Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC reagiert ständig nicht mehr ...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.07.2012, 08:58   #1
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hallo zusammen,

mein Laptop reagiert ständig nich, bleibt also "Hängen".


hier mal das LOG von Malwarebytes:


Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Laptop :: LAPTOP_PR [Administrator]

Schutz: Aktiviert

18.07.2012 08:35:58
mbam-log-2012-07-18 (08-35-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211120
Laufzeit: 13 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Laptop\Downloads\SoftonicDownloader_fuer_picasa(1).exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Laptop\Downloads\SoftonicDownloader_fuer_picasa.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)



DEFOGGER LOG

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:14 on 18/07/2012 (Laptop)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Geändert von rupa (18.07.2012 um 09:34 Uhr)

Alt 18.07.2012, 09:41   #2
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

den Scan mit MAM (Antimalwarebytes) mit der Einstellung FULLSCAN wiederholen.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread
  • Zusätzlich folgendes Programm runterladen LanmanCheck ausführen und Ausgabe abkopieren und posten

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten...

chris
__________________

__________________

Alt 18.07.2012, 09:45   #3
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



OTL logfile created on: 7/18/2012 9:16:54 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.84 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 59.03% Memory free
7.68 Gb Paging File | 5.90 Gb Available in Paging File | 76.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127.00 Gb Total Space | 17.69 Gb Free Space | 13.93% Space Free | Partition Type: NTFS
Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe
PRC - [2012/07/06 05:50:57 | 003,548,736 | ---- | M] (sw4you, Siegfried Weckmann) -- C:\Program Files (x86)\Hardcopy\hardcopy.exe
PRC - [2012/07/05 15:56:39 | 000,037,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
PRC - [2012/07/03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/05/03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~2\AD-AWA~1\AdAware.exe
PRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/12/08 11:06:08 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011/11/11 18:18:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2011/02/16 23:26:16 | 000,308,592 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
PRC - [2011/02/01 23:25:44 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 23:25:41 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/13 16:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/05 15:56:51 | 000,115,264 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDLL2_37_Win32.dll
MOD - [2012/07/05 15:56:39 | 000,037,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
MOD - [2012/07/05 15:56:24 | 000,052,800 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
MOD - [2012/07/04 10:14:24 | 002,941,440 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\HcDllS.dll
MOD - [2012/03/22 11:40:50 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
MOD - [2012/03/22 11:40:28 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/30 17:56:20 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2011/03/30 17:40:30 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2011/03/30 09:35:40 | 001,000,208 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe -- (ZcfgSvc7) Intel(R)
SRV:64bit: - [2010/10/15 20:07:52 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/10/07 16:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/18 00:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2010/06/03 04:05:42 | 002,734,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\ATService.exe -- (ATService)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/12 10:20:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/17 10:25:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/12/08 11:06:08 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/02/16 23:26:16 | 000,308,592 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe -- (Sierra Wireless QDL Service)
SRV - [2011/02/01 23:25:44 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/01 23:25:41 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/11 20:18:12 | 001,064,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/16 14:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/04/20 08:34:26 | 001,520,688 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/12/19 12:44:24 | 000,256,632 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/12/19 12:44:24 | 000,084,600 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2011/12/19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/12/08 11:06:12 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/12/08 11:06:03 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011/12/08 11:05:46 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/12/08 11:05:25 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/11/29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011/11/01 01:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2011/09/21 10:41:42 | 000,022,016 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscGabi.sys -- (FscGabi)
DRV:64bit: - [2011/09/21 10:41:38 | 000,017,920 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscEfDmi.sys -- (FscEfDmi)
DRV:64bit: - [2011/04/15 04:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/02/04 01:58:00 | 000,424,448 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kmbb00.sys -- (swg3kmbb00)
DRV:64bit: - [2011/02/04 01:57:20 | 000,073,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swibusflt00.sys -- (swibusflt00)
DRV:64bit: - [2011/02/04 01:57:20 | 000,073,216 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swibus00.sys -- (swibus00)
DRV:64bit: - [2011/02/04 01:57:06 | 000,034,304 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kflt00.sys -- (swg3kflt00)
DRV:64bit: - [2011/02/04 01:56:58 | 000,256,384 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3kser00.sys -- (swg3kser00)
DRV:64bit: - [2011/02/04 01:56:58 | 000,256,384 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swg3knmea00.sys -- (swg3knmea00)
DRV:64bit: - [2010/12/20 18:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010/12/10 06:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 06:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/08 06:30:08 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/10/09 15:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2010/10/04 08:26:14 | 000,131,112 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2010/09/28 04:30:22 | 000,015,208 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FJGSDisk.sys -- (FJGSDisk)
DRV:64bit: - [2010/09/21 08:20:30 | 000,348,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010/09/14 23:59:16 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/09/14 23:59:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/09/02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010/09/02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010/08/21 01:21:38 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/08/06 02:17:00 | 000,085,736 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\oz776x64.sys -- (guardian2)
DRV:64bit: - [2010/06/02 11:27:04 | 000,770,152 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/19 14:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/24 07:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:64bit: - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 22:36:04 | 000,696,832 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fus2base.sys -- (FUS2BASE)
DRV:64bit: - [2009/06/10 22:36:02 | 000,079,872 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmcowan.sys -- (AVMCOWAN)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV:64bit: - [2005/08/18 19:22:30 | 000,131,584 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/04/20 08:33:40 | 000,303,740 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/08/18 19:22:30 | 000,131,584 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dne64x.sys -- (DNE)
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\vsdatant.sys -- (vsdatant)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186}
IE:64bit: - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186}
IE - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ts.fujitsu.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {D5F17733-DD7D-4C1E-A875-39236ADC9DEE}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc}
IE - HKCU\..\SearchScopes\{D5F17733-DD7D-4C1E-A875-39236ADC9DEE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/10 11:35:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 10:25:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/22 10:45:09 | 000,000,000 | ---D | M]

[2012/01/27 08:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Extensions
[2012/07/11 08:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions
[2012/06/26 12:06:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/01/27 12:00:08 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012/07/11 14:32:54 | 000,002,385 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\7q6ocu5b.default\searchplugins\youtube.xml
[2012/02/05 19:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/07/10 11:35:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/06/26 08:59:44 | 000,339,843 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012/06/13 08:03:18 | 000,009,485 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{BA2430E0-5B72-4CAC-BC9E-7D1AACA75D3D}.XPI
[2012/06/13 08:03:18 | 000,010,443 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SHOWTHEIMAGE@BRUNWIN.NET.XPI
[2012/06/13 08:03:18 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012/01/27 09:59:07 | 000,008,362 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\TOGGLEPRIVATEBROWSING@SUPERNOVA00.BIZ.XPI
[2012/06/17 10:25:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/03 14:50:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/17 10:25:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/17 10:25:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/17 10:25:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/17 10:25:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/17 10:25:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/17 10:25:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - Startup: C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_64.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10BEEE1C-6AEA-47DD-8CDF-010DC88F9374}: NameServer = 192.168.0.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell - "" = AutoRun
O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell - "" = AutoRun
O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/18 09:15:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe
[2012/07/18 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes
[2012/07/18 08:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/18 08:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/18 08:32:02 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/18 08:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/18 08:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/07/16 20:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2012/07/16 20:23:32 | 000,131,584 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\drivers\dne64x.sys
[2012/07/16 20:23:32 | 000,110,080 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\dnei64x.dll
[2012/07/16 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2012/07/16 20:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Deterministic Networks
[2012/07/16 20:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2012/07/16 20:14:00 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Shrew Soft VPN
[2012/07/16 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ShrewSoft
[2012/07/13 13:23:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Christoph Küche
[2012/07/13 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
[2012/07/13 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hardcopy
[2012/07/13 13:20:11 | 001,703,936 | ---- | C] (www.sw4you.de Siegfried Weckmann) -- C:\Windows\SwSetupu.exe
[2012/07/13 09:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALNO AG Küchenplaner
[2012/07/13 09:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALNO
[2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/11 09:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/11 09:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/07/10 10:08:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{40C0A572-C69F-4354-9859-ED9E54CAD252}
[2012/07/10 10:08:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8CF5B2FF-4C50-4825-9602-F0FB1DDDD9B6}
[2012/07/09 22:06:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CCA59C0B-61A0-43CC-A674-5297344FFE0B}
[2012/07/09 22:05:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{61679FCA-974E-4F03-9B5F-9282CAF93678}
[2012/07/04 11:31:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\adaware
[2012/07/04 11:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/07/04 11:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/07/04 11:31:31 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012/07/04 11:31:20 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys
[2012/07/04 11:31:15 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys
[2012/07/04 11:31:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys
[2012/07/04 11:31:11 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2012/07/04 11:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/07/04 11:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/07/04 11:21:51 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus
[2012/06/26 12:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin
[2012/06/26 12:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin
[2012/06/26 11:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2012/06/25 10:19:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Auerswald
[2012/06/22 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/06/22 04:24:45 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{64CE9632-E10E-4519-AFF0-BA8787FBB5FC}
[2012/06/22 04:24:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{793541AA-BE70-4661-A3D4-D0AC1A3938B0}
[2012/06/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{781B15AE-3422-4916-B40A-60087D7AC7A6}
[2012/06/21 16:23:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F1313B8A-E9F4-4C71-8011-044293080CF0}
[2012/06/21 16:05:57 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012/06/21 16:04:37 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/21 16:04:30 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/06/21 16:04:23 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/06/21 16:04:16 | 000,000,000 | ---D | C] -- C:\Windows\it
[2012/06/21 16:04:09 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012/06/21 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9A527056-42B3-415C-89A6-E0C861EA096D}
[2012/06/21 15:49:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFB7D0FB-0801-49F6-AECA-AE9DA5E94D2D}
[2012/06/21 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFEE86D2-0270-437B-91B5-1F03202DA990}
[2012/06/21 14:46:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\tools
[2012/06/21 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012/06/21 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/06/21 08:21:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\mp3 für show
[2012/06/21 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A4288D4B-CD3A-4A65-B2A6-98B4F2EA8554}
[2012/06/21 07:44:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{17DF9FB7-BAF3-4F87-9A63-452041D4BF3F}
[2012/06/20 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0CC6E22A-2255-4213-BADF-C3E304011BEC}
[2012/06/20 10:35:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Danksagung

========== Files - Modified Within 30 Days ==========

[2012/07/18 09:20:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe
[2012/07/18 09:13:10 | 000,000,000 | ---- | M] () -- C:\Users\Laptop\defogger_reenable
[2012/07/18 09:10:54 | 000,050,477 | ---- | M] () -- C:\Users\Laptop\Desktop\Defogger.exe
[2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 09:03:17 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/18 09:03:08 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/07/18 09:02:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/18 09:02:41 | 3092,107,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/18 08:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/18 08:34:20 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/16 21:26:06 | 000,002,002 | -H-- | M] () -- C:\Users\Laptop\Documents\Default.rdp
[2012/07/16 20:25:19 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2012/07/16 20:23:30 | 000,002,653 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2012/07/16 09:20:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[2012/07/13 13:21:32 | 000,002,391 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
[2012/07/13 11:59:53 | 000,001,908 | ---- | M] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk
[2012/07/13 08:00:36 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/13 07:59:27 | 000,001,738 | ---- | M] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/07/13 07:47:26 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/12 09:02:26 | 001,031,801 | ---- | M] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf
[2012/07/12 09:02:26 | 000,180,570 | ---- | M] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf
[2012/07/12 09:02:25 | 000,385,177 | ---- | M] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf
[2012/07/11 13:51:56 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/07/11 13:51:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/07/11 13:51:16 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/11 13:44:36 | 000,650,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/11 13:44:28 | 000,117,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/11 09:18:15 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/10 11:35:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/09 23:12:01 | 000,751,391 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp
[2012/07/05 15:53:12 | 000,001,188 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/22 07:53:31 | 000,717,636 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp
[2012/06/21 22:53:11 | 000,723,001 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp
[2012/06/21 16:48:11 | 000,688,426 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp
[2012/06/21 09:53:36 | 000,680,434 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp
[2012/06/20 22:56:29 | 000,687,833 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp
[2012/06/20 22:56:15 | 000,687,832 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp

========== Files Created - No Company Name ==========

[2012/07/18 09:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Laptop\defogger_reenable
[2012/07/18 09:10:52 | 000,050,477 | ---- | C] () -- C:\Users\Laptop\Desktop\Defogger.exe
[2012/07/18 08:32:07 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/16 20:40:57 | 000,002,002 | -H-- | C] () -- C:\Users\Laptop\Documents\Default.rdp
[2012/07/16 20:40:56 | 000,001,367 | ---- | C] () -- C:\Users\Laptop\Desktop\Remote Desktop Connection.lnk
[2012/07/16 20:23:30 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2012/07/16 20:22:59 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF
[2012/07/16 09:20:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2012/07/13 13:21:32 | 000,002,391 | ---- | C] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
[2012/07/13 09:40:04 | 000,001,908 | ---- | C] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk
[2012/07/13 07:59:27 | 000,001,738 | ---- | C] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/07/12 09:02:26 | 001,031,801 | ---- | C] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf
[2012/07/12 09:02:25 | 000,385,177 | ---- | C] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf
[2012/07/12 09:02:25 | 000,180,570 | ---- | C] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf
[2012/07/11 09:18:15 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/09 23:11:53 | 000,751,391 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp
[2012/07/05 15:53:12 | 000,001,188 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/06/22 10:45:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/21 22:57:39 | 000,717,636 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp
[2012/06/21 21:30:22 | 000,723,001 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp
[2012/06/21 16:43:45 | 000,688,426 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp
[2012/06/21 08:10:06 | 000,680,434 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp
[2012/06/20 22:56:29 | 000,687,833 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp
[2012/06/20 22:44:49 | 000,687,832 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp
[2012/05/04 09:49:50 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/07 17:46:21 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2011/12/07 17:46:21 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011/12/07 17:46:21 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011/05/19 20:18:25 | 001,599,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/19 20:12:52 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/19 20:12:51 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2011/05/10 12:48:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/10 12:48:43 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/10 12:48:40 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/10 12:48:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/10 12:48:33 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/11/25 06:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL

========== LOP Check ==========

[2011/12/08 11:46:51 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Acronis
[2012/07/09 07:48:59 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus
[2012/04/05 11:44:13 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Amazon
[2011/05/19 20:48:32 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Fujitsu
[2011/12/07 09:09:45 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Fujitsu Launch Center
[2012/06/18 08:07:29 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Garmin
[2012/01/27 13:58:28 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\pdfforge
[2012/06/11 09:36:08 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Spotify
[2012/06/18 08:17:19 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Thinstall
[2012/06/19 22:29:03 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 7/18/2012 9:16:54 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.84 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 59.03% Memory free
7.68 Gb Paging File | 5.90 Gb Available in Paging File | 76.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127.00 Gb Total Space | 17.69 Gb Free Space | 13.93% Space Free | Partition Type: NTFS
Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{851B25E7-34C7-461A-80EF-DEF313D8E7B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D4D01C98-8255-4DC3-888F-8BD5540F2D5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E38099E4-850E-4AB1-B93E-BD7CEFE12B09}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F3AD941A-7585-4010-9006-0840FFCCA783}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010D7B67-84C7-4E12-917A-CE67137D4ED3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2ADEAAA8-5AA4-4640-B979-83D6958B1B64}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3668745A-E0AF-4755-A36D-DA969C2EE781}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{44412DE0-98FB-4FBD-B437-27D3701B134C}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{58B72A77-E4D4-42B5-8107-9CC2FDF3BEC9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{76731B0D-5FF8-47A0-9AAB-8F0A5F2A25AE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7889903C-8203-45F4-9697-53060FBDD34C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{82A92841-660B-4048-9B00-FBC52C901B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A032B434-B4A4-4461-AA88-29E1B63A9DD5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A7ACC4E6-F360-4557-B03D-2B0616C732DF}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{A8356CB5-A09B-4C4D-BFC9-D8466508979F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AAB69D62-B5ED-4D77-AA7F-786976622A0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BBCF5ED8-9B69-4FBD-8790-E045DA271C30}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{BF3A6B68-6453-4886-9F38-EB8265413E91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CA5C0F1C-3002-454B-A349-5B991C23455F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DCD89449-71A7-4312-8AE6-B32383E86845}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F84E6588-5CA9-49A1-BC22-EBBFC3B3F28E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{D3E5739E-52F0-4929-8AF4-03CDE250A073}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B08E9171-0F36-47FB-9FCA-8C2211377426}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F1DFCC1-595D-4235-A044-E05B706D800A}" = AuthenTec Fingerprint Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B95CFA6A-E0E0-4437-A2F0-BE0948B68946}" = Intel(R) PROSet/Wireless WiFi Software
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0AA86CEE-2C8C-4ABB-8F95-B8D8E852C62C}" = SportTracks 3.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84c3f506-9960-4261-9e59-8bc6f94cb338}" = Nero 9 Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Küchenplaner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D25122BC-A60E-4663-B602-B01718F12044}" = Cisco Systems VPN Client 4.8.01.0300
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6C5A4CA-1EE8-4C73-9679-0BC2946D1353}" = Battery Utility
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"5513-1208-7298-9440" = JDownloader 0.9
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"avast" = avast! Pro Antivirus
"DeskUpdate_is1" = DeskUpdate 4.12
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"Hardcopy" = Hardcopy
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"InstallShield_{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MERTEN SCHALTER-MANAGER_is1" = MERTEN SCHALTER-MANAGER 2011-2012 v1.0
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"SWIQMIDrvInstaller" = Sierra Wireless QMI Driver Package
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/18/2012 3:15:51 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:52 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:53 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:54 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:55 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:56 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:57 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:58 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:15:59 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 3:16:00 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

[ OSession Events ]
Error - 5/12/2012 4:50:41 AM | Computer Name = LAPTOP_PR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 134
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/17/2012 8:42:54 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:42:55 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:42:56 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:42:57 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:42:58 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:42:59 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:43:00 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:43:01 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:43:02 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/17/2012 8:43:03 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


< End of report >


VIELEN DANK AUCH MAL !!!!!!
__________________

Alt 18.07.2012, 10:50   #4
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

Du hast Zonealarm und Avast drauf, deinstalliere Zonealarm.
Dann läuft ein Clouddienst von Apple, den würde ich temp. mal ausschalten.

Wurde von dem Rechner Malware gelöscht, es sind Spuren zu sehen.

Was macht der Scann mit MAM bzw. Killer?

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 18.07.2012, 11:16   #5
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



BESTEN DANK !!!

Der MAL FullScan ist wohl abgestürzt... bzw. lässt sich das Fenster nicht mehr öffnen :-(
ich starte am besten den Rechner mal neu und deinstalliere Zonealarm, deaktiviere avast und iCloud und starte den MAL FullScan erneut.
Anschließend mache ich dann Killer und OTL wie oben angegeben. OK???

Das mal Malware gelöscht wurde ist möglich. Ich lasse regelmäßig AdAware, Avast und CCleaner übers System laufen.


Alt 18.07.2012, 11:43   #6
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

ok...

chris
__________________
--> PC reagiert ständig nicht mehr ...

Alt 18.07.2012, 11:53   #7
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



MAL war doch nicht abgestürtzt :-)


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Laptop :: LAPTOP_PR [Administrator]

Schutz: Aktiviert

18.07.2012 09:54:01
mbam-log-2012-07-18 (09-54-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 410413
Laufzeit: 1 Stunde(n), 40 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)




Zone Alarm ist und war nicht installiert.

Alt 18.07.2012, 12:14   #8
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

da ist ein Treiber von ZoneAlarm:
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\vsdatant.sys -- (vsdatant)

Lade den mal bei www.virustotal.com hoch und lasse ihn überprüfen, Log posten...

Die Kühlventilatoren laufen alle und sind nicht zugestaubt?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 18.07.2012, 12:19   #9
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



TDSS-Killer:


11:57:27.0938 5748 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
11:57:28.0056 5748 ============================================================
11:57:28.0057 5748 Current date / time: 2012/07/18 11:57:28.0056
11:57:28.0057 5748 SystemInfo:
11:57:28.0057 5748
11:57:28.0057 5748 OS Version: 6.1.7601 ServicePack: 1.0
11:57:28.0057 5748 Product type: Workstation
11:57:28.0057 5748 ComputerName: LAPTOP_PR
11:57:28.0057 5748 UserName: Laptop
11:57:28.0058 5748 Windows directory: C:\Windows
11:57:28.0058 5748 System windows directory: C:\Windows
11:57:28.0058 5748 Running under WOW64
11:57:28.0058 5748 Processor architecture: Intel x64
11:57:28.0058 5748 Number of processors: 4
11:57:28.0058 5748 Page size: 0x1000
11:57:28.0058 5748 Boot type: Normal boot
11:57:28.0058 5748 ============================================================
11:57:28.0862 5748 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:57:28.0873 5748 ============================================================
11:57:28.0873 5748 \Device\Harddisk0\DR0:
11:57:28.0873 5748 MBR partitions:
11:57:28.0888 5748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x41C800, BlocksNum 0xFE00800
11:57:28.0902 5748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1021D800, BlocksNum 0x12CF3000
11:57:28.0941 5748 ============================================================
11:57:28.0981 5748 C: <-> \Device\Harddisk0\DR0\Partition0
11:57:29.0030 5748 D: <-> \Device\Harddisk0\DR0\Partition1
11:57:29.0030 5748 ============================================================
11:57:29.0030 5748 Initialize success
11:57:29.0030 5748 ============================================================
11:57:41.0112 3788 ============================================================
11:57:41.0112 3788 Scan started
11:57:41.0112 3788 Mode: Manual; SigCheck; TDLFS;
11:57:41.0112 3788 ============================================================
11:57:42.0632 3788 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:57:42.0853 3788 1394ohci - ok
11:57:42.0893 3788 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:57:42.0936 3788 ACPI - ok
11:57:42.0993 3788 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:57:43.0094 3788 AcpiPmi - ok
11:57:43.0274 3788 AcrSch2Svc (1fe7229f34038d1abe837688ec0ef15b) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:57:43.0341 3788 AcrSch2Svc - ok
11:57:43.0490 3788 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
11:57:43.0563 3788 Ad-Aware Service - ok
11:57:43.0655 3788 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:57:43.0677 3788 AdobeARMservice - ok
11:57:43.0868 3788 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:57:43.0902 3788 AdobeFlashPlayerUpdateSvc - ok
11:57:44.0064 3788 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:57:44.0114 3788 adp94xx - ok
11:57:44.0184 3788 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:57:44.0226 3788 adpahci - ok
11:57:44.0266 3788 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:57:44.0301 3788 adpu320 - ok
11:57:44.0335 3788 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:57:44.0541 3788 AeLookupSvc - ok
11:57:44.0593 3788 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
11:57:44.0788 3788 afcdp - ok
11:57:45.0103 3788 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:57:45.0276 3788 afcdpsrv - ok
11:57:45.0457 3788 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:57:45.0551 3788 AFD - ok
11:57:45.0688 3788 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
11:57:45.0813 3788 AgereSoftModem - ok
11:57:45.0845 3788 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:57:45.0874 3788 agp440 - ok
11:57:45.0919 3788 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:57:46.0026 3788 ALG - ok
11:57:46.0064 3788 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:57:46.0091 3788 aliide - ok
11:57:46.0115 3788 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:57:46.0141 3788 amdide - ok
11:57:46.0167 3788 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:57:46.0224 3788 AmdK8 - ok
11:57:46.0242 3788 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:57:46.0280 3788 AmdPPM - ok
11:57:46.0320 3788 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:57:46.0350 3788 amdsata - ok
11:57:46.0395 3788 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:57:46.0430 3788 amdsbs - ok
11:57:46.0471 3788 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:57:46.0499 3788 amdxata - ok
11:57:46.0551 3788 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:57:46.0739 3788 AppID - ok
11:57:46.0769 3788 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:57:46.0882 3788 AppIDSvc - ok
11:57:46.0925 3788 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:57:47.0034 3788 Appinfo - ok
11:57:47.0150 3788 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:57:47.0174 3788 Apple Mobile Device - ok
11:57:47.0241 3788 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:57:47.0333 3788 AppMgmt - ok
11:57:47.0368 3788 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:57:47.0398 3788 arc - ok
11:57:47.0423 3788 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:57:47.0454 3788 arcsas - ok
11:57:47.0562 3788 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:57:47.0588 3788 aspnet_state - ok
11:57:47.0641 3788 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
11:57:47.0668 3788 aswFsBlk - ok
11:57:47.0718 3788 aswKbd (c42d45089fd2ec63d13571362c258dc6) C:\Windows\system32\drivers\aswKbd.sys
11:57:47.0743 3788 aswKbd - ok
11:57:47.0800 3788 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
11:57:47.0828 3788 aswMonFlt - ok
11:57:47.0864 3788 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
11:57:47.0890 3788 aswRdr - ok
11:57:48.0007 3788 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
11:57:48.0076 3788 aswSnx - ok
11:57:48.0129 3788 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
11:57:48.0177 3788 aswSP - ok
11:57:48.0198 3788 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
11:57:48.0224 3788 aswTdi - ok
11:57:48.0265 3788 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:57:48.0386 3788 AsyncMac - ok
11:57:48.0406 3788 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:57:48.0436 3788 atapi - ok
11:57:48.0643 3788 ATService (fa47e65aa0c1dbc6dfeb7e9c6f12a5ea) C:\Program Files\Fingerprint Sensor\ATService.exe
11:57:48.0772 3788 ATService - ok
11:57:48.0970 3788 ATSwpWDF (4131dabb573d70fda332a55f206f6cff) C:\Windows\system32\Drivers\ATSwpWDF.sys
11:57:49.0027 3788 ATSwpWDF - ok
11:57:49.0112 3788 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:57:49.0244 3788 AudioEndpointBuilder - ok
11:57:49.0261 3788 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:57:49.0368 3788 AudioSrv - ok
11:57:49.0470 3788 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:57:49.0498 3788 avast! Antivirus - ok
11:57:49.0567 3788 AVMCOWAN (43744f1d3cde20f3925f10927c9036c2) C:\Windows\system32\DRIVERS\AVMCOWAN.sys
11:57:49.0627 3788 AVMCOWAN - ok
11:57:49.0675 3788 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:57:49.0775 3788 AxInstSV - ok
11:57:49.0844 3788 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:57:49.0936 3788 b06bdrv - ok
11:57:50.0002 3788 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:57:50.0060 3788 b57nd60a - ok
11:57:50.0127 3788 bcbtums (6f29ca4ea1db1888016eb22adae4227d) C:\Windows\system32\drivers\bcbtums.sys
11:57:50.0154 3788 bcbtums - ok
11:57:50.0195 3788 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:57:50.0255 3788 BDESVC - ok
11:57:50.0290 3788 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:57:50.0387 3788 Beep - ok
11:57:50.0476 3788 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:57:50.0597 3788 BFE - ok
11:57:50.0688 3788 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:57:50.0858 3788 BITS - ok
11:57:50.0919 3788 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:57:50.0970 3788 blbdrive - ok
11:57:51.0081 3788 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:57:51.0118 3788 Bonjour Service - ok
11:57:51.0168 3788 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:57:51.0247 3788 bowser - ok
11:57:51.0280 3788 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:57:51.0322 3788 BrFiltLo - ok
11:57:51.0328 3788 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:57:51.0368 3788 BrFiltUp - ok
11:57:51.0406 3788 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:57:51.0513 3788 Browser - ok
11:57:51.0562 3788 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:57:51.0615 3788 Brserid - ok
11:57:51.0637 3788 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:57:51.0688 3788 BrSerWdm - ok
11:57:51.0724 3788 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:57:51.0769 3788 BrUsbMdm - ok
11:57:51.0775 3788 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:57:51.0816 3788 BrUsbSer - ok
11:57:51.0878 3788 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
11:57:51.0977 3788 BthEnum - ok
11:57:52.0018 3788 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:57:52.0091 3788 BTHMODEM - ok
11:57:52.0124 3788 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:57:52.0182 3788 BthPan - ok
11:57:52.0426 3788 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:57:52.0501 3788 BTHPORT - ok
11:57:52.0553 3788 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:57:52.0655 3788 bthserv - ok
11:57:52.0677 3788 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:57:52.0723 3788 BTHUSB - ok
11:57:52.0786 3788 BTWAMPFL (72cc5dcc4e67e7927f94801166cfdcda) C:\Windows\system32\DRIVERS\btwampfl.sys
11:57:52.0814 3788 BTWAMPFL - ok
11:57:52.0897 3788 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\Windows\system32\drivers\btwaudio.sys
11:57:52.0946 3788 btwaudio - ok
11:57:53.0073 3788 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
11:57:53.0115 3788 btwavdt - ok
11:57:53.0333 3788 btwdins (36e3016bedc45274e00e2943b591aeef) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:57:53.0377 3788 btwdins - ok
11:57:53.0393 3788 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
11:57:53.0411 3788 btwl2cap - ok
11:57:53.0425 3788 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
11:57:53.0444 3788 btwrchid - ok
11:57:53.0499 3788 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:57:53.0597 3788 cdfs - ok
11:57:53.0645 3788 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:57:53.0688 3788 cdrom - ok
11:57:53.0723 3788 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:57:53.0832 3788 CertPropSvc - ok
11:57:53.0869 3788 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:57:53.0913 3788 circlass - ok
11:57:53.0970 3788 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:57:54.0013 3788 CLFS - ok
11:57:54.0117 3788 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:57:54.0145 3788 clr_optimization_v2.0.50727_32 - ok
11:57:54.0193 3788 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:57:54.0223 3788 clr_optimization_v2.0.50727_64 - ok
11:57:54.0293 3788 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:57:54.0365 3788 clr_optimization_v4.0.30319_32 - ok
11:57:54.0426 3788 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:57:54.0467 3788 clr_optimization_v4.0.30319_64 - ok
11:57:54.0494 3788 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:57:54.0542 3788 CmBatt - ok
11:57:54.0572 3788 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:57:54.0598 3788 cmdide - ok
11:57:54.0663 3788 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:57:54.0749 3788 CNG - ok
11:57:54.0803 3788 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:57:54.0829 3788 Compbatt - ok
11:57:54.0841 3788 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:57:54.0886 3788 CompositeBus - ok
11:57:54.0908 3788 COMSysApp - ok
11:57:54.0940 3788 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:57:54.0966 3788 crcdisk - ok
11:57:55.0032 3788 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:57:55.0113 3788 CryptSvc - ok
11:57:55.0183 3788 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:57:55.0260 3788 CSC - ok
11:57:55.0351 3788 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
11:57:55.0418 3788 CscService - ok
11:57:55.0588 3788 CVPND (eedbab8486e358cdd6687e666941b30c) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
11:57:55.0668 3788 CVPND - ok
11:57:55.0791 3788 CVPNDRVA (5ba042bcab6246c6bba51606afd7b488) C:\Windows\SysWOW64\Drivers\CVPNDRVA.sys
11:57:55.0820 3788 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
11:57:55.0820 3788 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
11:57:55.0939 3788 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:57:56.0065 3788 DcomLaunch - ok
11:57:56.0129 3788 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:57:56.0254 3788 defragsvc - ok
11:57:56.0329 3788 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:57:56.0435 3788 DfsC - ok
11:57:56.0497 3788 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:57:56.0619 3788 Dhcp - ok
11:57:56.0644 3788 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:57:56.0755 3788 discache - ok
11:57:56.0781 3788 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:57:56.0810 3788 Disk - ok
11:57:56.0852 3788 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
11:57:56.0917 3788 dmvsc - ok
11:57:56.0955 3788 DNE (c6f7bf3624f946bd70fa991da3c29fdd) C:\Windows\system32\DRIVERS\dne64x.sys
11:57:57.0045 3788 DNE - ok
11:57:57.0114 3788 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:57:57.0195 3788 Dnscache - ok
11:57:57.0230 3788 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:57:57.0342 3788 dot3svc - ok
11:57:57.0366 3788 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:57:57.0473 3788 DPS - ok
11:57:57.0509 3788 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:57:57.0553 3788 drmkaud - ok
11:57:57.0631 3788 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:57:57.0698 3788 DXGKrnl - ok
11:57:57.0754 3788 e1cexpress (dc1776d086aa9733b1929a3d979d9fdd) C:\Windows\system32\DRIVERS\e1c62x64.sys
11:57:57.0790 3788 e1cexpress - ok
11:57:57.0823 3788 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:57:57.0924 3788 EapHost - ok
11:57:58.0187 3788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:57:58.0385 3788 ebdrv - ok
11:57:58.0493 3788 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:57:58.0562 3788 EFS - ok
11:57:58.0659 3788 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:57:58.0741 3788 ehRecvr - ok
11:57:58.0782 3788 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:57:58.0833 3788 ehSched - ok
11:57:58.0928 3788 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:57:58.0977 3788 elxstor - ok
11:57:58.0992 3788 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:57:59.0032 3788 ErrDev - ok
11:57:59.0091 3788 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:57:59.0206 3788 EventSystem - ok
11:57:59.0366 3788 EvtEng (7a526761229c10b0d8508b905f0fee4c) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:57:59.0445 3788 EvtEng - ok
11:57:59.0594 3788 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:57:59.0694 3788 exfat - ok
11:57:59.0730 3788 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:57:59.0838 3788 fastfat - ok
11:57:59.0923 3788 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:58:00.0009 3788 Fax - ok
11:58:00.0029 3788 FBIOSDRV (9955bf48fd2fa8d481848cd3024edd0b) C:\Windows\system32\Drivers\FBIOSDRV.sys
11:58:00.0052 3788 FBIOSDRV - ok
11:58:00.0091 3788 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:58:00.0145 3788 fdc - ok
11:58:00.0174 3788 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:58:00.0281 3788 fdPHost - ok
11:58:00.0296 3788 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:58:00.0403 3788 FDResPub - ok
11:58:00.0430 3788 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:58:00.0458 3788 FileInfo - ok
11:58:00.0476 3788 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:58:00.0588 3788 Filetrace - ok
11:58:00.0630 3788 FJGSDisk (2fa407147f273d7852feb7bda71e54e1) C:\Windows\system32\DRIVERS\FJGSDisk.sys
11:58:00.0656 3788 FJGSDisk - ok
11:58:00.0682 3788 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:58:00.0712 3788 flpydisk - ok
11:58:00.0773 3788 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:58:00.0811 3788 FltMgr - ok
11:58:00.0920 3788 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:58:01.0031 3788 FontCache - ok
11:58:01.0114 3788 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:58:01.0137 3788 FontCache3.0.0.0 - ok
11:58:01.0205 3788 FscEfDmi (db75b9978e83c8d1e2a2aece3fece608) C:\Windows\system32\DRIVERS\FscEfDmi.sys
11:58:01.0257 3788 FscEfDmi - ok
11:58:01.0294 3788 FscGabi (4d1f8b1844f3317b4ca2fa7db1af2c98) C:\Windows\system32\DRIVERS\FscGabi.sys
11:58:01.0341 3788 FscGabi - ok
11:58:01.0371 3788 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:58:01.0398 3788 FsDepends - ok
11:58:01.0432 3788 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:58:01.0458 3788 Fs_Rec - ok
11:58:01.0494 3788 FUJ02B1 (ba0c1ffda496d8bcbcac63f8d98d20e3) C:\Windows\system32\drivers\FUJ02B1.sys
11:58:01.0545 3788 FUJ02B1 - ok
11:58:01.0595 3788 FUJ02E3 (7135030cbf87d724b6037bb023923730) C:\Windows\system32\drivers\FUJ02E3.sys
11:58:01.0653 3788 FUJ02E3 - ok
11:58:01.0740 3788 FUS2BASE (3d0f2c8b86bcab9a2bc5d5a725f45dcc) C:\Windows\system32\DRIVERS\fus2base.sys
11:58:01.0815 3788 FUS2BASE - ok
11:58:01.0863 3788 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:58:01.0906 3788 fvevol - ok
11:58:01.0938 3788 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:58:01.0965 3788 gagp30kx - ok
11:58:02.0004 3788 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:58:02.0024 3788 GEARAspiWDM - ok
11:58:02.0163 3788 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:58:02.0283 3788 gpsvc - ok
11:58:02.0322 3788 guardian2 (fb9ad1e93e445ab84594931b8552501a) C:\Windows\system32\Drivers\oz776x64.sys
11:58:02.0348 3788 guardian2 - ok
11:58:02.0461 3788 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:58:02.0487 3788 gupdate - ok
11:58:02.0501 3788 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:58:02.0523 3788 gupdatem - ok
11:58:02.0600 3788 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:58:02.0628 3788 gusvc - ok
11:58:02.0663 3788 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:58:02.0732 3788 hcw85cir - ok
11:58:02.0791 3788 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:58:02.0847 3788 HdAudAddService - ok
11:58:02.0890 3788 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:58:02.0930 3788 HDAudBus - ok
11:58:02.0964 3788 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:58:03.0007 3788 HidBatt - ok
11:58:03.0026 3788 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:58:03.0078 3788 HidBth - ok
11:58:03.0116 3788 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:58:03.0154 3788 HidIr - ok
11:58:03.0179 3788 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:58:03.0287 3788 hidserv - ok
11:58:03.0340 3788 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:58:03.0371 3788 HidUsb - ok
11:58:03.0403 3788 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:58:03.0512 3788 hkmsvc - ok
11:58:03.0558 3788 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:58:03.0633 3788 HomeGroupListener - ok
11:58:03.0664 3788 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:58:03.0719 3788 HomeGroupProvider - ok
11:58:03.0749 3788 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:58:03.0777 3788 HpSAMD - ok
11:58:03.0843 3788 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:58:03.0960 3788 HTTP - ok
11:58:03.0985 3788 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:58:04.0011 3788 hwpolicy - ok
11:58:04.0043 3788 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:58:04.0076 3788 i8042prt - ok
11:58:04.0136 3788 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\Windows\system32\drivers\iaStor.sys
11:58:04.0173 3788 iaStor - ok
11:58:04.0237 3788 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:58:04.0280 3788 iaStorV - ok
11:58:04.0424 3788 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:58:04.0482 3788 idsvc - ok
11:58:05.0199 3788 igfx (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:58:05.0764 3788 igfx - ok
11:58:05.0897 3788 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:58:05.0924 3788 iirsp - ok
11:58:06.0009 3788 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:58:06.0137 3788 IKEEXT - ok
11:58:06.0146 3788 intaud_WaveExtensible - ok
11:58:06.0335 3788 IntcAzAudAddService (d492d3b5a8ddde1d6621a8c53855eabf) C:\Windows\system32\drivers\RTKVHD64.sys
11:58:06.0472 3788 IntcAzAudAddService - ok
11:58:06.0637 3788 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:58:06.0696 3788 IntcDAud - ok
11:58:06.0729 3788 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:58:06.0754 3788 intelide - ok
11:58:06.0784 3788 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:58:06.0831 3788 intelppm - ok
11:58:06.0875 3788 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:58:06.0987 3788 IPBusEnum - ok
11:58:07.0009 3788 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:58:07.0112 3788 IpFilterDriver - ok
11:58:07.0178 3788 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:58:07.0301 3788 iphlpsvc - ok
11:58:07.0330 3788 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:58:07.0369 3788 IPMIDRV - ok
11:58:07.0407 3788 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:58:07.0503 3788 IPNAT - ok
11:58:07.0637 3788 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
11:58:07.0696 3788 iPod Service - ok
11:58:07.0735 3788 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:58:07.0777 3788 IRENUM - ok
11:58:07.0791 3788 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:58:07.0817 3788 isapnp - ok
11:58:07.0860 3788 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:58:07.0897 3788 iScsiPrt - ok
11:58:07.0903 3788 iwdbus - ok
11:58:07.0952 3788 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:58:07.0980 3788 kbdclass - ok
11:58:07.0997 3788 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:58:08.0037 3788 kbdhid - ok
11:58:08.0071 3788 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:58:08.0103 3788 KeyIso - ok
11:58:08.0131 3788 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:58:08.0160 3788 KSecDD - ok
11:58:08.0184 3788 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:58:08.0216 3788 KSecPkg - ok
11:58:08.0265 3788 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:58:08.0367 3788 ksthunk - ok
11:58:08.0417 3788 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:58:08.0533 3788 KtmRm - ok
11:58:08.0587 3788 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:58:08.0712 3788 LanmanServer - ok
11:58:08.0754 3788 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:58:08.0859 3788 LanmanWorkstation - ok
11:58:08.0889 3788 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:58:08.0989 3788 lltdio - ok
11:58:09.0041 3788 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:58:09.0144 3788 lltdsvc - ok
11:58:09.0158 3788 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:58:09.0252 3788 lmhosts - ok
11:58:09.0343 3788 LMS (a63b719f4f8657f3fcd84436d09378c8) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:58:09.0378 3788 LMS - ok
11:58:09.0423 3788 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:58:09.0453 3788 LSI_FC - ok
11:58:09.0475 3788 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:58:09.0504 3788 LSI_SAS - ok
11:58:09.0538 3788 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:58:09.0566 3788 LSI_SAS2 - ok
11:58:09.0595 3788 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:58:09.0625 3788 LSI_SCSI - ok
11:58:09.0677 3788 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:58:09.0784 3788 luafv - ok
11:58:09.0845 3788 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
11:58:09.0872 3788 MBAMProtector - ok
11:58:09.0977 3788 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:58:10.0022 3788 MBAMService - ok
11:58:10.0056 3788 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:58:10.0093 3788 Mcx2Svc - ok
11:58:10.0112 3788 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:58:10.0138 3788 megasas - ok
11:58:10.0218 3788 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:58:10.0255 3788 MegaSR - ok
11:58:10.0288 3788 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:58:10.0311 3788 MEIx64 - ok
11:58:10.0393 3788 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:58:10.0417 3788 Microsoft Office Groove Audit Service - ok
11:58:10.0450 3788 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:58:10.0556 3788 MMCSS - ok
11:58:10.0576 3788 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:58:10.0677 3788 Modem - ok
11:58:10.0713 3788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:58:10.0768 3788 monitor - ok
11:58:10.0798 3788 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:58:10.0825 3788 mouclass - ok
11:58:10.0882 3788 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:58:10.0920 3788 mouhid - ok
11:58:10.0944 3788 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:58:10.0973 3788 mountmgr - ok
11:58:11.0061 3788 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:58:11.0094 3788 MozillaMaintenance - ok
11:58:11.0133 3788 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:58:11.0169 3788 mpio - ok
11:58:11.0183 3788 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:58:11.0277 3788 mpsdrv - ok
11:58:11.0358 3788 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:58:11.0486 3788 MpsSvc - ok
11:58:11.0521 3788 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:58:11.0583 3788 MRxDAV - ok
11:58:11.0637 3788 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:58:11.0716 3788 mrxsmb - ok
11:58:11.0783 3788 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:58:11.0829 3788 mrxsmb10 - ok
11:58:11.0858 3788 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:58:11.0918 3788 mrxsmb20 - ok
11:58:11.0951 3788 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:58:11.0978 3788 msahci - ok
11:58:12.0002 3788 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:58:12.0033 3788 msdsm - ok
11:58:12.0069 3788 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:58:12.0119 3788 MSDTC - ok
11:58:12.0144 3788 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:58:12.0246 3788 Msfs - ok
11:58:12.0272 3788 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:58:12.0381 3788 mshidkmdf - ok
11:58:12.0397 3788 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:58:12.0423 3788 msisadrv - ok
11:58:12.0474 3788 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:58:12.0580 3788 MSiSCSI - ok
11:58:12.0587 3788 msiserver - ok
11:58:12.0623 3788 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:58:12.0713 3788 MSKSSRV - ok
11:58:12.0720 3788 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:58:12.0819 3788 MSPCLOCK - ok
11:58:12.0825 3788 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:58:12.0919 3788 MSPQM - ok
11:58:12.0986 3788 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:58:13.0027 3788 MsRPC - ok
11:58:13.0051 3788 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:58:13.0078 3788 mssmbios - ok
11:58:13.0130 3788 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:58:13.0228 3788 MSTEE - ok
11:58:13.0243 3788 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:58:13.0286 3788 MTConfig - ok
11:58:13.0329 3788 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:58:13.0356 3788 Mup - ok
11:58:13.0415 3788 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:58:13.0531 3788 napagent - ok
11:58:13.0588 3788 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:58:13.0646 3788 NativeWifiP - ok
11:58:13.0717 3788 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:58:13.0784 3788 NDIS - ok
11:58:13.0821 3788 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:58:13.0923 3788 NdisCap - ok
11:58:13.0959 3788 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:58:14.0064 3788 NdisTapi - ok
11:58:14.0086 3788 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:58:14.0188 3788 Ndisuio - ok
11:58:14.0227 3788 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:58:14.0333 3788 NdisWan - ok
11:58:14.0353 3788 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:58:14.0455 3788 NDProxy - ok
11:58:14.0616 3788 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:58:14.0676 3788 Nero BackItUp Scheduler 4.0 - ok
11:58:14.0720 3788 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:58:14.0822 3788 NetBIOS - ok
11:58:14.0856 3788 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:58:14.0959 3788 NetBT - ok
11:58:14.0994 3788 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:58:15.0028 3788 Netlogon - ok
11:58:15.0091 3788 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:58:15.0196 3788 Netman - ok
11:58:15.0291 3788 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:15.0320 3788 NetMsmqActivator - ok
11:58:15.0326 3788 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:15.0351 3788 NetPipeActivator - ok
11:58:15.0404 3788 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:58:15.0512 3788 netprofm - ok
11:58:15.0519 3788 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:15.0544 3788 NetTcpActivator - ok
11:58:15.0550 3788 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:15.0575 3788 NetTcpPortSharing - ok
11:58:16.0105 3788 NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:58:16.0519 3788 NETwNs64 - ok
11:58:16.0643 3788 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:58:16.0670 3788 nfrd960 - ok
11:58:16.0721 3788 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:58:16.0829 3788 NlaSvc - ok
11:58:16.0861 3788 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:58:16.0967 3788 Npfs - ok
11:58:17.0005 3788 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:58:17.0099 3788 nsi - ok
11:58:17.0120 3788 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:58:17.0222 3788 nsiproxy - ok
11:58:17.0357 3788 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:58:17.0454 3788 Ntfs - ok
11:58:17.0570 3788 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:58:17.0667 3788 Null - ok
11:58:17.0708 3788 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
11:58:17.0749 3788 nusb3hub - ok
11:58:17.0782 3788 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:58:17.0842 3788 nusb3xhc - ok
11:58:17.0886 3788 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:58:17.0918 3788 nvraid - ok
11:58:17.0934 3788 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:58:17.0966 3788 nvstor - ok
11:58:17.0999 3788 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:58:18.0029 3788 nv_agp - ok
11:58:18.0138 3788 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:58:18.0179 3788 odserv - ok
11:58:18.0235 3788 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:58:18.0293 3788 ohci1394 - ok
11:58:18.0349 3788 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:58:18.0378 3788 ose - ok
11:58:18.0424 3788 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:58:18.0518 3788 p2pimsvc - ok
11:58:18.0573 3788 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:58:18.0630 3788 p2psvc - ok
11:58:18.0670 3788 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:58:18.0702 3788 Parport - ok
11:58:18.0744 3788 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:58:18.0773 3788 partmgr - ok
11:58:18.0812 3788 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:58:18.0882 3788 PcaSvc - ok
11:58:18.0928 3788 pci (b26e102e0f54773119b162f56c9dd994) C:\Windows\system32\drivers\pci.sys
11:58:18.0962 3788 pci - ok
11:58:18.0981 3788 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:58:19.0007 3788 pciide - ok
11:58:19.0043 3788 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:58:19.0078 3788 pcmcia - ok
11:58:19.0105 3788 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:58:19.0133 3788 pcw - ok
11:58:19.0195 3788 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:58:19.0313 3788 PEAUTH - ok
11:58:19.0438 3788 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:58:19.0552 3788 PeerDistSvc - ok
11:58:19.0632 3788 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:58:19.0684 3788 PerfHost - ok
11:58:19.0799 3788 PFNService (6ce8bb00a615a4f3fa2f36fdb2ef4efa) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
11:58:19.0834 3788 PFNService ( UnsignedFile.Multi.Generic ) - warning
11:58:19.0835 3788 PFNService - detected UnsignedFile.Multi.Generic (1)
11:58:19.0982 3788 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:58:20.0131 3788 pla - ok
11:58:20.0199 3788 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:58:20.0280 3788 PlugPlay - ok
11:58:20.0303 3788 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:58:20.0348 3788 PNRPAutoReg - ok
11:58:20.0389 3788 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:58:20.0430 3788 PNRPsvc - ok
11:58:20.0490 3788 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:58:20.0603 3788 PolicyAgent - ok
11:58:20.0648 3788 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll
11:58:20.0723 3788 Power - ok
11:58:20.0805 3788 PowerSavingUtilityService (76ff4836efa78dbf3f39f612d88ca7e7) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
11:58:20.0827 3788 PowerSavingUtilityService - ok
11:58:20.0887 3788 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:58:20.0994 3788 PptpMiniport - ok
11:58:21.0018 3788 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:58:21.0066 3788 Processor - ok
11:58:21.0103 3788 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:58:21.0167 3788 ProfSvc - ok
11:58:21.0194 3788 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:58:21.0226 3788 ProtectedStorage - ok
11:58:21.0264 3788 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:58:21.0375 3788 Psched - ok
11:58:21.0478 3788 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:58:21.0569 3788 ql2300 - ok
11:58:21.0696 3788 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:58:21.0727 3788 ql40xx - ok
11:58:21.0772 3788 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:58:21.0827 3788 QWAVE - ok
11:58:21.0850 3788 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:58:21.0912 3788 QWAVEdrv - ok
11:58:21.0933 3788 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:58:22.0033 3788 RasAcd - ok
11:58:22.0073 3788 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:58:22.0165 3788 RasAgileVpn - ok
11:58:22.0199 3788 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:58:22.0304 3788 RasAuto - ok
11:58:22.0346 3788 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:58:22.0451 3788 Rasl2tp - ok
11:58:22.0514 3788 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:58:22.0628 3788 RasMan - ok
11:58:22.0671 3788 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:58:22.0779 3788 RasPppoe - ok
11:58:22.0808 3788 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:58:22.0910 3788 RasSstp - ok
11:58:22.0946 3788 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:58:23.0066 3788 rdbss - ok
11:58:23.0090 3788 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:58:23.0134 3788 rdpbus - ok
11:58:23.0148 3788 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:58:23.0254 3788 RDPCDD - ok
11:58:23.0293 3788 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:58:23.0345 3788 RDPDR - ok
11:58:23.0375 3788 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:58:23.0476 3788 RDPENCDD - ok
11:58:23.0496 3788 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:58:23.0596 3788 RDPREFMP - ok
11:58:23.0635 3788 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:58:23.0704 3788 RDPWD - ok
11:58:23.0753 3788 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:58:23.0788 3788 rdyboost - ok
11:58:23.0897 3788 RegSrvc (2ec95080fad2621c5e3034de4c39a2a3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:58:23.0950 3788 RegSrvc - ok
11:58:23.0981 3788 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:58:24.0103 3788 RemoteAccess - ok
11:58:24.0148 3788 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:58:24.0263 3788 RemoteRegistry - ok
11:58:24.0337 3788 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:58:24.0393 3788 RFCOMM - ok
11:58:24.0436 3788 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:58:24.0533 3788 RpcEptMapper - ok
11:58:24.0560 3788 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:58:24.0596 3788 RpcLocator - ok
11:58:24.0667 3788 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:58:24.0773 3788 RpcSs - ok
11:58:24.0851 3788 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
11:58:24.0889 3788 RSPCIESTOR - ok
11:58:24.0932 3788 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:58:25.0036 3788 rspndr - ok
11:58:25.0063 3788 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:58:25.0099 3788 s3cap - ok
11:58:25.0139 3788 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:58:25.0171 3788 SamSs - ok
11:58:25.0456 3788 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
11:58:25.0628 3788 SBAMSvc - ok
11:58:25.0767 3788 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
11:58:25.0792 3788 sbapifs - ok
11:58:25.0872 3788 SbFw (19954328dda3d656f8a879b3a46ffed6) C:\Windows\system32\drivers\SbFw.sys
11:58:25.0904 3788 SbFw - ok
11:58:25.0931 3788 SBFWIMCL (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\sbfwim.sys
11:58:25.0958 3788 SBFWIMCL - ok
11:58:25.0976 3788 SBFWIMCLMP (513b3bfcd3c465b9820c2d05fa94e630) C:\Windows\system32\DRIVERS\SBFWIM.sys
11:58:26.0001 3788 SBFWIMCLMP - ok
11:58:26.0021 3788 sbhips (b671eef468d13016b9286f5835a06ae1) C:\Windows\system32\drivers\sbhips.sys
11:58:26.0045 3788 sbhips - ok
11:58:26.0080 3788 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:58:26.0111 3788 sbp2port - ok
11:58:26.0148 3788 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\Windows\system32\drivers\SBREdrv.sys
11:58:26.0171 3788 SBRE - ok
11:58:26.0233 3788 sbwtis (eab54adcceca64b2f38cd859fb494895) C:\Windows\system32\DRIVERS\sbwtis.sys
11:58:26.0258 3788 sbwtis - ok
11:58:26.0339 3788 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:58:26.0452 3788 SCardSvr - ok
11:58:26.0480 3788 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:58:26.0578 3788 scfilter - ok
11:58:26.0672 3788 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:58:26.0800 3788 Schedule - ok
11:58:26.0825 3788 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:58:26.0913 3788 SCPolicySvc - ok
11:58:26.0966 3788 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:58:27.0020 3788 sdbus - ok
11:58:27.0063 3788 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:58:27.0133 3788 SDRSVC - ok
11:58:27.0166 3788 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:58:27.0256 3788 secdrv - ok
11:58:27.0292 3788 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:58:27.0400 3788 seclogon - ok
11:58:27.0419 3788 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:58:27.0535 3788 SENS - ok
11:58:27.0574 3788 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:58:27.0644 3788 SensrSvc - ok
11:58:27.0669 3788 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:58:27.0711 3788 Serenum - ok
11:58:27.0737 3788 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:58:27.0771 3788 Serial - ok
11:58:27.0800 3788 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:58:27.0838 3788 sermouse - ok
11:58:27.0877 3788 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:58:27.0989 3788 SessionEnv - ok
11:58:28.0003 3788 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:58:28.0049 3788 sffdisk - ok
11:58:28.0062 3788 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:58:28.0109 3788 sffp_mmc - ok
11:58:28.0122 3788 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:58:28.0174 3788 sffp_sd - ok
11:58:28.0208 3788 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:58:28.0252 3788 sfloppy - ok
11:58:28.0318 3788 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:58:28.0431 3788 SharedAccess - ok
11:58:28.0485 3788 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:58:28.0598 3788 ShellHWDetection - ok
11:58:28.0711 3788 Sierra Wireless QDL Service (f16269f0a47cbbf4578204283ac0d6b3) C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
11:58:28.0741 3788 Sierra Wireless QDL Service - ok
11:58:28.0760 3788 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:58:28.0787 3788 SiSRaid2 - ok
11:58:28.0826 3788 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:58:28.0855 3788 SiSRaid4 - ok
11:58:28.0889 3788 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:58:28.0998 3788 Smb - ok
11:58:29.0057 3788 snapman (b2c19ae46c5a109679b4fb38058df05a) C:\Windows\system32\DRIVERS\snapman.sys
11:58:29.0092 3788 snapman - ok
11:58:29.0130 3788 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:58:29.0176 3788 SNMPTRAP - ok
11:58:29.0304 3788 SNP2UVC (9cd1c53490eb5601870a69a8e40f7b12) C:\Windows\system32\DRIVERS\snp2uvc.sys
11:58:29.0414 3788 SNP2UVC - ok
11:58:29.0532 3788 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:58:29.0558 3788 spldr - ok
11:58:29.0626 3788 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:58:29.0736 3788 Spooler - ok
11:58:29.0948 3788 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:58:30.0163 3788 sppsvc - ok
11:58:30.0279 3788 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:58:30.0384 3788 sppuinotify - ok
11:58:30.0491 3788 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:58:30.0553 3788 srv - ok
11:58:30.0623 3788 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:58:30.0680 3788 srv2 - ok
11:58:30.0714 3788 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:58:30.0761 3788 srvnet - ok
11:58:30.0811 3788 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:58:30.0927 3788 SSDPSRV - ok
11:58:30.0952 3788 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:58:31.0051 3788 SstpSvc - ok
11:58:31.0085 3788 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:58:31.0112 3788 stexstor - ok
11:58:31.0186 3788 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:58:31.0266 3788 stisvc - ok
11:58:31.0320 3788 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:58:31.0348 3788 storflt - ok
11:58:31.0402 3788 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
11:58:31.0474 3788 StorSvc - ok
11:58:31.0529 3788 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:58:31.0556 3788 storvsc - ok
11:58:31.0569 3788 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:58:31.0595 3788 swenum - ok
11:58:31.0634 3788 swg3kflt00 (27fa8ebc9a28b57658f6747473cb5c8e) C:\Windows\system32\DRIVERS\swg3kflt00.sys
11:58:31.0684 3788 swg3kflt00 - ok
11:58:31.0757 3788 swg3kmbb00 (d74305444436e41beb59ff2260a6394a) C:\Windows\system32\DRIVERS\swg3kmbb00.sys
11:58:31.0821 3788 swg3kmbb00 - ok
11:58:31.0865 3788 swg3knmea00 (143b763e71df2ed586c278541f89432d) C:\Windows\system32\DRIVERS\swg3knmea00.sys
11:58:31.0923 3788 swg3knmea00 - ok
11:58:31.0975 3788 swg3kser00 (143b763e71df2ed586c278541f89432d) C:\Windows\system32\DRIVERS\swg3kser00.sys
11:58:32.0007 3788 swg3kser00 - ok
11:58:32.0029 3788 swibus00 (b49e9db5401ecc28a104e64f5434a38e) C:\Windows\system32\DRIVERS\swibus00.sys
11:58:32.0067 3788 swibus00 - ok
11:58:32.0094 3788 swibusflt00 (b49e9db5401ecc28a104e64f5434a38e) C:\Windows\system32\DRIVERS\swibusflt00.sys
11:58:32.0119 3788 swibusflt00 - ok
11:58:32.0173 3788 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:58:32.0294 3788 swprv - ok
11:58:32.0354 3788 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys
11:58:32.0389 3788 SynTP - ok
11:58:32.0527 3788 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:58:32.0646 3788 SysMain - ok
11:58:32.0748 3788 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:58:32.0799 3788 TabletInputService - ok
11:58:32.0837 3788 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:58:32.0954 3788 TapiSrv - ok
11:58:32.0986 3788 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:58:33.0084 3788 TBS - ok
11:58:33.0252 3788 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:58:33.0362 3788 Tcpip - ok
11:58:33.0603 3788 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:58:33.0702 3788 TCPIP6 - ok
11:58:33.0833 3788 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:58:33.0929 3788 tcpipreg - ok
11:58:33.0954 3788 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:58:34.0014 3788 TDPIPE - ok
11:58:34.0128 3788 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
11:58:34.0205 3788 tdrpman273 - ok
11:58:34.0239 3788 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:58:34.0280 3788 TDTCP - ok
11:58:34.0308 3788 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:58:34.0409 3788 tdx - ok
11:58:34.0439 3788 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:58:34.0468 3788 TermDD - ok
11:58:34.0545 3788 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:58:34.0667 3788 TermService - ok
11:58:34.0690 3788 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:58:34.0751 3788 Themes - ok
11:58:34.0773 3788 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:58:34.0866 3788 THREADORDER - ok
11:58:34.0944 3788 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys
11:58:35.0006 3788 timounter - ok
11:58:35.0052 3788 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
11:58:35.0100 3788 TPM - ok
11:58:35.0141 3788 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:58:35.0255 3788 TrkWks - ok
11:58:35.0312 3788 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:58:35.0416 3788 TrustedInstaller - ok
11:58:35.0448 3788 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:58:35.0553 3788 tssecsrv - ok
11:58:35.0580 3788 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:58:35.0650 3788 TsUsbFlt - ok
11:58:35.0679 3788 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:58:35.0712 3788 TsUsbGD - ok
11:58:35.0762 3788 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:58:35.0868 3788 tunnel - ok
11:58:35.0896 3788 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:58:35.0925 3788 uagp35 - ok
11:58:35.0963 3788 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:58:36.0078 3788 udfs - ok
11:58:36.0118 3788 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:58:36.0157 3788 UI0Detect - ok
11:58:36.0184 3788 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:58:36.0212 3788 uliagpkx - ok
11:58:36.0241 3788 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:58:36.0272 3788 umbus - ok
11:58:36.0293 3788 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:58:36.0331 3788 UmPass - ok
11:58:36.0383 3788 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
11:58:36.0441 3788 UmRdpService - ok
11:58:36.0664 3788 UNS (e419566c7918a4c8e9497afbd502fb2a) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:58:36.0802 3788 UNS - ok
11:58:36.0922 3788 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:58:37.0040 3788 upnphost - ok
11:58:37.0121 3788 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:58:37.0156 3788 USBAAPL64 - ok
11:58:37.0190 3788 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
11:58:37.0250 3788 usbccgp - ok
11:58:37.0293 3788 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:58:37.0344 3788 usbcir - ok
11:58:37.0379 3788 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:58:37.0424 3788 usbehci - ok
11:58:37.0491 3788 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
11:58:37.0544 3788 usbhub - ok
11:58:37.0580 3788 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:58:37.0625 3788 usbohci - ok
11:58:37.0644 3788 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:58:37.0711 3788 usbprint - ok
11:58:37.0754 3788 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:58:37.0811 3788 USBSTOR - ok
11:58:37.0840 3788 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:58:37.0873 3788 usbuhci - ok
11:58:37.0916 3788 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:58:37.0969 3788 usbvideo - ok
11:58:37.0999 3788 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:58:38.0105 3788 UxSms - ok
11:58:38.0140 3788 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:58:38.0171 3788 VaultSvc - ok
11:58:38.0185 3788 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:58:38.0212 3788 vdrvroot - ok
11:58:38.0269 3788 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:58:38.0379 3788 vds - ok
11:58:38.0425 3788 vflt (00c7df4f50962ba218ab60d32869100b) C:\Windows\system32\DRIVERS\vfilter.sys
11:58:38.0451 3788 vflt ( UnsignedFile.Multi.Generic ) - warning
11:58:38.0451 3788 vflt - detected UnsignedFile.Multi.Generic (1)
11:58:38.0502 3788 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:58:38.0539 3788 vga - ok
11:58:38.0562 3788 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:58:38.0662 3788 VgaSave - ok
11:58:38.0698 3788 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:58:38.0732 3788 vhdmp - ok
11:58:38.0756 3788 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:58:38.0783 3788 viaide - ok
11:58:38.0821 3788 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:58:38.0855 3788 vmbus - ok
11:58:38.0883 3788 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:58:38.0924 3788 VMBusHID - ok
11:58:38.0968 3788 vnet (a99ca064ad11266fe7067a79bf78bbb5) C:\Windows\system32\DRIVERS\virtualnet.sys
11:58:38.0979 3788 vnet ( UnsignedFile.Multi.Generic ) - warning
11:58:38.0979 3788 vnet - detected UnsignedFile.Multi.Generic (1)
11:58:39.0033 3788 volmgr (071e1b172d49154ee1d23a2acc472efb) C:\Windows\system32\drivers\volmgr.sys
11:58:39.0061 3788 volmgr - ok
11:58:39.0119 3788 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:58:39.0168 3788 volmgrx - ok
11:58:39.0202 3788 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
11:58:39.0241 3788 volsnap - ok
11:58:39.0271 3788 vsdatant - ok
11:58:39.0305 3788 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:58:39.0338 3788 vsmraid - ok
11:58:39.0457 3788 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:58:39.0615 3788 VSS - ok
11:58:39.0743 3788 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:58:39.0796 3788 vwifibus - ok
11:58:39.0821 3788 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:58:39.0877 3788 vwififlt - ok
11:58:39.0899 3788 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:58:39.0942 3788 vwifimp - ok
11:58:39.0994 3788 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:58:40.0112 3788 W32Time - ok
11:58:40.0155 3788 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:58:40.0194 3788 WacomPen - ok
11:58:40.0233 3788 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:58:40.0328 3788 WANARP - ok
11:58:40.0335 3788 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:58:40.0423 3788 Wanarpv6 - ok
11:58:40.0544 3788 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:58:40.0652 3788 wbengine - ok
11:58:40.0765 3788 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:58:40.0833 3788 WbioSrvc - ok
11:58:40.0877 3788 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:58:40.0951 3788 wcncsvc - ok
11:58:40.0987 3788 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:58:41.0056 3788 WcsPlugInService - ok
11:58:41.0102 3788 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:58:41.0128 3788 Wd - ok
11:58:41.0190 3788 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:58:41.0244 3788 Wdf01000 - ok
11:58:41.0273 3788 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:58:41.0381 3788 WdiServiceHost - ok
11:58:41.0388 3788 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:58:41.0439 3788 WdiSystemHost - ok
11:58:41.0486 3788 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:58:41.0546 3788 WebClient - ok
11:58:41.0582 3788 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:58:41.0686 3788 Wecsvc - ok
11:58:41.0707 3788 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:58:41.0821 3788 wercplsupport - ok
11:58:41.0864 3788 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:58:41.0971 3788 WerSvc - ok
11:58:42.0032 3788 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:58:42.0122 3788 WfpLwf - ok
11:58:42.0142 3788 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:58:42.0168 3788 WIMMount - ok
11:58:42.0231 3788 WinDefend - ok
11:58:42.0244 3788 WinHttpAutoProxySvc - ok
11:58:42.0321 3788 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:58:42.0430 3788 Winmgmt - ok
11:58:42.0576 3788 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:58:42.0736 3788 WinRM - ok
11:58:42.0883 3788 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
11:58:42.0933 3788 WinUsb - ok
11:58:43.0024 3788 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:58:43.0101 3788 Wlansvc - ok
11:58:43.0177 3788 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:58:43.0200 3788 wlcrasvc - ok
11:58:43.0402 3788 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:58:43.0513 3788 wlidsvc - ok
11:58:43.0635 3788 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:58:43.0665 3788 WmiAcpi - ok
11:58:43.0750 3788 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:58:43.0800 3788 wmiApSrv - ok
11:58:43.0852 3788 WMPNetworkSvc - ok
11:58:43.0886 3788 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:58:43.0938 3788 WPCSvc - ok
11:58:43.0976 3788 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:58:44.0021 3788 WPDBusEnum - ok
11:58:44.0049 3788 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:58:44.0139 3788 ws2ifsl - ok
11:58:44.0181 3788 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:58:44.0250 3788 wscsvc - ok
11:58:44.0287 3788 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:58:44.0332 3788 WSDPrintDevice - ok
11:58:44.0339 3788 WSearch - ok
11:58:44.0508 3788 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:58:44.0648 3788 wuauserv - ok
11:58:44.0775 3788 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:58:44.0866 3788 WudfPf - ok
11:58:44.0897 3788 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:58:44.0997 3788 WUDFRd - ok
11:58:45.0027 3788 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:58:45.0123 3788 wudfsvc - ok
11:58:45.0159 3788 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:58:45.0232 3788 WwanSvc - ok
11:58:45.0363 3788 ZcfgSvc7 (ee46baf6a85b9d7c40dadc2eda73df26) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
11:58:45.0421 3788 ZcfgSvc7 - ok
11:58:45.0478 3788 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:58:45.0837 3788 \Device\Harddisk0\DR0 - ok
11:58:45.0861 3788 Boot (0x1200) (a5431a2c4f9c7e11fe02680e7fa29459) \Device\Harddisk0\DR0\Partition0
11:58:45.0864 3788 \Device\Harddisk0\DR0\Partition0 - ok
11:58:45.0888 3788 Boot (0x1200) (b3152ce8c105252c232df8eeaaf5480d) \Device\Harddisk0\DR0\Partition1
11:58:45.0891 3788 \Device\Harddisk0\DR0\Partition1 - ok
11:58:45.0892 3788 ============================================================
11:58:45.0892 3788 Scan finished
11:58:45.0892 3788 ============================================================
11:58:45.0904 2080 Detected object count: 4
11:58:45.0904 2080 Actual detected object count: 4
12:17:07.0906 2080 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:07.0906 2080 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:07.0908 2080 PFNService ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:07.0908 2080 PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:07.0911 2080 vflt ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:07.0911 2080 vflt ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:07.0915 2080 vnet ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:07.0915 2080 vnet ( UnsignedFile.Multi.Generic ) - User select action: Skip

Zitat:
Zitat von Chris4You Beitrag anzeigen
Hi,

da ist ein Treiber von ZoneAlarm:
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\vsdatant.sys -- (vsdatant)

Lade den mal bei www.virustotal.com hoch und lasse ihn überprüfen, Log posten...

Die Kühlventilatoren laufen alle und sind nicht zugestaubt?

chris
Die Datei vsdatant.sys ist laut virustota sauber.
This sample is goodware.
#goodware


Die Ventilatoren laufen. Allerdings nur selten hörbar. Ob as verstaubt ist sehe ich nicht. Ich kann mir aber nicht vorstellen, dass das Hängenbleiben ein Temperaturproblem ist.

Jetzt mach ich weiter mit OTL, mit den oben genannten Einstellungen

OTL logfile created on: 7/18/2012 12:33:55 PM - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.84 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.60% Memory free
7.68 Gb Paging File | 5.27 Gb Available in Paging File | 68.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127.00 Gb Total Space | 17.53 Gb Free Space | 13.81% Space Free | Partition Type: NTFS
Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Laptop\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
PRC - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\PROGRA~2\AD-AWA~1\AdAware.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe (Sierra Wireless, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\vsnp2uvc.exe (Sonix)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Program Files (x86)\Hardcopy\HcDLL2_37_Win32.dll ()
MOD - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()
MOD - C:\Program Files (x86)\Hardcopy\hardcopy_05.dll ()
MOD - C:\Program Files (x86)\Hardcopy\HcDllS.dll ()
MOD - C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (ZcfgSvc7) Intel(R) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe (Intel(R) Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (PFNService) -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe (FUJITSU LIMITED)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (ATService) -- C:\Program Files\Fingerprint Sensor\ATService.exe (AuthenTec, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (Sierra Wireless QDL Service) -- C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe (Sierra Wireless, Inc.)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (GFI Software)
DRV:64bit: - (sbwtis) -- C:\Windows\SysNative\drivers\sbwtis.sys (GFI Software)
DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (GFI Software)
DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software)
DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software)
DRV:64bit: - (FscGabi) -- C:\Windows\SysNative\drivers\FscGabi.sys (Fujitsu Technology Solutions)
DRV:64bit: - (FscEfDmi) -- C:\Windows\SysNative\drivers\FscEfDmi.sys (Fujitsu Technology Solutions)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (swg3kmbb00) -- C:\Windows\SysNative\drivers\swg3kmbb00.sys (Sierra Wireless Incorporated)
DRV:64bit: - (swibusflt00) -- C:\Windows\SysNative\drivers\swibusflt00.sys (Sierra Wireless Inc.)
DRV:64bit: - (swibus00) -- C:\Windows\SysNative\drivers\swibus00.sys (Sierra Wireless Inc.)
DRV:64bit: - (swg3kflt00) -- C:\Windows\SysNative\drivers\swg3kflt00.sys (Sierra Wireless Incorporated)
DRV:64bit: - (swg3kser00) -- C:\Windows\SysNative\drivers\swg3kser00.sys (Sierra Wireless Incorporated)
DRV:64bit: - (swg3knmea00) -- C:\Windows\SysNative\drivers\swg3knmea00.sys (Sierra Wireless Incorporated)
DRV:64bit: - (e1cexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (FJGSDisk) -- C:\Windows\SysNative\drivers\FJGSDisk.sys (FUJITSU LIMITED)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (vflt) -- C:\Windows\SysNative\drivers\vfilter.sys (Shrew Soft Inc)
DRV:64bit: - (vnet) -- C:\Windows\SysNative\drivers\virtualnet.sys (Shrew Soft Inc)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (guardian2) -- C:\Windows\SysNative\drivers\oz776x64.sys (O2Micro)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (FUS2BASE) -- C:\Windows\SysNative\drivers\fus2base.sys (AVM Berlin)
DRV:64bit: - (AVMCOWAN) -- C:\Windows\SysNative\drivers\avmcowan.sys (AVM GmbH)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (GFI Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (CVPNDRVA) -- C:\Windows\SysWOW64\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\Windows\SysWOW64\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - (vsdatant) -- C:\Windows\SysWOW64\vsdatant.sys (Zone Labs LLC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186}
IE:64bit: - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FF56F58A-0574-49C0-AB7B-58B426CF0186}
IE - HKLM\..\SearchScopes\{FF56F58A-0574-49C0-AB7B-58B426CF0186}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Fujitsu Technology Solutions
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Fujitsu Technology Solutions
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKCU\..\SearchScopes,DefaultScope = {D5F17733-DD7D-4C1E-A875-39236ADC9DEE}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc}
IE - HKCU\..\SearchScopes\{D5F17733-DD7D-4C1E-A875-39236ADC9DEE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/10 11:35:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 10:25:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/22 10:45:09 | 000,000,000 | ---D | M]

[2012/01/27 08:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Extensions
[2012/07/11 08:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions
[2012/06/26 12:06:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/01/27 12:00:08 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Laptop\AppData\Roaming\mozilla\Firefox\Profiles\7q6ocu5b.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012/07/11 14:32:54 | 000,002,385 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\7q6ocu5b.default\searchplugins\youtube.xml
[2012/02/05 19:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/07/10 11:35:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/06/26 08:59:44 | 000,339,843 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012/06/13 08:03:18 | 000,009,485 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\{BA2430E0-5B72-4CAC-BC9E-7D1AACA75D3D}.XPI
[2012/06/13 08:03:18 | 000,010,443 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SHOWTHEIMAGE@BRUNWIN.NET.XPI
[2012/06/13 08:03:18 | 000,325,600 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012/01/27 09:59:07 | 000,008,362 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7Q6OCU5B.DEFAULT\EXTENSIONS\TOGGLEPRIVATEBROWSING@SUPERNOVA00.BIZ.XPI
[2012/06/17 10:25:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/03 14:50:05 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/17 10:25:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/17 10:25:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/17 10:25:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/17 10:25:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/17 10:25:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/17 10:25:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - Startup: C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK = C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_64.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10BEEE1C-6AEA-47DD-8CDF-010DC88F9374}: NameServer = 192.168.0.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell - "" = AutoRun
O33 - MountPoints2\{1c343851-4808-11e1-930b-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell - "" = AutoRun
O33 - MountPoints2\{cb6bc119-216a-11e1-b74e-60d819f55557}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/18 12:34:05 | 000,623,304 | ---- | C] (No company) -- C:\Users\Laptop\Desktop\LanmanCheck.exe
[2012/07/18 11:56:19 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\TDS
[2012/07/18 09:15:22 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe
[2012/07/18 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes
[2012/07/18 08:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/18 08:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/18 08:32:02 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/18 08:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/18 08:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/07/16 20:25:31 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2012/07/16 20:23:32 | 000,131,584 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\drivers\dne64x.sys
[2012/07/16 20:23:32 | 000,110,080 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysWow64\dnei64x.dll
[2012/07/16 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2012/07/16 20:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Deterministic Networks
[2012/07/16 20:23:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2012/07/16 20:14:00 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Shrew Soft VPN
[2012/07/16 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\ShrewSoft
[2012/07/13 13:23:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Christoph Küche
[2012/07/13 13:21:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
[2012/07/13 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hardcopy
[2012/07/13 13:20:11 | 001,703,936 | ---- | C] (sw4you - Freeware für Windows 98, 2000, 2003, XP und Windows Vista (32 + 64 Bit). Siegfried Weckmann) -- C:\Windows\SwSetupu.exe
[2012/07/13 09:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALNO AG Küchenplaner
[2012/07/13 09:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALNO
[2012/07/13 07:47:45 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/13 07:47:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/13 07:47:43 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/13 07:47:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/13 07:47:40 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/13 07:47:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/13 07:47:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/13 07:47:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/13 07:47:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/13 07:47:34 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/13 07:47:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/13 07:47:32 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/13 07:47:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/11 09:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/11 09:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/07/11 09:05:48 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/07/11 09:05:48 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/07/11 09:05:48 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/07/11 08:00:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 08:00:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/11 08:00:31 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 08:00:19 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/11 08:00:13 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/10 10:08:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{40C0A572-C69F-4354-9859-ED9E54CAD252}
[2012/07/10 10:08:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8CF5B2FF-4C50-4825-9602-F0FB1DDDD9B6}
[2012/07/09 22:06:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CCA59C0B-61A0-43CC-A674-5297344FFE0B}
[2012/07/09 22:05:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{61679FCA-974E-4F03-9B5F-9282CAF93678}
[2012/07/05 07:40:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012/07/04 11:31:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\adaware
[2012/07/04 11:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/07/04 11:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/07/04 11:31:31 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012/07/04 11:31:20 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys
[2012/07/04 11:31:15 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys
[2012/07/04 11:31:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys
[2012/07/04 11:31:11 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2012/07/04 11:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/07/04 11:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/07/04 11:21:51 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Ad-Aware Antivirus
[2012/06/26 12:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin
[2012/06/26 12:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin
[2012/06/26 11:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2012/06/25 10:19:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Auerswald
[2012/06/25 07:47:43 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/25 07:47:43 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/25 07:47:43 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/25 07:47:34 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/25 07:47:33 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/25 07:47:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/25 07:47:22 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/25 07:47:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/22 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/06/22 04:24:45 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{64CE9632-E10E-4519-AFF0-BA8787FBB5FC}
[2012/06/22 04:24:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{793541AA-BE70-4661-A3D4-D0AC1A3938B0}
[2012/06/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{781B15AE-3422-4916-B40A-60087D7AC7A6}
[2012/06/21 16:23:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F1313B8A-E9F4-4C71-8011-044293080CF0}
[2012/06/21 16:05:57 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012/06/21 16:04:37 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/21 16:04:30 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/06/21 16:04:23 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/06/21 16:04:16 | 000,000,000 | ---D | C] -- C:\Windows\it
[2012/06/21 16:04:09 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012/06/21 15:55:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9A527056-42B3-415C-89A6-E0C861EA096D}
[2012/06/21 15:49:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFB7D0FB-0801-49F6-AECA-AE9DA5E94D2D}
[2012/06/21 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DFEE86D2-0270-437B-91B5-1F03202DA990}
[2012/06/21 14:46:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\tools
[2012/06/21 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012/06/21 14:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/06/21 08:21:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\mp3 für show
[2012/06/21 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A4288D4B-CD3A-4A65-B2A6-98B4F2EA8554}
[2012/06/21 07:44:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{17DF9FB7-BAF3-4F87-9A63-452041D4BF3F}
[2012/06/20 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0CC6E22A-2255-4213-BADF-C3E304011BEC}
[2012/06/20 10:35:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\Danksagung

========== Files - Modified Within 30 Days ==========

[2012/07/18 12:34:05 | 000,623,304 | ---- | M] (No company) -- C:\Users\Laptop\Desktop\LanmanCheck.exe
[2012/07/18 12:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/18 11:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/18 09:15:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe
[2012/07/18 09:13:10 | 000,000,000 | ---- | M] () -- C:\Users\Laptop\defogger_reenable
[2012/07/18 09:10:54 | 000,050,477 | ---- | M] () -- C:\Users\Laptop\Desktop\Defogger.exe
[2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 09:10:18 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/18 09:03:17 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/18 09:03:08 | 000,000,438 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/07/18 09:02:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/18 09:02:41 | 3092,107,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/18 08:34:20 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/16 21:26:06 | 000,002,002 | -H-- | M] () -- C:\Users\Laptop\Documents\Default.rdp
[2012/07/16 20:25:19 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2012/07/16 20:23:30 | 000,002,653 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2012/07/16 09:20:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[2012/07/13 13:21:32 | 000,002,391 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
[2012/07/13 11:59:53 | 000,001,908 | ---- | M] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk
[2012/07/13 08:00:36 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/13 07:59:27 | 000,001,738 | ---- | M] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/07/13 07:47:26 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/12 10:20:30 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 10:20:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/12 09:02:26 | 001,031,801 | ---- | M] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf
[2012/07/12 09:02:26 | 000,180,570 | ---- | M] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf
[2012/07/12 09:02:25 | 000,385,177 | ---- | M] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf
[2012/07/11 13:51:56 | 000,149,182 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/07/11 13:51:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/07/11 13:51:16 | 001,621,244 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/11 13:44:36 | 000,650,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/11 13:44:28 | 000,117,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/11 09:18:15 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/10 11:35:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/09 23:12:01 | 000,751,391 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp
[2012/07/05 15:53:12 | 000,001,188 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/22 07:53:31 | 000,717,636 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp
[2012/06/21 22:53:11 | 000,723,001 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp
[2012/06/21 16:48:11 | 000,688,426 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp
[2012/06/21 09:53:36 | 000,680,434 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp
[2012/06/20 22:56:29 | 000,687,833 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp
[2012/06/20 22:56:15 | 000,687,832 | ---- | M] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp

========== Files Created - No Company Name ==========

[2012/07/18 09:13:10 | 000,000,000 | ---- | C] () -- C:\Users\Laptop\defogger_reenable
[2012/07/18 09:10:52 | 000,050,477 | ---- | C] () -- C:\Users\Laptop\Desktop\Defogger.exe
[2012/07/18 08:32:07 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/16 20:40:57 | 000,002,002 | -H-- | C] () -- C:\Users\Laptop\Documents\Default.rdp
[2012/07/16 20:40:56 | 000,001,367 | ---- | C] () -- C:\Users\Laptop\Desktop\Remote Desktop Connection.lnk
[2012/07/16 20:23:30 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2012/07/16 20:22:59 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF
[2012/07/16 09:20:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2012/07/13 13:21:32 | 000,002,391 | ---- | C] () -- C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
[2012/07/13 09:40:04 | 000,001,908 | ---- | C] () -- C:\Users\Laptop\Desktop\ALNO AG Küchenplaner.lnk
[2012/07/13 07:59:27 | 000,001,738 | ---- | C] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/07/12 09:02:26 | 001,031,801 | ---- | C] () -- C:\Users\Laptop\Desktop\test 9-2011.pdf
[2012/07/12 09:02:25 | 000,385,177 | ---- | C] () -- C:\Users\Laptop\Desktop\test 2-2011.pdf
[2012/07/12 09:02:25 | 000,180,570 | ---- | C] () -- C:\Users\Laptop\Desktop\test 11-2010.pdf
[2012/07/11 09:18:15 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/09 23:11:53 | 000,751,391 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow6.wlmp
[2012/07/05 15:53:12 | 000,001,188 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/06/22 10:45:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/06/21 22:57:39 | 000,717,636 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow5.wlmp
[2012/06/21 21:30:22 | 000,723,001 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow4.wlmp
[2012/06/21 16:43:45 | 000,688,426 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow3_musik.wlmp
[2012/06/21 08:10:06 | 000,680,434 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow2_abspann.wlmp
[2012/06/20 22:56:29 | 000,687,833 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow1.wlmp
[2012/06/20 22:44:49 | 000,687,832 | ---- | C] () -- C:\Users\Laptop\Documents\hochzeit diashow.wlmp
[2012/05/04 09:49:50 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/07 17:46:21 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2011/12/07 17:46:21 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011/12/07 17:46:21 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011/05/19 20:18:25 | 001,599,138 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/19 20:12:52 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/19 20:12:51 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2011/05/10 12:48:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/10 12:48:43 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/10 12:48:40 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/10 12:48:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/10 12:48:33 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/11/25 06:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL

< End of report >

Alt 18.07.2012, 13:01   #10
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



OTL Extras logfile created on: 7/18/2012 12:33:55 PM - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Laptop\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.84 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.60% Memory free
7.68 Gb Paging File | 5.27 Gb Available in Paging File | 68.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127.00 Gb Total Space | 17.53 Gb Free Space | 13.81% Space Free | Partition Type: NTFS
Drive D: | 150.47 Gb Total Space | 37.92 Gb Free Space | 25.20% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_PR | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{851B25E7-34C7-461A-80EF-DEF313D8E7B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D4D01C98-8255-4DC3-888F-8BD5540F2D5C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E38099E4-850E-4AB1-B93E-BD7CEFE12B09}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F3AD941A-7585-4010-9006-0840FFCCA783}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010D7B67-84C7-4E12-917A-CE67137D4ED3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2ADEAAA8-5AA4-4640-B979-83D6958B1B64}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3668745A-E0AF-4755-A36D-DA969C2EE781}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{44412DE0-98FB-4FBD-B437-27D3701B134C}" = protocol=6 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{58B72A77-E4D4-42B5-8107-9CC2FDF3BEC9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{76731B0D-5FF8-47A0-9AAB-8F0A5F2A25AE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7889903C-8203-45F4-9697-53060FBDD34C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{82A92841-660B-4048-9B00-FBC52C901B3F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A032B434-B4A4-4461-AA88-29E1B63A9DD5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A7ACC4E6-F360-4557-B03D-2B0616C732DF}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{A8356CB5-A09B-4C4D-BFC9-D8466508979F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AAB69D62-B5ED-4D77-AA7F-786976622A0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BBCF5ED8-9B69-4FBD-8790-E045DA271C30}" = protocol=17 | dir=in | app=c:\users\laptop\appdata\roaming\spotify\spotify.exe |
"{BF3A6B68-6453-4886-9F38-EB8265413E91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CA5C0F1C-3002-454B-A349-5B991C23455F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DCD89449-71A7-4312-8AE6-B32383E86845}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F84E6588-5CA9-49A1-BC22-EBBFC3B3F28E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{D3E5739E-52F0-4929-8AF4-03CDE250A073}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{B08E9171-0F36-47FB-9FCA-8C2211377426}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F1DFCC1-595D-4235-A044-E05B706D800A}" = AuthenTec Fingerprint Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B95CFA6A-E0E0-4437-A2F0-BE0948B68946}" = Intel(R) PROSet/Wireless WiFi Software
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0AA86CEE-2C8C-4ABB-8F95-B8D8E852C62C}" = SportTracks 3.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84c3f506-9960-4261-9e59-8bc6f94cb338}" = Nero 9 Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A89131FD-3D18-4DA8-84C8-622423011B51}_is1" = ALNO AG Küchenplaner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D25122BC-A60E-4663-B602-B01718F12044}" = Cisco Systems VPN Client 4.8.01.0300
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6C5A4CA-1EE8-4C73-9679-0BC2946D1353}" = Battery Utility
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = Ad-Aware Antivirus
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"5513-1208-7298-9440" = JDownloader 0.9
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"avast" = avast! Pro Antivirus
"DeskUpdate_is1" = DeskUpdate 4.12
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"Hardcopy" = Hardcopy
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"InstallShield_{F33CFF0E-6684-43A8-AF99-2F1191B67152}" = Shock Sensor Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MERTEN SCHALTER-MANAGER_is1" = MERTEN SCHALTER-MANAGER 2011-2012 v1.0
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"SWIQMIDrvInstaller" = Sierra Wireless QMI Driver Package
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/18/2012 4:14:20 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:21 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:22 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:23 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:24 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:25 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:26 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:27 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:28 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

Error - 7/18/2012 4:14:29 AM | Computer Name = LAPTOP_PR | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: Das System kann die angegebene Datei nicht finden.

[ OSession Events ]
Error - 5/12/2012 4:50:41 AM | Computer Name = LAPTOP_PR | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 134
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/18/2012 1:44:21 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:22 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:23 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:24 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:25 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:26 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:27 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:28 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:29 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 7/18/2012 1:44:30 AM | Computer Name = LAPTOP_PR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "vsdatant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


< End of report >

LanmanCheck sagt: "alles OK,..."

DLL im Lanmanworkstation Schlüssel: %SystemRoot%\System32\wkssvc.dll
Geladene DLL: C:\Windows\System32\wkssvc.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.
MD5 der DLL: 851A1382EED3E3A7476DB004F4EE3E1A

DLL im Dnscache Schlüssel: %SystemRoot%\System32\dnsrslvr.dll
Geladene DLL: C:\Windows\System32\dnsrslvr.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.
MD5 der DLL: 16835866AAA693C7D7FCEBA8FFF706E4

Alles OK, der Rechner ist nicht vom Lanmanworkstation Trojaner befallen!

Zitat:
Zitat von Chris4You Beitrag anzeigen
Hi,

Du hast Zonealarm und Avast drauf, deinstalliere Zonealarm.
Dann läuft ein Clouddienst von Apple, den würde ich temp. mal ausschalten.

Wurde von dem Rechner Malware gelöscht, es sind Spuren zu sehen.

Was macht der Scann mit MAM bzw. Killer?

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

chris



Hier das Log vom OTL - RUN FIX

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Laptop
->Temp folder emptied: 51021622 bytes
->Temporary Internet Files folder emptied: 4221837 bytes
->Java cache emptied: 681470 bytes
->FireFox cache emptied: 406485524 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 50289664 bytes
->Flash cache emptied: 3232 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119237352 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 29380 bytes

Total Files Cleaned = 603.00 mb


OTL by OldTimer - Version 3.2.54.0 log created on 07182012_132541

Files\Folders moved on Reboot...
C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

Alt 18.07.2012, 13:52   #11
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

ausser Kleinigkeiten nichts zu finden.
Irgendwas neues in letzter Zeit installiert?

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
DRV - (vsdatant) -- C:\Windows\SysWOW64\vsdatant.sys (Zone Labs LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Du solltest mal den Speicher überprüfen und die Festplatte.

Zeigt der Taskmanager 100% Auslastung beim Hängenbleiben an und welche Anwendung/Prozess ist das (Achtung: Alle Prozesse aller Nutzer anzeigen lassen)...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 18.07.2012, 15:26   #12
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Beim OTR - FIX-Scan mit denen oben angegebenen Parametern blieb der Lapto nach dem Reboot hängen.

soll ich OTR nochmal so ausführen?

Geändert von rupa (18.07.2012 um 15:38 Uhr)

Alt 18.07.2012, 15:59   #13
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

in den abgesicherten Modus booten (F8 beim Booten) und dann nochmal probieren...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 19.07.2012, 07:55   #14
rupa
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hier der LOG vom OTL-FIX

All processes killed
========== OTL ==========
Error: No service named vsdatant was found to stop!
Service\Driver key vsdatant not found.
File C:\Windows\SysWOW64\vsdatant.sys not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Laptop
->Temp folder emptied: 134 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 2251776 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9070 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.00 mb


OTL by OldTimer - Version 3.2.54.0 log created on 07192012_074605

Files\Folders moved on Reboot...
File\Folder C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

PendingFileRenameOperations files...
File C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...





Hat wohl gestern doch funktioniert - oder?
Hier das LOG von gestern Nachmittag mit den gleichen Parametern.
(Gestern ist der PC anschließend nicht mehr ordnungsgemäß hochgefahren. Ich konnte ihn allerdings neustarten und dann lief er normal.)


All processes killed
========== OTL ==========
Service vsdatant stopped successfully!
Service vsdatant deleted successfully!
C:\Windows\SysWOW64\vsdatant.sys moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Laptop
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49393 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 4397056 bytes
->Flash cache emptied: 492 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119050573 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 118.00 mb


OTL by OldTimer - Version 3.2.54.0 log created on 07182012_143757

Files\Folders moved on Reboot...
File move failed. C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012/07/18 13:46:28 | 000,000,000 | ---- | M] () C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt : Unable to obtain MD5

Registry entries deleted on Reboot...

Ich hab den Eindruck, dass der Laptop wieder vernünftig läuft.
Kann ich nun bedenkenlos weitermachen? Oder soll ich noch was unternehmen?

Ich hab den Eindruck, dass der Laptop wieder vernünftig läuft.
Kann ich nun bedenkenlos weitermachen? Oder soll ich noch was unternehmen?

Alt 20.07.2012, 08:12   #15
Chris4You
 
PC reagiert ständig nicht mehr ... - Standard

PC reagiert ständig nicht mehr ...



Hi,

Du kannst Antimalwarebytes updaten und nochmal einen FULLSCAN machen und ein neues OTL-Logfile posten...

Denke aber, dass wir durch sind...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu PC reagiert ständig nicht mehr ...
administrator, anti-malware, autostart, bösartige, dateien, downloads, erfolgreich, explorer, gelöscht, gen, hallo zusammen, heuristiks/extra, heuristiks/shuriken, hängen, laptop, log, malwarebytes, minute, nicht mehr, picasa, quarantäne, reagiert, registrierung, service, speicher, test, version, zusammen



Ähnliche Themen: PC reagiert ständig nicht mehr ...


  1. Win 8 Office reagiert nicht mehr, reparatur mit systemsteuerung nicht möglich oder deinstallation wird abgebrochen
    Log-Analyse und Auswertung - 11.09.2015 (9)
  2. Strg/Alt/Ent reagiert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (5)
  3. Windows 7 Reagiert nicht mehr
    Alles rund um Windows - 19.12.2014 (11)
  4. Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.
    Log-Analyse und Auswertung - 11.11.2014 (7)
  5. Packard Bell EasyNote Ts, Win7:Touchpad reagiert nicht mehr und MP3, den erkannt, aber nicht eingelesen
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (18)
  6. Desktop reagiert nicht mehr
    Log-Analyse und Auswertung - 11.03.2014 (7)
  7. Windows Sicherheitscenter reagiert nicht mehr.Bereinigen nicht möglich
    Log-Analyse und Auswertung - 08.12.2013 (15)
  8. PC reagiert nicht mehr
    Log-Analyse und Auswertung - 07.10.2013 (3)
  9. tchbn.exe reagiert nicht mehr.
    Log-Analyse und Auswertung - 21.04.2013 (4)
  10. Windows XP startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 22.07.2012 (13)
  11. [doppelt] Gmer Scanner funktioniert nicht! (Fehlermeldung: Programm reagiert nicht mehr...)
    Mülltonne - 10.10.2011 (3)
  12. Windows startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 27.07.2011 (15)
  13. Laptop reagiert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 31.08.2009 (1)
  14. festplatte reagiert nicht mehr (TROJANA?)
    Alles rund um Windows - 18.03.2009 (1)
  15. CD - Rom Laufwerk reagiert nicht mehr
    Alles rund um Windows - 24.05.2008 (2)
  16. PC reagiert nicht mehr! Virus kann nicht entfernt werden! -WICHTIG-
    Plagegeister aller Art und deren Bekämpfung - 12.02.2007 (9)
  17. PC friert ein und reagiert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 12.02.2007 (8)

Zum Thema PC reagiert ständig nicht mehr ... - Hallo zusammen, mein Laptop reagiert ständig nich, bleibt also "Hängen". hier mal das LOG von Malwarebytes: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.18.02 Windows 7 Service Pack 1 x64 - PC reagiert ständig nicht mehr ......
Archiv
Du betrachtest: PC reagiert ständig nicht mehr ... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.