UA
  [HINWEIS]   Eine Sicherungskopie wurde unter dem Namen 576cd0ec.qua erstellt ( QUARANTÄNE )
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\800000cb.@
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4fbdffe6.qua' verschoben!
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1de2a50e.qua' verschoben!
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000001.@
  [FUND]      Ist das Trojanische Pferd TR/Small.FI
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7bd5eacc.qua' verschoben!
C:\ProgramData\The Bat!\huups\Attach\UPS_NHi86897532.zip
  [FUND]      Ist das Trojanische Pferd TR/Rogue.kdv.654574
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3e74c7d2.qua' verschoben!
C:\ProgramData\The Bat!\huups\Attach\ups_IDCf53568641.zip
  [FUND]      Ist das Trojanische Pferd TR/Rogue.kdv.654574
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '410ff553.qua' verschoben!
C:\ProgramData\The Bat!\huups\Attach\HP_Document.zip
  [FUND]      Enthält Erkennungsmuster des HTML-Scriptvirus HTML/Blacole.F
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0da3d9f9.qua' verschoben!
C:\$RECYCLE.BIN\S-1-5-21-1073971899-2332881053-245075914-1001\$RO732IJ.exe
  [FUND]      Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
  [HINWEIS]   Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
  [HINWEIS]   Die Datei existiert nicht!
         

Dann habe ich noch bemerkt, dass plötzlich immer wieder meine Dateiendungen ausgeblendet werden.

Es wäre wirklich toll, wenn mir jemand helfen kann, ich bin wirklich am verzweifeln - habe momentan so viel um die Ohren, dass ich wenn möglich darauf verzichten möchte, den Rechner neu aufzusetzen.

Hier die OTL.txt
Code:
ATTFilter
 
OTL logfile created on: 21.06.2012 23:11:12 - Run 1
OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\Huupsi\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,92 Gb Total Physical Memory | 3,46 Gb Available Physical Memory | 58,42% Memory free
11,83 Gb Paging File | 9,36 Gb Available in Paging File | 79,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683,89 Gb Total Space | 401,75 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 15,58 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 291,76 Gb Free Space | 62,64% Space Free | Partition Type: NTFS
Drive Y: | 14,65 Gb Total Space | 6,51 Gb Free Space | 44,45% Space Free | Partition Type: NTFS
 
Computer Name: HUUPSI-PC | User Name: Huupsi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2012.06.21 19:44:06 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Huupsi\Desktop\OTL.exe
PRC - [2012.05.09 11:38:54 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 11:38:48 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.09 11:38:47 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.05.09 11:38:47 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 11:38:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011.03.14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2011.02.19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.02.18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.03.15 10:31:20 | 000,146,432 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe
PRC - [2009.12.09 15:49:38 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.07.29 13:43:48 | 000,258,100 | ---- | M] (ZF Electronics GmbH) -- C:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe
PRC - [2009.05.28 07:58:38 | 000,585,774 | ---- | M] (ZF Electronics GmbH) -- C:\Program Files (x86)\Cherry\CDI\cdi.exe
PRC - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
PRC - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 19:54:32 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.06.14 19:54:21 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 19:54:15 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 19:54:05 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.05.14 09:49:35 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.14 09:48:21 | 000,689,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\7ad858343df4d35cd393b6263608a70a\System.Data.SqlServerCe.ni.dll
MOD - [2012.05.14 08:48:22 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.05.14 08:48:08 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012.05.14 08:48:08 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012.05.14 08:48:07 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.05.14 08:47:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.14 08:47:26 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.14 08:47:23 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.14 08:47:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.14 08:47:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.02.19 10:37:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010.12.17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010.11.25 05:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010.11.21 05:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.09 15:49:38 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2006.02.22 15:47:44 | 000,073,728 | R--- | M] () -- C:\Program Files (x86)\Cherry\KeyMan\zlib1.dll
MOD - [2006.02.22 15:47:16 | 000,114,688 | R--- | M] () -- C:\Program Files (x86)\Cherry\KeyMan\libpng13.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - [2010.09.27 16:42:04 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.18 22:53:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 11:38:54 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 11:38:48 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.09 11:38:47 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.05.09 11:38:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011.06.18 15:27:16 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2011.06.16 17:59:51 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2011.06.16 17:59:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.02.19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.12.21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.12.17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.12.17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.11.29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV - [2010.11.25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 21:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.28 07:58:38 | 000,585,774 | ---- | M] (ZF Electronics GmbH) [On_Demand | Running] -- C:\Program Files (x86)\Cherry\CDI\cdi.exe -- (Cherry Device Interface)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.10.24 19:38:04 | 000,090,112 | R--- | M] (FGAG) [Auto | Running] -- C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe -- (UniversalCommunicationServer)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.09 11:39:09 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 11:39:09 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.05.09 11:39:08 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.06 18:18:08 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.19 10:37:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.02.11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.01.28 10:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.22 11:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010.12.17 19:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.15 19:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010.12.13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.12.12 16:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2010.12.01 00:02:54 | 000,412,264 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.29 22:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.12 14:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.16 02:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.27 16:42:10 | 000,131,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2010.09.27 16:42:06 | 000,075,648 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2010.09.27 16:42:04 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2010.09.27 16:42:00 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2010.09.27 16:41:58 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.08.12 17:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010.07.13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.27 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2008.09.28 05:09:50 | 000,032,408 | ---- | M] (simonowen.com) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdrawcmd.sys -- (fdrawcmd)
DRV:64bit: - [2007.08.13 20:51:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2006.08.25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2012.04.10 21:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV - [2011.09.06 18:18:08 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{BAA0E733-EE70-4D55-8A8D-C1C59E0B886E}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BAA0E733-EE70-4D55-8A8D-C1C59E0B886E}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.farbenmix.de/index.php?option=com_fireboard&Itemid=516&func=showcat&catid=10&lang=de
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_deDE436
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.huups.de"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.18 22:53:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.18 22:53:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.06.18 16:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huupsi\AppData\Roaming\mozilla\Extensions
[2012.05.02 16:23:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huupsi\AppData\Roaming\mozilla\Firefox\Profiles\vcr2a0xg.default\extensions
[2011.11.11 22:42:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.06.19 23:22:48 | 000,060,609 | ---- | M] () (No name found) -- C:\USERS\HUUPSI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VCR2A0XG.DEFAULT\EXTENSIONS\{3335F91D-2AEF-4097-B831-C96C60349822}.XPI
[2012.06.18 22:53:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.04.30 12:14:01 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.30 12:14:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.30 12:14:01 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.30 12:14:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.30 12:14:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.30 12:14:01 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CherryKeyMan] C:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe (ZF Electronics GmbH)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [yjokg9tgkq] C:\Users\Huupsi\yjokg9tgkq.exe File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D99F7F1-DF49-4C61-9323-EA7994DC6A7E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F5AD15C-E44F-4319-A76C-255BA3112202}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.29 11:54:30 | 000,595,304 | R--- | M] (DisplayLink Corp.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.03.29 11:54:30 | 000,000,268 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk F:\
O32 - Unable to obtain root file information for disk Y:\
O33 - MountPoints2\{95d0a5c2-976c-11e0-973b-14feb5b3857f}\Shell - "" = AutoRun
O33 - MountPoints2\{95d0a5c2-976c-11e0-973b-14feb5b3857f}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.03.29 11:54:30 | 000,595,304 | R--- | M] (DisplayLink Corp.)
O33 - MountPoints2\{95d0a668-976c-11e0-973b-14feb5b3857f}\Shell - "" = AutoRun
O33 - MountPoints2\{95d0a668-976c-11e0-973b-14feb5b3857f}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.03.29 11:54:30 | 000,595,304 | R--- | M] (DisplayLink Corp.)
O33 - MountPoints2\{9c71d8b9-9788-11e0-9e74-14feb5b3857f}\Shell - "" = AutoRun
O33 - MountPoints2\{9c71d8b9-9788-11e0-9e74-14feb5b3857f}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010.03.29 11:54:30 | 000,595,304 | R--- | M] (DisplayLink Corp.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.21 19:44:06 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Huupsi\Desktop\OTL.exe
[2012.06.21 19:43:33 | 000,000,000 | ---D | C] -- C:\Users\Huupsi\Desktop\virenscanner
[2012.06.21 17:53:52 | 000,000,000 | ---D | C] -- C:\Users\Huupsi\AppData\Roaming\Avira
[2012.06.21 17:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.06.21 17:50:24 | 000,139,360 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys
[2012.06.21 17:50:24 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.06.21 17:50:24 | 000,114,128 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys
[2012.06.21 17:50:24 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.06.21 17:50:24 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.06.21 17:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.06.21 17:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.06.19 23:25:31 | 000,000,000 | ---D | C] -- C:\Users\Huupsi\AppData\Roaming\Malwarebytes
[2012.06.19 23:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.19 23:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.19 23:25:19 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.19 23:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.19 23:20:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.06.19 23:20:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.06.14 20:27:28 | 000,000,000 | ---D | C] -- C:\Users\Huupsi\Desktop\Ebooks - Sommerkram
[2012.06.12 13:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.12 13:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.06.12 13:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.06.12 13:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.06.09 11:19:16 | 000,000,000 | ---D | C] -- C:\Users\Huupsi\Desktop\260-shorty
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.21 23:18:15 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 23:07:56 | 000,000,000 | ---- | M] () -- C:\Users\Huupsi\defogger_reenable
[2012.06.21 22:17:43 | 000,662,020 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.21 22:17:43 | 000,125,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.21 22:17:42 | 001,645,462 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.21 22:17:42 | 000,708,464 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.21 22:17:42 | 000,153,660 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.21 22:17:33 | 000,000,276 | ---- | M] () -- C:\Windows\password.klc
[2012.06.21 19:44:06 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Huupsi\Desktop\OTL.exe
[2012.06.21 18:55:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.21 18:15:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 18:14:58 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 18:14:58 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 18:06:53 | 469,372,927 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.21 17:56:32 | 000,001,536 | ---- | M] () -- C:\Users\Huupsi\Desktop\HBEDV.KEY
[2012.06.21 17:50:27 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.06.21 17:01:48 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.06.20 13:45:28 | 2933,899,831 | ---- | M] () -- C:\Users\Huupsi\mailptbz.tbk
[2012.06.20 13:29:37 | 1506,878,713 | ---- | M] () -- C:\Users\Huupsi\sicherungmail.tbk
[2012.06.19 23:25:25 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.19 21:18:45 | 000,312,835 | ---- | M] () -- C:\Users\Huupsi\Desktop\janome.GIF
[2012.06.19 19:48:16 | 000,078,543 | ---- | M] () -- C:\Users\Huupsi\Desktop\file_141_5.jpg
[2012.06.19 19:47:53 | 000,070,349 | ---- | M] () -- C:\Users\Huupsi\Desktop\file_139_8.jpg
[2012.06.14 19:53:25 | 003,293,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.12 13:26:16 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.09 13:49:07 | 000,018,068 | ---- | M] () -- C:\Users\Huupsi\Liquidschilder.CDR
[2012.06.09 12:56:59 | 000,018,148 | ---- | M] () -- C:\Users\Huupsi\Sicherungskopie_von_Liquidschilder.CDR
[2012.06.09 11:18:37 | 001,196,716 | ---- | M] () -- C:\Users\Huupsi\Desktop\260-shorty.zip
[2012.05.29 20:57:04 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.05.23 14:33:36 | 000,000,276 | ---- | M] () -- C:\password.klc
 
========== Files Created - No Company Name ==========
 
[2012.06.21 23:07:56 | 000,000,000 | ---- | C] () -- C:\Users\Huupsi\defogger_reenable
[2012.06.21 22:30:54 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000001.@
[2012.06.21 17:56:32 | 000,001,536 | ---- | C] () -- C:\Users\Huupsi\Desktop\HBEDV.KEY
[2012.06.21 17:50:27 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.06.20 13:36:21 | 2933,899,831 | ---- | C] () -- C:\Users\Huupsi\mailptbz.tbk
[2012.06.20 13:26:00 | 1506,878,713 | ---- | C] () -- C:\Users\Huupsi\sicherungmail.tbk
[2012.06.19 23:25:25 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.19 21:18:45 | 000,312,835 | ---- | C] () -- C:\Users\Huupsi\Desktop\janome.GIF
[2012.06.19 19:48:16 | 000,078,543 | ---- | C] () -- C:\Users\Huupsi\Desktop\file_141_5.jpg
[2012.06.19 19:47:51 | 000,070,349 | ---- | C] () -- C:\Users\Huupsi\Desktop\file_139_8.jpg
[2012.06.12 13:26:16 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.09 13:49:07 | 000,018,148 | ---- | C] () -- C:\Users\Huupsi\Sicherungskopie_von_Liquidschilder.CDR
[2012.06.09 12:56:59 | 000,018,068 | ---- | C] () -- C:\Users\Huupsi\Liquidschilder.CDR
[2012.06.09 11:19:10 | 001,196,716 | ---- | C] () -- C:\Users\Huupsi\Desktop\260-shorty.zip
[2012.01.11 13:43:55 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2012.01.11 13:43:55 | 000,002,048 | -HS- | C] () -- C:\Users\Huupsi\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2011.07.27 15:25:59 | 000,001,004 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011.07.17 20:11:40 | 000,300,052 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.06.19 00:17:17 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.06.18 17:08:05 | 000,000,094 | ---- | C] () -- C:\Users\Huupsi\AppData\Local\fusioncache.dat
[2011.06.18 16:11:43 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.18 14:12:17 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011.06.18 14:12:17 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011.06.18 14:12:17 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011.06.18 14:12:17 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011.06.18 14:12:17 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011.06.18 14:12:17 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011.06.18 14:12:17 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011.06.18 14:12:17 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011.06.18 14:12:17 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011.06.18 14:12:17 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011.06.18 14:12:17 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011.06.18 14:12:17 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011.06.18 14:12:17 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011.06.18 14:12:17 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011.06.18 14:12:17 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011.06.18 14:12:17 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011.06.18 14:12:17 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011.06.18 14:12:17 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011.06.18 14:12:17 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011.06.18 13:41:12 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.06.16 15:01:34 | 000,000,120 | ---- | C] () -- C:\Windows\WINRESAZ.INI
[2011.06.08 05:36:17 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.06.08 05:35:29 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.06.08 05:35:27 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.06.08 05:35:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 19:45:27 | 001,623,356 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2011.07.08 14:19:08 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Amazon
[2011.06.16 22:50:13 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\AntispamSniper
[2012.04.11 13:37:18 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Artisteer
[2012.05.10 11:59:55 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Audacity
[2011.12.06 13:07:48 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Canon
[2011.09.07 17:04:45 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Cherry
[2011.06.26 15:12:26 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\CrypTool
[2011.09.27 17:25:12 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\EMBIRD32
[2011.06.22 14:43:48 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\EMBIRD32_STUDIO_N
[2012.02.25 12:37:32 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Fingertapps
[2012.05.18 21:19:30 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\Guitar Pro 6
[2011.06.25 15:27:34 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\PCDr
[2011.07.20 10:18:21 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\PhotoSync
[2012.02.16 22:04:41 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\SoftGrid Client
[2012.06.21 22:31:04 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\The Bat!
[2011.07.01 20:43:53 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\TP
[2011.06.16 18:50:32 | 000,000,000 | ---D | M] -- C:\Users\Huupsi\AppData\Roaming\WindSolutions
[2012.05.29 20:57:04 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.06.17 12:32:50 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.21 17:01:48 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
 
========== Purity Check ==========
 
 

< End of report >
         
und hier die extras.txt

Code:
ATTFilter
 

OTL Extras logfile created on: 21.06.2012 23:11:13 - Run 1
OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\Huupsi\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,92 Gb Total Physical Memory | 3,46 Gb Available Physical Memory | 58,42% Memory free
11,83 Gb Paging File | 9,36 Gb Available in Paging File | 79,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683,89 Gb Total Space | 401,75 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive E: | 15,58 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 291,76 Gb Free Space | 62,64% Space Free | Partition Type: NTFS
Drive Y: | 14,65 Gb Total Space | 6,51 Gb Free Space | 44,45% Space Free | Partition Type: NTFS
 
Computer Name: HUUPSI-PC | User Name: Huupsi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe ()
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.21
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D92C2B8D-F372-4920-BDB3-AA0BDD613BC2}" = PhotoSync
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6 Demo
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17407164-F2AD-4E04-886B-8060D503F21C}" = Dell MusicStage
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1919D96B-79F5-465E-8D81-1C22C9A7CD57}" = BERNINA Embroidery Software 5.0X
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{381D847E-7E56-4E82-B261-F799E0F40EB4}" = PHOTOfunSTUDIO 4.0 HD Edition
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65DD4BD7-0C32-4E73-9EC4-4EFDCA2BCF56}" = Embroidery Software
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{901B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2F25F71-D920-4288-A548-54CD253DEF14}" = SILKYPIX Developer Studio 3.0 SE
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}" = BERNINA Universal Communication Server
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC627AE5-A2B1-4D16-AF56-178D10EC3E81}" = KeyMan V4.0 Build 5
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEEAD4E1-64C9-41BE-9A16-66EF51E42BD6}" = The Bat! Professional v5.0.20
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F57269-065E-4B19-8CDA-AB6C401FAF1A}" = Dell Stage
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AntispamSniper for TheBat!" = AntispamSniper for TheBat!
"Artisteer 2" = Artisteer 2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AudibleDownloadManager" = Audible Download Manager
"Avira AntiVir Desktop" = Avira Professional Security
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CrypTool" = CrypTool 1.4.30
"Dell Webcam Central" = Dell Webcam Central
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Embird 2010" = Embird 2010
"fdrawcmd" = Fdrawcmd.sys 1.0.1.10
"Gitarrero Notenmeister" = Gitarrero Notenmeister
"InstallShield_{B2F25F71-D920-4288-A548-54CD253DEF14}" = SILKYPIX Developer Studio 3.0 SE
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Samsung CLX-3170 Series" = Samsung CLX-3170 Series
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.06.2012 15:11:09 | Computer Name = Huupsi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 13.06.2012 15:11:09 | Computer Name = Huupsi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 999
 
Error - 13.06.2012 15:11:09 | Computer Name = Huupsi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error - 13.06.2012 16:43:32 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2012 03:04:57 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2012 03:38:47 | Computer Name = Huupsi-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 14.06.2012 13:53:03 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2012 13:55:01 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2012 14:01:19 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.06.2012 06:04:18 | Computer Name = Huupsi-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Dell Events ]
Error - 01.09.2011 06:03:40 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:25:19 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:25:19 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:26:53 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:26:53 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:30:50 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:30:50 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:31:29 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:31:29 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 07.09.2011 12:31:49 | Computer Name = Huupsi-PC | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ System Events ]
Error - 21.06.2012 11:38:55 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 21.06.2012 11:51:07 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 21.06.2012 11:51:45 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 21.06.2012 12:07:32 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 21.06.2012 12:07:32 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 21.06.2012 12:07:32 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 21.06.2012 12:07:32 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 21.06.2012 12:07:34 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 21.06.2012 12:15:33 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 21.06.2012 12:16:03 | Computer Name = Huupsi-PC | Source = Service Control Manager | ID = 7011
Description = 
 
 
< End of report >
         

Dann noch von Malwarebytes Reports von gestern:

Code:
ATTFilter
 
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Huupsi :: HUUPSI-PC [Administrator]

Schutz: Aktiviert

19.06.2012 23:26:03
mbam-log-2012-06-19 (23-26-03).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 38052
Laufzeit: 1 Minute(n), 15 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Huupsi\AppData\Roaming\ntuser.dat (Misused.Legit) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

-----------


 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Huupsi :: HUUPSI-PC [Administrator]

Schutz: Aktiviert

19.06.2012 23:35:10
mbam-log-2012-06-19 (23-35-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 246836
Laufzeit: 9 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Daten: C:\Windows\system32\regedit.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Windows\System32\regedit.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
----------
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Huupsi :: HUUPSI-PC [Administrator]

Schutz: Aktiviert

20.06.2012 00:04:33
mbam-log-2012-06-20 (00-04-33).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 877885
Laufzeit: 5 Stunde(n), 45 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Und hier noch von jetzt

Code:
ATTFilter
 
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Huupsi :: HUUPSI-PC [Administrator]

Schutz: Deaktiviert

21.06.2012 23:34:20
mbam-log-2012-06-21 (23-34-20).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 241689
Laufzeit: 3 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 22.06.2012, 00:25   #2
Psychotic
/// Malwareteam
 
Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Standard

Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.





Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
  1. Bitte arbeite alle Schritte der Reihe nach ab.
  2. Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
  3. Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
  4. Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
  5. Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
  6. Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

    ...und ganz wichtig:

  7. Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).


Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.



Schritt 1: Scan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Klicke Change parameters, wähle Detect TDLFS file system, klicke OK.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.




Schritt 2: aswMBR



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
__________________

__________________

Alt 22.06.2012, 12:15   #3
Jemi
 
Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Standard

Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.



Hallo Psychotic,

Du ahnst wahrscheinlich wie sehr ich mich über Deine Hilfe freue! Ich finde es unglaublich, dass Du schon gestern abend reagiert hast. Da lag ich aber leider schon im Bett. Hätte ich es gewusst, wäre ich am Rechner geblieben.
Ich habe beides gemacht und hänge die Logs unten an.

Um die Logs hier zu schreiben und etwas herunterzuladen muss ich allerdings immer wieder mit dem Rechner online gehen... Avira schlägt da jedesmal an ..
Eine Firewall bekomme ich zur Zeit einfach nicht in Gang, allerdings hänge ich im Netzwerk und der Router hat eine nach draußen.
LG Jemi



Code:
ATTFilter
 
11:48:57.0956 5700	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
11:48:58.0065 5700	============================================================
11:48:58.0065 5700	Current date / time: 2012/06/22 11:48:58.0065
11:48:58.0065 5700	SystemInfo:
11:48:58.0065 5700	
11:48:58.0673 5700	OS Version: 6.1.7601 ServicePack: 1.0
11:48:58.0673 5700	Product type: Workstation
11:48:58.0673 5700	ComputerName: HUUPSI-PC
11:48:58.0673 5700	UserName: Huupsi
11:48:58.0673 5700	Windows directory: C:\Windows
11:48:58.0673 5700	System windows directory: C:\Windows
11:48:58.0673 5700	Running under WOW64
11:48:58.0673 5700	Processor architecture: Intel x64
11:48:58.0673 5700	Number of processors: 8
11:48:58.0673 5700	Page size: 0x1000
11:48:58.0673 5700	Boot type: Normal boot
11:48:58.0673 5700	============================================================
11:48:59.0344 5700	Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:48:59.0360 5700	Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:48:59.0391 5700	============================================================
11:48:59.0391 5700	\Device\Harddisk0\DR0:
11:48:59.0391 5700	MBR partitions:
11:48:59.0391 5700	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x1D4C000
11:48:59.0391 5700	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7F000, BlocksNum 0x557C6EF0
11:48:59.0391 5700	\Device\Harddisk1\DR1:
11:48:59.0391 5700	MBR partitions:
11:48:59.0391 5700	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
11:48:59.0391 5700	============================================================
11:48:59.0485 5700	C: <-> \Device\Harddisk0\DR0\Partition1
11:48:59.0500 5700	F: <-> \Device\Harddisk1\DR1\Partition0
11:48:59.0500 5700	============================================================
11:48:59.0500 5700	Initialize success
11:48:59.0500 5700	============================================================
11:49:35.0411 4372	============================================================
11:49:35.0411 4372	Scan started
11:49:35.0411 4372	Mode: Manual; TDLFS; 
11:49:35.0411 4372	============================================================
11:49:36.0035 4372	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:49:36.0082 4372	1394ohci - ok
11:49:36.0129 4372	Acceler         (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
11:49:36.0129 4372	Acceler - ok
11:49:36.0207 4372	ACDaemon        (769db4f484957cc98153b3c1b5d1162f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:49:36.0269 4372	ACDaemon - ok
11:49:36.0363 4372	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:49:36.0363 4372	ACPI - ok
11:49:36.0394 4372	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:49:36.0394 4372	AcpiPmi - ok
11:49:36.0457 4372	adfs            (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
11:49:36.0457 4372	adfs - ok
11:49:36.0597 4372	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:49:36.0613 4372	AdobeARMservice - ok
11:49:36.0753 4372	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:49:36.0815 4372	adp94xx - ok
11:49:36.0878 4372	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:49:36.0893 4372	adpahci - ok
11:49:36.0940 4372	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:49:36.0971 4372	adpu320 - ok
11:49:37.0049 4372	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:49:37.0049 4372	AeLookupSvc - ok
11:49:37.0455 4372	AERTFilters     (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:49:37.0471 4372	AERTFilters - ok
11:49:37.0939 4372	Afc             (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
11:49:37.0954 4372	Afc - ok
11:49:38.0032 4372	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:49:38.0110 4372	AFD - ok
11:49:38.0204 4372	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:49:38.0219 4372	agp440 - ok
11:49:38.0282 4372	aksdf           (94c0972b06c75456ed574dd46417b1d8) C:\Windows\system32\drivers\aksdf.sys
11:49:38.0297 4372	aksdf - ok
11:49:38.0500 4372	aksfridge       (7b0bc062ca6abab23f88ea483b5a538e) C:\Windows\system32\DRIVERS\aksfridge.sys
11:49:38.0563 4372	aksfridge - ok
11:49:38.0609 4372	akshasp         (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
11:49:38.0609 4372	akshasp - ok
11:49:38.0641 4372	akshhl          (67dff8c8f95cb21c9c3380dd4c0387f2) C:\Windows\system32\DRIVERS\akshhl.sys
11:49:38.0656 4372	akshhl - ok
11:49:38.0703 4372	aksusb          (a9a09bc526e614ce9f29bb23c2a76ced) C:\Windows\system32\DRIVERS\aksusb.sys
11:49:38.0719 4372	aksusb - ok
11:49:38.0734 4372	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:49:38.0750 4372	ALG - ok
11:49:38.0797 4372	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:49:38.0797 4372	aliide - ok
11:49:38.0812 4372	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:49:38.0812 4372	amdide - ok
11:49:38.0875 4372	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:49:38.0890 4372	AmdK8 - ok
11:49:38.0921 4372	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:49:38.0937 4372	AmdPPM - ok
11:49:39.0124 4372	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:49:39.0171 4372	amdsata - ok
11:49:39.0218 4372	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:49:39.0233 4372	amdsbs - ok
11:49:39.0249 4372	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:49:39.0249 4372	amdxata - ok
11:49:39.0967 4372	AntiVirMailService (56beb1292dc71e49c824455ec582bfce) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
11:49:39.0998 4372	AntiVirMailService - ok
11:49:40.0060 4372	AntiVirSchedulerService (7abe4092c35e7d4596487dfa075d84e1) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:49:40.0060 4372	AntiVirSchedulerService - ok
11:49:40.0138 4372	AntiVirService  (5a37ffa608ae126c9702f5c07e07fc08) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:49:40.0138 4372	AntiVirService - ok
11:49:40.0216 4372	AntiVirWebService (5f2f39626586536ca86f402a1c947463) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
11:49:40.0232 4372	AntiVirWebService - ok
11:49:40.0279 4372	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:49:40.0279 4372	AppID - ok
11:49:40.0310 4372	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:49:40.0325 4372	AppIDSvc - ok
11:49:40.0341 4372	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:49:40.0341 4372	Appinfo - ok
11:49:40.0528 4372	Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:49:40.0544 4372	Apple Mobile Device - ok
11:49:40.0669 4372	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:49:40.0684 4372	AppMgmt - ok
11:49:40.0762 4372	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:49:40.0778 4372	arc - ok
11:49:40.0809 4372	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:49:40.0825 4372	arcsas - ok
11:49:40.0934 4372	aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:49:40.0965 4372	aspnet_state - ok
11:49:40.0981 4372	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:49:40.0996 4372	AsyncMac - ok
11:49:41.0027 4372	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:49:41.0027 4372	atapi - ok
11:49:41.0121 4372	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:49:41.0215 4372	AudioEndpointBuilder - ok
11:49:41.0230 4372	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:49:41.0230 4372	AudioSrv - ok
11:49:41.0371 4372	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
11:49:41.0402 4372	avgntflt - ok
11:49:41.0620 4372	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
11:49:41.0636 4372	avipbb - ok
11:49:41.0667 4372	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
11:49:41.0667 4372	avkmgr - ok
11:49:41.0729 4372	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:49:41.0745 4372	AxInstSV - ok
11:49:41.0854 4372	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:49:41.0885 4372	b06bdrv - ok
11:49:41.0932 4372	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:49:41.0948 4372	b57nd60a - ok
11:49:41.0979 4372	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:49:41.0995 4372	BDESVC - ok
11:49:42.0057 4372	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:49:42.0057 4372	Beep - ok
11:49:42.0416 4372	bgsvcgen        (acc9c8c560c567fad6f79c977ab2ea09) C:\Windows\SysWOW64\bgsvcgen.exe
11:49:42.0431 4372	bgsvcgen - ok
11:49:42.0603 4372	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:49:42.0634 4372	BITS - ok
11:49:42.0681 4372	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:49:42.0697 4372	blbdrive - ok
11:49:42.0884 4372	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:49:42.0899 4372	Bonjour Service - ok
11:49:42.0977 4372	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:49:42.0993 4372	bowser - ok
11:49:43.0118 4372	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:49:43.0118 4372	BrFiltLo - ok
11:49:43.0133 4372	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:49:43.0149 4372	BrFiltUp - ok
11:49:43.0196 4372	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:49:43.0196 4372	Browser - ok
11:49:43.0258 4372	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:49:43.0274 4372	Brserid - ok
11:49:43.0289 4372	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:49:43.0321 4372	BrSerWdm - ok
11:49:43.0336 4372	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:49:43.0336 4372	BrUsbMdm - ok
11:49:43.0367 4372	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:49:43.0367 4372	BrUsbSer - ok
11:49:43.0383 4372	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:49:43.0399 4372	BTHMODEM - ok
11:49:43.0461 4372	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:49:43.0477 4372	bthserv - ok
11:49:43.0555 4372	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:49:43.0570 4372	cdfs - ok
11:49:43.0601 4372	cdrbsdrv        (9edd76d0800a022ae10b9243d0224e72) C:\Windows\system32\drivers\cdrbsdrv.sys
11:49:43.0617 4372	cdrbsdrv - ok
11:49:43.0664 4372	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:49:43.0679 4372	cdrom - ok
11:49:43.0711 4372	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:49:43.0711 4372	CertPropSvc - ok
11:49:43.0929 4372	Cherry Device Interface (280969d43fe354f87bed6ee1d5223141) C:\Program Files (x86)\Cherry\CDI\cdi.exe
11:49:43.0945 4372	Cherry Device Interface - ok
11:49:43.0976 4372	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:49:43.0991 4372	circlass - ok
11:49:44.0101 4372	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:49:44.0101 4372	CLFS - ok
11:49:44.0303 4372	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:49:44.0350 4372	clr_optimization_v2.0.50727_32 - ok
11:49:44.0475 4372	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:49:44.0491 4372	clr_optimization_v2.0.50727_64 - ok
11:49:44.0584 4372	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:49:44.0584 4372	clr_optimization_v4.0.30319_32 - ok
11:49:44.0647 4372	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:49:44.0662 4372	clr_optimization_v4.0.30319_64 - ok
11:49:44.0709 4372	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:49:44.0709 4372	CmBatt - ok
11:49:44.0725 4372	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:49:44.0740 4372	cmdide - ok
11:49:44.0834 4372	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:49:44.0849 4372	CNG - ok
11:49:44.0896 4372	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:49:44.0912 4372	Compbatt - ok
11:49:44.0974 4372	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:49:44.0974 4372	CompositeBus - ok
11:49:45.0005 4372	COMSysApp - ok
11:49:45.0052 4372	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:49:45.0052 4372	crcdisk - ok
11:49:45.0115 4372	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:49:45.0146 4372	CryptSvc - ok
11:49:45.0255 4372	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:49:45.0333 4372	CSC - ok
11:49:45.0380 4372	CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
11:49:45.0395 4372	CscService - ok
11:49:45.0458 4372	CtClsFlt        (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:49:45.0505 4372	CtClsFlt - ok
11:49:45.0785 4372	cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:49:45.0801 4372	cvhsvc - ok
11:49:45.0926 4372	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:49:45.0941 4372	DcomLaunch - ok
11:49:45.0988 4372	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:49:46.0035 4372	defragsvc - ok
11:49:46.0097 4372	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:49:46.0097 4372	DfsC - ok
11:49:46.0113 4372	DgiVecp - ok
11:49:46.0160 4372	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:49:46.0160 4372	Dhcp - ok
11:49:46.0191 4372	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:49:46.0191 4372	discache - ok
11:49:46.0222 4372	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:49:46.0238 4372	Disk - ok
11:49:46.0285 4372	DisplayLinkUsbPort - ok
11:49:46.0300 4372	dlcdbus - ok
11:49:46.0534 4372	dmvsc           (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
11:49:46.0550 4372	dmvsc - ok
11:49:46.0597 4372	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:49:46.0597 4372	Dnscache - ok
11:49:46.0643 4372	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:49:46.0659 4372	dot3svc - ok
11:49:46.0846 4372	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:49:46.0846 4372	DPS - ok
11:49:46.0909 4372	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:49:46.0909 4372	drmkaud - ok
11:49:47.0018 4372	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:49:47.0049 4372	DXGKrnl - ok
11:49:47.0252 4372	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:49:47.0252 4372	EapHost - ok
11:49:47.0517 4372	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:49:47.0657 4372	ebdrv - ok
11:49:47.0845 4372	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:49:47.0845 4372	EFS - ok
11:49:48.0406 4372	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:49:48.0484 4372	ehRecvr - ok
11:49:48.0547 4372	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:49:48.0578 4372	ehSched - ok
11:49:48.0796 4372	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:49:48.0859 4372	elxstor - ok
11:49:48.0874 4372	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:49:48.0890 4372	ErrDev - ok
11:49:48.0952 4372	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:49:48.0952 4372	EventSystem - ok
11:49:49.0217 4372	EvtEng          (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:49:49.0389 4372	EvtEng - ok
11:49:49.0810 4372	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:49:49.0873 4372	exfat - ok
11:49:49.0919 4372	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:49:49.0982 4372	fastfat - ok
11:49:50.0107 4372	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:49:50.0122 4372	Fax - ok
11:49:50.0153 4372	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:49:50.0153 4372	fdc - ok
11:49:50.0185 4372	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:49:50.0185 4372	fdPHost - ok
11:49:50.0231 4372	fdrawcmd        (bc748e5a5e6b2ef1f11cd2c43b41394f) C:\Windows\system32\drivers\fdrawcmd.sys
11:49:50.0247 4372	fdrawcmd - ok
11:49:50.0278 4372	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:49:50.0294 4372	FDResPub - ok
11:49:50.0356 4372	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:49:50.0372 4372	FileInfo - ok
11:49:50.0434 4372	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:49:50.0481 4372	Filetrace - ok
11:49:50.0731 4372	FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:49:50.0777 4372	FLEXnet Licensing Service - ok
11:49:51.0074 4372	FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:49:51.0167 4372	FLEXnet Licensing Service 64 - ok
11:49:51.0464 4372	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:49:51.0495 4372	flpydisk - ok
11:49:51.0573 4372	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:49:51.0620 4372	FltMgr - ok
11:49:51.0979 4372	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:49:51.0994 4372	FontCache - ok
11:49:52.0072 4372	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:49:52.0088 4372	FontCache3.0.0.0 - ok
11:49:52.0213 4372	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:49:52.0228 4372	FsDepends - ok
11:49:52.0322 4372	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:49:52.0337 4372	Fs_Rec - ok
11:49:52.0400 4372	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:49:52.0415 4372	fvevol - ok
11:49:52.0447 4372	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:49:52.0462 4372	gagp30kx - ok
11:49:52.0571 4372	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:49:52.0649 4372	GEARAspiWDM - ok
11:49:52.0774 4372	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:49:52.0821 4372	gpsvc - ok
11:49:52.0993 4372	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:49:52.0993 4372	gupdate - ok
11:49:53.0024 4372	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:49:53.0024 4372	gupdatem - ok
11:49:53.0055 4372	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:49:53.0117 4372	gusvc - ok
11:49:53.0242 4372	hardlock        (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
11:49:53.0351 4372	hardlock - ok
11:49:53.0351 4372	hasplms - ok
11:49:53.0429 4372	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:49:53.0429 4372	hcw85cir - ok
11:49:53.0476 4372	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:49:53.0492 4372	HDAudBus - ok
11:49:53.0554 4372	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:49:53.0585 4372	HidBatt - ok
11:49:53.0617 4372	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:49:53.0632 4372	HidBth - ok
11:49:53.0679 4372	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:49:53.0679 4372	HidIr - ok
11:49:53.0695 4372	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:49:53.0710 4372	hidserv - ok
11:49:53.0726 4372	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:49:53.0741 4372	HidUsb - ok
11:49:53.0819 4372	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:49:53.0835 4372	hkmsvc - ok
11:49:53.0944 4372	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:49:54.0007 4372	HomeGroupListener - ok
11:49:54.0100 4372	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:49:54.0116 4372	HomeGroupProvider - ok
11:49:54.0163 4372	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:49:54.0178 4372	HpSAMD - ok
11:49:54.0256 4372	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:49:54.0319 4372	HTTP - ok
11:49:54.0334 4372	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:49:54.0334 4372	hwpolicy - ok
11:49:54.0366 4372	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:49:54.0366 4372	i8042prt - ok
11:49:54.0428 4372	iaStor          (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
11:49:54.0444 4372	iaStor - ok
11:49:54.0615 4372	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:49:54.0662 4372	iaStorV - ok
11:49:54.0990 4372	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:49:55.0036 4372	IDriverT - ok
11:49:55.0348 4372	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:49:55.0395 4372	idsvc - ok
11:49:56.0472 4372	igfx            (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:49:56.0737 4372	igfx - ok
11:49:56.0877 4372	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:49:56.0908 4372	iirsp - ok
11:49:57.0002 4372	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:49:57.0064 4372	IKEEXT - ok
11:49:57.0142 4372	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
11:49:57.0174 4372	Impcd - ok
11:49:57.0642 4372	IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys
11:49:57.0657 4372	IntcAzAudAddService - ok
11:49:57.0829 4372	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:49:57.0891 4372	IntcDAud - ok
11:49:57.0954 4372	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:49:57.0985 4372	intelide - ok
11:49:58.0032 4372	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:49:58.0032 4372	intelppm - ok
11:49:58.0172 4372	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:49:58.0188 4372	IPBusEnum - ok
11:49:58.0219 4372	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:49:58.0219 4372	IpFilterDriver - ok
11:49:58.0234 4372	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:49:58.0250 4372	IPMIDRV - ok
11:49:58.0281 4372	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:49:58.0281 4372	IPNAT - ok
11:49:58.0453 4372	iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
11:49:58.0468 4372	iPod Service - ok
11:49:58.0484 4372	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:49:58.0500 4372	IRENUM - ok
11:49:58.0531 4372	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:49:58.0562 4372	isapnp - ok
11:49:58.0656 4372	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:49:58.0671 4372	iScsiPrt - ok
11:49:58.0796 4372	JMCR            (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys
11:49:58.0843 4372	JMCR - ok
11:49:58.0905 4372	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:49:58.0905 4372	kbdclass - ok
11:49:58.0968 4372	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:49:58.0968 4372	kbdhid - ok
11:49:58.0999 4372	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:49:58.0999 4372	KeyIso - ok
11:49:59.0014 4372	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:49:59.0030 4372	KSecDD - ok
11:49:59.0092 4372	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:49:59.0108 4372	KSecPkg - ok
11:49:59.0108 4372	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:49:59.0124 4372	ksthunk - ok
11:49:59.0186 4372	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:49:59.0248 4372	KtmRm - ok
11:49:59.0311 4372	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:49:59.0311 4372	LanmanServer - ok
11:49:59.0358 4372	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:49:59.0358 4372	LanmanWorkstation - ok
11:49:59.0404 4372	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:49:59.0420 4372	lltdio - ok
11:49:59.0467 4372	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:49:59.0529 4372	lltdsvc - ok
11:49:59.0592 4372	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:49:59.0607 4372	lmhosts - ok
11:49:59.0623 4372	Lmpcdkm - ok
11:49:59.0888 4372	LMS             (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:49:59.0904 4372	LMS - ok
11:49:59.0950 4372	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:49:59.0966 4372	LSI_FC - ok
11:50:00.0153 4372	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:50:00.0169 4372	LSI_SAS - ok
11:50:00.0216 4372	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:50:00.0231 4372	LSI_SAS2 - ok
11:50:00.0309 4372	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:50:00.0325 4372	LSI_SCSI - ok
11:50:00.0372 4372	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:50:00.0372 4372	luafv - ok
11:50:00.0434 4372	Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
11:50:00.0434 4372	Macromedia Licensing Service - ok
11:50:00.0512 4372	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
11:50:00.0512 4372	MBAMProtector - ok
11:50:00.0684 4372	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:50:00.0699 4372	MBAMService - ok
11:50:00.0824 4372	McMPFSvc - ok
11:50:00.0933 4372	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:50:00.0964 4372	Mcx2Svc - ok
11:50:01.0230 4372	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:50:01.0245 4372	MDM - ok
11:50:01.0308 4372	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:50:01.0323 4372	megasas - ok
11:50:01.0417 4372	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:50:01.0464 4372	MegaSR - ok
11:50:01.0510 4372	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:50:01.0510 4372	MEIx64 - ok
11:50:01.0557 4372	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:50:01.0557 4372	MMCSS - ok
11:50:01.0604 4372	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:50:01.0620 4372	Modem - ok
11:50:01.0666 4372	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:50:01.0666 4372	monitor - ok
11:50:01.0729 4372	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:50:01.0744 4372	mouclass - ok
11:50:01.0807 4372	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:50:01.0807 4372	mouhid - ok
11:50:01.0854 4372	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:50:01.0869 4372	mountmgr - ok
11:50:02.0010 4372	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:50:02.0041 4372	MozillaMaintenance - ok
11:50:02.0056 4372	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:50:02.0119 4372	mpio - ok
11:50:02.0150 4372	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:50:02.0150 4372	mpsdrv - ok
11:50:02.0181 4372	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:50:02.0228 4372	MRxDAV - ok
11:50:02.0275 4372	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:50:02.0290 4372	mrxsmb - ok
11:50:02.0431 4372	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:50:02.0462 4372	mrxsmb10 - ok
11:50:02.0540 4372	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:50:02.0556 4372	mrxsmb20 - ok
11:50:02.0618 4372	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:50:02.0649 4372	msahci - ok
11:50:02.0665 4372	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:50:02.0680 4372	msdsm - ok
11:50:02.0790 4372	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:50:02.0805 4372	MSDTC - ok
11:50:02.0930 4372	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:50:02.0992 4372	Msfs - ok
11:50:03.0039 4372	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:50:03.0039 4372	mshidkmdf - ok
11:50:03.0117 4372	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:50:03.0133 4372	msisadrv - ok
11:50:03.0164 4372	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:50:03.0211 4372	MSiSCSI - ok
11:50:03.0211 4372	msiserver - ok
11:50:03.0258 4372	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:50:03.0258 4372	MSKSSRV - ok
11:50:03.0273 4372	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:50:03.0289 4372	MSPCLOCK - ok
11:50:03.0289 4372	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:50:03.0289 4372	MSPQM - ok
11:50:03.0367 4372	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:50:03.0382 4372	MsRPC - ok
11:50:03.0414 4372	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:50:03.0414 4372	mssmbios - ok
11:50:03.0445 4372	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:50:03.0445 4372	MSTEE - ok
11:50:03.0492 4372	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:50:03.0492 4372	MTConfig - ok
11:50:03.0523 4372	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:50:03.0523 4372	Mup - ok
11:50:03.0741 4372	MyWiFiDHCPDNS   (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:50:03.0819 4372	MyWiFiDHCPDNS - ok
11:50:03.0882 4372	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:50:03.0882 4372	napagent - ok
11:50:03.0960 4372	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:50:04.0022 4372	NativeWifiP - ok
11:50:04.0162 4372	NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:50:04.0178 4372	NDIS - ok
11:50:04.0194 4372	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:50:04.0209 4372	NdisCap - ok
11:50:04.0256 4372	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:50:04.0303 4372	NdisTapi - ok
11:50:04.0318 4372	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:50:04.0350 4372	Ndisuio - ok
11:50:04.0412 4372	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:50:04.0443 4372	NdisWan - ok
11:50:04.0474 4372	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:50:04.0490 4372	NDProxy - ok
11:50:04.0537 4372	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:50:04.0552 4372	NetBIOS - ok
11:50:04.0599 4372	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:50:04.0646 4372	NetBT - ok
11:50:04.0693 4372	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:50:04.0693 4372	Netlogon - ok
11:50:04.0755 4372	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:50:04.0771 4372	Netman - ok
11:50:04.0989 4372	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:05.0020 4372	NetMsmqActivator - ok
11:50:05.0036 4372	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:05.0036 4372	NetPipeActivator - ok
11:50:05.0098 4372	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:50:05.0098 4372	netprofm - ok
11:50:05.0114 4372	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:05.0114 4372	NetTcpActivator - ok
11:50:05.0114 4372	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:05.0130 4372	NetTcpPortSharing - ok
11:50:05.0223 4372	netvsc          (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
11:50:05.0239 4372	netvsc - ok
11:50:05.0878 4372	NETwNs64        (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:50:06.0050 4372	NETwNs64 - ok
11:50:06.0331 4372	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:50:06.0346 4372	nfrd960 - ok
11:50:06.0409 4372	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:50:06.0424 4372	NlaSvc - ok
11:50:06.0924 4372	NOBU            (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
11:50:07.0002 4372	NOBU - ok
11:50:07.0126 4372	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:50:07.0142 4372	Npfs - ok
11:50:07.0204 4372	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:50:07.0204 4372	nsi - ok
11:50:07.0236 4372	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:50:07.0236 4372	nsiproxy - ok
11:50:07.0485 4372	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:50:07.0579 4372	Ntfs - ok
11:50:07.0704 4372	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:50:07.0704 4372	Null - ok
11:50:07.0782 4372	nusb3hub        (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:50:07.0797 4372	nusb3hub - ok
11:50:07.0875 4372	nusb3xhc        (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:50:07.0922 4372	nusb3xhc - ok
11:50:07.0984 4372	NVHDA           (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
11:50:08.0000 4372	NVHDA - ok
11:50:09.0014 4372	nvlddmkm        (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:50:09.0076 4372	nvlddmkm - ok
11:50:09.0232 4372	nvpciflt        (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
11:50:09.0232 4372	nvpciflt - ok
11:50:09.0295 4372	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:50:09.0310 4372	nvraid - ok
11:50:09.0342 4372	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:50:09.0404 4372	nvstor - ok
11:50:09.0451 4372	NvStUSB         (9e01b716c8085f7adb1cdc10103ceef8) C:\Windows\system32\drivers\nvstusb.sys
11:50:09.0466 4372	NvStUSB - ok
11:50:09.0700 4372	NVSvc           (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
11:50:09.0763 4372	NVSvc - ok
11:50:09.0981 4372	nvUpdatusService (4b7636c52a359ab0783b350a5fbdbb49) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:50:10.0059 4372	nvUpdatusService - ok
11:50:10.0324 4372	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:50:10.0371 4372	nv_agp - ok
11:50:10.0371 4372	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:50:10.0402 4372	ohci1394 - ok
11:50:10.0590 4372	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:50:10.0590 4372	ose - ok
11:50:10.0902 4372	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:50:10.0980 4372	osppsvc - ok
11:50:11.0494 4372	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:50:11.0541 4372	p2pimsvc - ok
11:50:11.0572 4372	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:50:11.0588 4372	p2psvc - ok
11:50:11.0697 4372	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:50:11.0713 4372	Parport - ok
11:50:11.0775 4372	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:50:11.0775 4372	partmgr - ok
11:50:11.0962 4372	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:50:11.0962 4372	PcaSvc - ok
11:50:12.0118 4372	PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
11:50:12.0228 4372	PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:50:12.0368 4372	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:50:12.0384 4372	pci - ok
11:50:12.0399 4372	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:50:12.0415 4372	pciide - ok
11:50:12.0446 4372	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:50:12.0446 4372	pcmcia - ok
11:50:12.0462 4372	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:50:12.0462 4372	pcw - ok
11:50:12.0508 4372	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:50:12.0555 4372	PEAUTH - ok
11:50:12.0742 4372	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:50:12.0774 4372	PeerDistSvc - ok
11:50:12.0883 4372	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:50:12.0898 4372	PerfHost - ok
11:50:13.0132 4372	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:50:13.0210 4372	pla - ok
11:50:13.0304 4372	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:50:13.0320 4372	PlugPlay - ok
11:50:13.0366 4372	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:50:13.0366 4372	PNRPAutoReg - ok
11:50:13.0429 4372	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:50:13.0444 4372	PNRPsvc - ok
11:50:13.0600 4372	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:50:13.0632 4372	PolicyAgent - ok
11:50:13.0710 4372	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:50:13.0710 4372	Power - ok
11:50:13.0881 4372	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:50:13.0912 4372	PptpMiniport - ok
11:50:13.0959 4372	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:50:13.0959 4372	Processor - ok
11:50:14.0022 4372	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:50:14.0037 4372	ProfSvc - ok
11:50:14.0100 4372	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:50:14.0100 4372	ProtectedStorage - ok
11:50:14.0209 4372	ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\Windows\SysWOW64\PSIService.exe
11:50:14.0209 4372	ProtexisLicensing - ok
11:50:14.0271 4372	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:50:14.0271 4372	Psched - ok
11:50:14.0318 4372	PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:50:14.0334 4372	PxHlpa64 - ok
11:50:14.0365 4372	qicflt          (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
11:50:14.0380 4372	qicflt - ok
11:50:14.0630 4372	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:50:14.0692 4372	ql2300 - ok
11:50:14.0926 4372	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:50:14.0958 4372	ql40xx - ok
11:50:15.0020 4372	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:50:15.0036 4372	QWAVE - ok
11:50:15.0067 4372	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:50:15.0067 4372	QWAVEdrv - ok
11:50:15.0082 4372	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:50:15.0082 4372	RasAcd - ok
11:50:15.0114 4372	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:50:15.0129 4372	RasAgileVpn - ok
11:50:15.0192 4372	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:50:15.0207 4372	RasAuto - ok
11:50:15.0316 4372	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:50:15.0332 4372	Rasl2tp - ok
11:50:15.0706 4372	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:50:15.0800 4372	RasMan - ok
11:50:16.0003 4372	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:50:16.0081 4372	RasPppoe - ok
11:50:16.0112 4372	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:50:16.0128 4372	RasSstp - ok
11:50:16.0159 4372	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:50:16.0174 4372	rdbss - ok
11:50:16.0206 4372	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:50:16.0221 4372	rdpbus - ok
11:50:16.0237 4372	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:50:16.0237 4372	RDPCDD - ok
11:50:16.0268 4372	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:50:16.0330 4372	RDPDR - ok
11:50:16.0362 4372	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:50:16.0362 4372	RDPENCDD - ok
11:50:16.0393 4372	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:50:16.0408 4372	RDPREFMP - ok
11:50:16.0642 4372	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:50:16.0705 4372	RDPWD - ok
11:50:16.0970 4372	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:50:17.0017 4372	rdyboost - ok
11:50:17.0173 4372	RegSrvc         (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:50:17.0188 4372	RegSrvc - ok
11:50:17.0251 4372	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:50:17.0266 4372	RemoteAccess - ok
11:50:17.0313 4372	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:50:17.0329 4372	RemoteRegistry - ok
11:50:17.0719 4372	RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:50:17.0781 4372	RoxMediaDB12OEM - ok
11:50:17.0844 4372	RoxWatch12      (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:50:17.0859 4372	RoxWatch12 - ok
11:50:18.0124 4372	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:50:18.0124 4372	RpcEptMapper - ok
11:50:18.0156 4372	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:50:18.0156 4372	RpcLocator - ok
11:50:18.0187 4372	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:50:18.0187 4372	RpcSs - ok
11:50:18.0234 4372	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:50:18.0234 4372	rspndr - ok
11:50:18.0280 4372	RTL8167         (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:50:18.0280 4372	RTL8167 - ok
11:50:18.0312 4372	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:50:18.0312 4372	s3cap - ok
11:50:18.0343 4372	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:50:18.0343 4372	SamSs - ok
11:50:18.0546 4372	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:50:18.0608 4372	sbp2port - ok
11:50:18.0702 4372	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:50:18.0717 4372	SCardSvr - ok
11:50:18.0733 4372	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:50:18.0748 4372	scfilter - ok
11:50:18.0936 4372	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:50:19.0014 4372	Schedule - ok
11:50:19.0216 4372	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:50:19.0216 4372	SCPolicySvc - ok
11:50:19.0326 4372	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:50:19.0341 4372	sdbus - ok
11:50:19.0372 4372	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:50:19.0388 4372	SDRSVC - ok
11:50:19.0419 4372	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:50:19.0435 4372	secdrv - ok
11:50:19.0482 4372	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:50:19.0497 4372	seclogon - ok
11:50:19.0528 4372	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:50:19.0528 4372	SENS - ok
11:50:19.0638 4372	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:50:19.0653 4372	SensrSvc - ok
11:50:19.0700 4372	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:50:19.0700 4372	Serenum - ok
11:50:19.0778 4372	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:50:19.0794 4372	Serial - ok
11:50:19.0809 4372	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:50:19.0825 4372	sermouse - ok
11:50:20.0090 4372	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:50:20.0106 4372	SessionEnv - ok
11:50:20.0137 4372	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:50:20.0137 4372	sffdisk - ok
11:50:20.0215 4372	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:50:20.0230 4372	sffp_mmc - ok
11:50:20.0262 4372	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:50:20.0262 4372	sffp_sd - ok
11:50:20.0308 4372	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:50:20.0308 4372	sfloppy - ok
11:50:20.0511 4372	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:50:20.0527 4372	Sftfs - ok
11:50:20.0714 4372	sftlist         (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:50:20.0730 4372	sftlist - ok
11:50:20.0776 4372	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:50:20.0792 4372	Sftplay - ok
11:50:20.0839 4372	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:50:20.0839 4372	Sftredir - ok
11:50:21.0182 4372	SftService      (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:50:21.0260 4372	SftService - ok
11:50:21.0775 4372	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:50:21.0775 4372	Sftvol - ok
11:50:22.0056 4372	sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:50:22.0087 4372	sftvsa - ok
11:50:22.0368 4372	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:50:22.0383 4372	ShellHWDetection - ok
11:50:22.0446 4372	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:50:22.0461 4372	SiSRaid2 - ok
11:50:22.0664 4372	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:50:22.0726 4372	SiSRaid4 - ok
11:50:22.0789 4372	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:50:22.0804 4372	Smb - ok
11:50:22.0867 4372	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:50:22.0882 4372	SNMPTRAP - ok
11:50:22.0960 4372	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:50:22.0976 4372	spldr - ok
11:50:23.0382 4372	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:50:23.0382 4372	Spooler - ok
11:50:23.0943 4372	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:50:24.0037 4372	sppsvc - ok
11:50:24.0957 4372	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:50:24.0973 4372	sppuinotify - ok
11:50:26.0158 4372	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:50:26.0221 4372	srv - ok
11:50:27.0843 4372	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:50:27.0984 4372	srv2 - ok
11:50:28.0717 4372	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:50:28.0779 4372	srvnet - ok
11:50:28.0842 4372	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:50:28.0857 4372	SSDPSRV - ok
11:50:29.0013 4372	SSPORT          (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
11:50:29.0029 4372	SSPORT - ok
11:50:29.0388 4372	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:50:29.0466 4372	SstpSvc - ok
11:50:29.0497 4372	stdcfltn        (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
11:50:29.0497 4372	stdcfltn - ok
11:50:30.0152 4372	Stereo Service  (79969acaeebeda7dc3673656ab9918fd) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:50:30.0168 4372	Stereo Service - ok
11:50:30.0339 4372	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:50:30.0339 4372	stexstor - ok
11:50:31.0010 4372	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:50:31.0166 4372	stisvc - ok
11:50:31.0400 4372	stllssvr        (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:50:31.0416 4372	stllssvr - ok
11:50:31.0556 4372	StorSvc         (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
11:50:31.0572 4372	StorSvc - ok
11:50:31.0650 4372	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:50:31.0650 4372	storvsc - ok
11:50:31.0681 4372	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:50:31.0696 4372	swenum - ok
11:50:32.0414 4372	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:50:32.0430 4372	swprv - ok
11:50:32.0476 4372	SynthVid        (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:50:32.0476 4372	SynthVid - ok
11:50:32.0601 4372	SynTP           (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
11:50:32.0632 4372	SynTP - ok
11:50:33.0756 4372	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:50:33.0802 4372	SysMain - ok
11:50:34.0270 4372	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:50:34.0286 4372	TabletInputService - ok
11:50:34.0317 4372	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:50:34.0395 4372	TapiSrv - ok
11:50:34.0442 4372	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:50:34.0442 4372	TBS - ok
11:50:37.0890 4372	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:50:37.0999 4372	Tcpip - ok
11:50:38.0373 4372	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:50:38.0373 4372	TCPIP6 - ok
11:50:38.0654 4372	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:50:38.0654 4372	tcpipreg - ok
11:50:38.0685 4372	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:50:38.0685 4372	TDPIPE - ok
11:50:38.0732 4372	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:50:38.0732 4372	TDTCP - ok
11:50:38.0763 4372	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:50:38.0779 4372	tdx - ok
11:50:38.0794 4372	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
11:50:38.0810 4372	TermDD - ok
11:50:38.0982 4372	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:50:38.0997 4372	TermService - ok
11:50:39.0013 4372	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:50:39.0013 4372	Themes - ok
11:50:39.0106 4372	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:50:39.0106 4372	THREADORDER - ok
11:50:39.0138 4372	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:50:39.0138 4372	TrkWks - ok
11:50:39.0184 4372	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:50:39.0184 4372	TrustedInstaller - ok
11:50:39.0356 4372	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:50:39.0372 4372	tssecsrv - ok
11:50:39.0465 4372	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:50:39.0481 4372	TsUsbFlt - ok
11:50:39.0559 4372	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:50:39.0590 4372	TsUsbGD - ok
11:50:39.0637 4372	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:50:39.0652 4372	tunnel - ok
11:50:39.0715 4372	TurboB          (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
11:50:39.0730 4372	TurboB - ok
11:50:39.0840 4372	TurboBoost      (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:50:39.0871 4372	TurboBoost - ok
11:50:40.0011 4372	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:50:40.0089 4372	uagp35 - ok
11:50:40.0245 4372	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:50:40.0261 4372	udfs - ok
11:50:40.0323 4372	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:50:40.0354 4372	UI0Detect - ok
11:50:40.0417 4372	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:50:40.0417 4372	uliagpkx - ok
11:50:40.0448 4372	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:50:40.0464 4372	umbus - ok
11:50:40.0479 4372	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:50:40.0495 4372	UmPass - ok
11:50:40.0526 4372	UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
11:50:40.0542 4372	UmRdpService - ok
11:50:40.0791 4372	UniversalCommunicationServer (ff6a780ddab9a05153908f5f5eb54a15) C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe
11:50:40.0791 4372	UniversalCommunicationServer - ok
11:50:41.0072 4372	UNS             (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:50:41.0088 4372	UNS - ok
11:50:41.0415 4372	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:50:41.0446 4372	upnphost - ok
11:50:41.0602 4372	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:50:41.0602 4372	USBAAPL64 - ok
11:50:41.0634 4372	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
11:50:41.0649 4372	usbaudio - ok
11:50:41.0727 4372	usbccgp         (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
11:50:41.0743 4372	usbccgp - ok
11:50:41.0774 4372	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:50:41.0821 4372	usbcir - ok
11:50:41.0977 4372	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:50:41.0992 4372	usbehci - ok
11:50:42.0102 4372	usbhub          (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
11:50:42.0117 4372	usbhub - ok
11:50:42.0195 4372	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:50:42.0211 4372	usbohci - ok
11:50:42.0226 4372	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:50:42.0242 4372	usbprint - ok
11:50:42.0289 4372	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:50:42.0289 4372	usbscan - ok
11:50:42.0398 4372	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:50:42.0460 4372	USBSTOR - ok
11:50:42.0507 4372	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:50:42.0538 4372	usbuhci - ok
11:50:42.0585 4372	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:50:42.0601 4372	usbvideo - ok
11:50:42.0632 4372	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:50:42.0648 4372	UxSms - ok
11:50:42.0710 4372	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:50:42.0710 4372	VaultSvc - ok
11:50:42.0741 4372	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:50:42.0757 4372	vdrvroot - ok
11:50:42.0928 4372	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:50:42.0975 4372	vds - ok
11:50:43.0022 4372	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:50:43.0022 4372	vga - ok
11:50:43.0038 4372	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:50:43.0038 4372	VgaSave - ok
11:50:43.0069 4372	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:50:43.0100 4372	vhdmp - ok
11:50:43.0147 4372	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:50:43.0162 4372	viaide - ok
11:50:43.0178 4372	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:50:43.0194 4372	VMBusHID - ok
11:50:43.0225 4372	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:50:43.0240 4372	volmgr - ok
11:50:43.0303 4372	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:50:43.0334 4372	volmgrx - ok
11:50:43.0412 4372	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:50:43.0443 4372	volsnap - ok
11:50:43.0521 4372	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:50:43.0568 4372	vsmraid - ok
11:50:43.0911 4372	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:50:43.0927 4372	VSS - ok
11:50:44.0130 4372	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:50:44.0130 4372	vwifibus - ok
11:50:44.0161 4372	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:50:44.0161 4372	vwififlt - ok
11:50:44.0192 4372	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:50:44.0192 4372	vwifimp - ok
11:50:44.0239 4372	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:50:44.0254 4372	W32Time - ok
11:50:44.0332 4372	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:50:44.0364 4372	WacomPen - ok
11:50:44.0395 4372	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:50:44.0410 4372	WANARP - ok
11:50:44.0410 4372	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:50:44.0410 4372	Wanarpv6 - ok
11:50:44.0738 4372	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:50:44.0878 4372	wbengine - ok
11:50:45.0846 4372	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:50:45.0861 4372	WbioSrvc - ok
11:50:47.0468 4372	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:50:47.0499 4372	wcncsvc - ok
11:50:47.0718 4372	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:50:47.0733 4372	WcsPlugInService - ok
11:50:47.0842 4372	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:50:47.0858 4372	Wd - ok
11:50:48.0279 4372	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:50:48.0326 4372	Wdf01000 - ok
11:50:48.0357 4372	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:50:48.0373 4372	WdiServiceHost - ok
11:50:48.0373 4372	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:50:48.0373 4372	WdiSystemHost - ok
11:50:49.0106 4372	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:50:49.0200 4372	WebClient - ok
11:50:49.0356 4372	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:50:49.0418 4372	Wecsvc - ok
11:50:49.0449 4372	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:50:49.0449 4372	wercplsupport - ok
11:50:49.0512 4372	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:50:49.0512 4372	WerSvc - ok
11:50:49.0855 4372	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:50:49.0855 4372	WfpLwf - ok
11:50:49.0933 4372	WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
11:50:49.0948 4372	WimFltr - ok
11:50:49.0980 4372	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:50:49.0980 4372	WIMMount - ok
11:50:49.0980 4372	WinHttpAutoProxySvc - ok
11:50:50.0073 4372	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:50:50.0104 4372	Winmgmt - ok
11:50:50.0416 4372	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:50:50.0479 4372	WinRM - ok
11:50:51.0056 4372	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:50:51.0072 4372	WinUsb - ok
11:50:51.0165 4372	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:50:51.0181 4372	Wlansvc - ok
11:50:51.0306 4372	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:50:51.0321 4372	wlcrasvc - ok
11:50:52.0288 4372	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:50:52.0366 4372	wlidsvc - ok
11:50:52.0538 4372	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:50:52.0538 4372	WmiAcpi - ok
11:50:53.0302 4372	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:50:53.0365 4372	wmiApSrv - ok
11:50:53.0412 4372	WMPNetworkSvc - ok
11:50:53.0443 4372	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:50:53.0458 4372	WPCSvc - ok
11:50:53.0490 4372	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:50:53.0505 4372	WPDBusEnum - ok
11:50:53.0692 4372	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:50:53.0755 4372	ws2ifsl - ok
11:50:53.0770 4372	WSearch - ok
11:50:55.0050 4372	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:50:55.0065 4372	wuauserv - ok
11:50:57.0374 4372	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:50:57.0452 4372	WudfPf - ok
11:50:57.0483 4372	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:50:57.0514 4372	WUDFRd - ok
11:50:57.0546 4372	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:50:57.0561 4372	wudfsvc - ok
11:50:57.0592 4372	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:50:57.0624 4372	WwanSvc - ok
11:50:57.0670 4372	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:51:01.0321 4372	\Device\Harddisk0\DR0 - ok
11:51:01.0321 4372	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:51:01.0414 4372	\Device\Harddisk1\DR1 - ok
11:51:01.0461 4372	Boot (0x1200)   (4413c3ab01544c6ed3a676eb53ac2907) \Device\Harddisk0\DR0\Partition0
11:51:01.0461 4372	\Device\Harddisk0\DR0\Partition0 - ok
11:51:01.0882 4372	Boot (0x1200)   (05dde44319d465f1520b27cb63ec1dd4) \Device\Harddisk0\DR0\Partition1
11:51:01.0882 4372	\Device\Harddisk0\DR0\Partition1 - ok
11:51:01.0882 4372	Boot (0x1200)   (736833d698b1fac43fdb462f440206cc) \Device\Harddisk1\DR1\Partition0
11:51:01.0882 4372	\Device\Harddisk1\DR1\Partition0 - ok
11:51:01.0882 4372	============================================================
11:51:01.0882 4372	Scan finished
11:51:01.0882 4372	============================================================
11:51:01.0914 3708	Detected object count: 0
11:51:01.0914 3708	Actual detected object count: 0
         



Code:
ATTFilter
 
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-22 11:54:31
-----------------------------
11:54:31.963    OS Version: Windows x64 6.1.7601 Service Pack 1
11:54:31.963    Number of processors: 8 586 0x2A07
11:54:31.963    ComputerName: HUUPSI-PC  UserName: Huupsi
11:54:33.508    Initialize success
11:55:36.107    AVAST engine defs: 12062200
11:56:04.265    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:56:04.265    Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
11:56:04.281    Disk 0 MBR read successfully
11:56:04.281    Disk 0 MBR scan
11:56:04.297    Disk 0 Windows VISTA default MBR code
11:56:04.312    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      101 MB offset 63
11:56:04.936    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 208896
11:56:04.952    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       700301 MB offset 30928896
11:56:04.983    Disk 0 scanning C:\Windows\system32\drivers
11:56:16.667    Service scanning
11:56:38.960    Modules scanning
11:56:38.975    Disk 0 trace - called modules:
11:56:38.991    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll 
11:56:39.007    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ddc790]
11:56:39.007    3 CLASSPNP.SYS[fffff88001b8243f] -> nt!IofCallDriver -> [0xfffffa8007cf1cb0]
11:56:39.007    5 stdcfltn.sys[fffff88001ac7c52] -> nt!IofCallDriver -> [0xfffffa80060cea40]
11:56:39.022    7 ACPI.sys[fffff88000f3c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80060d2050]
11:56:41.175    AVAST engine scan C:\Windows
11:56:43.921    AVAST engine scan C:\Windows\system32
12:00:29.809    AVAST engine scan C:\Windows\system32\drivers
12:00:44.411    AVAST engine scan C:\Users\Huupsi
12:01:22.615    Disk 0 MBR has been saved successfully to "C:\Users\Huupsi\Desktop\virenscanner\MBR.dat"
12:01:22.631    The log file has been saved successfully to "C:\Users\Huupsi\Desktop\virenscanner\aswMBR.txt"
         
__________________

Alt 24.06.2012, 12:46   #4
Jemi
 
Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Standard

Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.



Hallo,
Da ich den Rechner morgen dringend brauche, bin ich nun dabei ihn komplett neu aufzusetzen. Ich hätte das wohl besser schon vor drei tagen machen sollen Trotzdem danke.
Lg
Jemi

Alt 26.06.2012, 09:32   #5
Psychotic
/// Malwareteam
 
Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Standard

Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.



Dieses Thema scheint erledigt und wurde aus meinen Abos gelöscht.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!

__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Antwort

Themen zu Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.
.com, adobe, antivir, autorun, avg, avira, bho, bonjour, dateisystem, error, explorer, fehler, firefox, firefox 13.0.1, flash player, format, google earth, heuristiks/extra, heuristiks/shuriken, install.exe, logfile, microsoft office starter 2010, microsoft office word, misused.legit, mozilla, nvidia update, nvpciflt.sys, photoshop, realtek, recycle.bin, registry, richtlinie, rundll, scan, searchscopes, security, software, system, tr/crypt.xpack.ge, version=1.0, windows, wscript.exe



Ähnliche Themen: Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere.


  1. TR/ATRAPS.Gen - TR/ATRAPS.Gen2 - W32/Patched.UA - BDS/ZeroAccess.Gen
    Log-Analyse und Auswertung - 20.09.2013 (5)
  2. W32/Patched.UC, TR/ATRAPS.Gen2 und TR/Sirefef.77312
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (14)
  3. TR/ATRAPS.Gen2 sowie W32/Patched.UC
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (23)
  4. TR/ATRAPS.Gen2 und W32/Patched.UC gefunden
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (10)
  5. TR/ATRAPS.Gen2 und W32/Patched.UC gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (19)
  6. Avira findet TR/Sirefef.16896 und TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in Windows\Installer und W32/Patched.UA in Windows\System32\service.exe
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (23)
  7. W32/Patched.UA, TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in System 32
    Log-Analyse und Auswertung - 09.11.2012 (7)
  8. TR/ATRAPS.Gen + Gen2, W32/Patched.UA, JS.Agent.Inf.6750
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (36)
  9. W32/Patched.UA in "C:\Windows\System32\services.exe" + TR/Small.FI, TR/ATRAPS.Gen und TR/ATRAPS.GEN2
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (2)
  10. Avira: 800000cb.@ TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer\.. und weitere Pfaden
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (25)
  11. (2x) W32/Patched.UA TR/ATRAPS.Gen TR/ATRAPS.Gen2
    Mülltonne - 07.08.2012 (2)
  12. Trojaner TR/ATRAPS.Gen2 und TR/ATRAPS.Gen und W32/Patched.UA
    Log-Analyse und Auswertung - 11.07.2012 (28)
  13. TR/Small.FI, TR/ATRAPS.Gen, TR/ATRAPS.GEN2 und W32/Patched.UA in "C:\Windows\System32\services.exe"
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (15)
  14. W32/Patched.UA, TR/ATRAPS.GEN und GEN2
    Plagegeister aller Art und deren Bekämpfung - 29.06.2012 (1)
  15. Und noch einer: Trojaner TR/ATRAPS.Gen2 und TR/ATRAPS.Gen und W32/Patched.UA HILFE!!!
    Log-Analyse und Auswertung - 28.06.2012 (7)
  16. Atraps.gen2 und W32/patched.ub durch Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (1)
  17. TR/ATRAPS.Gen2 und weitere
    Plagegeister aller Art und deren Bekämpfung - 02.03.2012 (5)

Zum Thema Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. - Hallo, jetzt hat es mich auch erwischt. Ich hatte auf diesem Rechner bisher die Mcafee Suite. Sie war auf dem System vorinstalliert und ich habe sie drauf gelassen. Mcafee hat - Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere....
Archiv
Du betrachtest: Auch hier W32/Patched.UA, ATRAPS.Gen2 und weitere. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.