Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: iexplorer prozess

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.09.2012, 18:12   #1
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Hallo zusammen,
ich hab seit einiger Zeit Probleme mit meinem Arbeitsspeicher, der völlig ausgelastet zu sein scheint, Ich hab das Problem mitlerweile eingegrenzt auf einen seltsamen Prozess, nämlich iexplore.exe (und das obwohl ich den iexplorer gar nicht benutze), der ist auch nur zu sehen, wenn ich die Prozesse aller benutzer anzeige. Wenn ich den Prozess im Taskmanager lösche, geht die RAM-Ausnutzung schlagartig um 30-40% runter. Der Prozess geht aber fast sofort wieder an (es dauert aber eine Weile, bis er wieder den Arbeitsspeicher so saumäßig vollmacht). Manchmal ist der Prozess sogar mehrfach vorhanden.
Betriebssystem ist Windows 7 Home Premium 64Bit SP1.
Avast findet nix. Das kann aber doch nicht der normale iexplorer sein?

OTL-Scan:OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 03.09.2012 19:27:27 - Run 1
OTL by OldTimer - Version 3.2.60.0     Folder = C:\Daten\Downloaded
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 51,59% Memory free
9,78 Gb Paging File | 6,30 Gb Available in Paging File | 64,39% Paging File free
Paging file location(s): c:\pagefile.sys 2000 6015 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 86,83 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive X: | 1397,26 Gb Total Space | 287,86 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive Y: | 14,65 Gb Total Space | 6,60 Gb Free Space | 45,04% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Christof | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.03 19:25:28 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Daten\Downloaded\OTL.exe
PRC - [2012.09.01 22:22:12 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.08.29 22:21:26 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.08.28 22:04:29 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012.07.27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.11.11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011.11.11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.29 17:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.09.06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011.08.12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011.08.01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011.06.16 11:24:20 | 000,141,824 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.04.17 13:26:21 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
PRC - [2011.04.13 22:22:11 | 001,496,528 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files\TrueCrypt\TrueCrypt.exe
PRC - [2011.04.08 08:50:36 | 001,406,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.02.19 00:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.02.18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010.12.14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010.12.14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010.12.14 08:21:12 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.01 23:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010.08.20 01:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009.03.30 15:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.01 22:22:10 | 002,242,528 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.08.29 22:21:29 | 002,061,280 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.08.29 22:21:29 | 000,157,664 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.08.29 22:21:28 | 000,021,984 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.08.28 22:04:28 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012.07.23 15:10:28 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2012.06.14 18:04:27 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.06.14 18:04:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 18:03:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 18:03:57 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
MOD - [2012.06.14 18:03:37 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.05.12 11:59:43 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.12 11:47:48 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.05.12 11:46:21 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.12 11:46:16 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.12 11:46:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.12 11:46:10 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.12 11:45:34 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.03.16 16:23:42 | 000,008,192 | ---- | M] () -- C:\Users\Christof\AppData\Roaming\Thunderbird\Profiles\q2mqe56y.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2011.11.11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011.11.11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011.11.11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011.11.11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011.11.11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011.11.11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011.08.18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011.08.12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011.04.17 13:26:09 | 000,368,640 | ---- | M] () -- C:\Users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.dll
MOD - [2011.04.13 21:47:45 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.04.13 21:47:45 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011.02.18 11:18:48 | 000,235,112 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010.11.30 04:04:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.01 23:02:12 | 000,522,736 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010.08.30 10:34:12 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2009.07.14 19:58:23 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.02.27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.08.05 20:43:15 | 000,415,232 | ---- | M] (Tanuki Software, Ltd.) [Auto | Running] -- C:\Program Files\i2p\I2Psvc.exe -- (i2p)
SRV:64bit: - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011.05.05 22:36:05 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV:64bit: - [2010.12.17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010.12.17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010.12.17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010.11.29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.10.21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010.10.21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2010.09.23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.11.17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.09.01 22:22:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.28 22:04:29 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.02.19 00:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010.12.14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010.12.14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.09.04 08:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.09.04 08:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.12.09 20:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.11.15 02:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.04.30 13:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.04.30 13:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.04.17 13:26:16 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio)
DRV:64bit: - [2011.04.13 22:22:11 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011.03.26 16:19:48 | 012,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.19 00:37:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.22 03:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010.12.14 15:18:50 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010.12.04 00:32:24 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.12.01 18:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.12.01 12:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.29 22:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.19 20:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 20:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.12 14:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010.10.05 13:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010.10.05 13:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010.08.12 17:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010.03.19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.27 01:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.08.28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2006.11.01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3D195871-84F2-49D2-B46B-B51ABF26C5C7}
IE:64bit: - HKLM\..\SearchScopes\{3D195871-84F2-49D2-B46B-B51ABF26C5C7}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {8F37C40F-E2C4-4039-BFE3-266CE1487012}
IE - HKLM\..\SearchScopes\{8F37C40F-E2C4-4039-BFE3-266CE1487012}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Daten\Downloaded
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {8F37C40F-E2C4-4039-BFE3-266CE1487012}
IE - HKCU\..\SearchScopes\{5AFFEFB3-D533-40E2-84CE-3D4684998D59}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "NCH DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de"
FF - prefs.js..network.proxy.http: "77.220.20.198"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: c:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.29 16:00:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 22:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.23 12:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 22:22:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.04.12 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christof\AppData\Roaming\Mozilla\Extensions
[2011.04.12 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christof\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.07.29 23:22:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\extensions
[2012.01.04 22:37:32 | 000,000,000 | ---D | M] ("ImageHost Grabber") -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
[2011.08.09 09:34:15 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\extensions\coralietab@mozdev.org
[2011.11.07 21:54:51 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\extensions\dgqm0n3e.jao
[2011.11.07 21:32:40 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\extensions\t3pq0x0r.eld
[2011.11.07 16:36:54 | 000,000,915 | ---- | M] () -- C:\Users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\searchplugins\conduit.xml
[2011.10.10 18:55:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.09.29 18:34:59 | 000,046,721 | ---- | M] () (No name found) -- C:\USERS\CHRISTOF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4MONSLO4.DEFAULT\EXTENSIONS\{5546F97E-11A5-46B0-9082-32AD74AAA920}.XPI
[2012.06.24 22:35:27 | 000,109,964 | ---- | M] () (No name found) -- C:\USERS\CHRISTOF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4MONSLO4.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
[2012.07.29 23:22:20 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\CHRISTOF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4MONSLO4.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.09.01 22:22:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.12 18:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.01 22:22:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.12 18:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.12 18:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.12 18:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.12 18:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.04.13 20:15:23 | 000,000,884 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (NCH DE Toolbar) - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (NCH DE Toolbar) - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (NCH DE Toolbar) - {B106B661-3E1B-4015-AF5C-195E909F35C6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader.lnk = C:\Program Files (x86)\JDownloader\JDLauncher.exe (AppWork GmbH)
O4 - Startup: C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([file] in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{125D4C1D-8ED1-46CE-A51E-AB4DBDB47D89}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.01 00:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.28 21:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012.08.28 21:36:33 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DSexVilla2
[2012.08.28 21:35:59 | 000,000,000 | ---D | C] -- C:\3D SexVilla 2 - Everlust
[2012.08.26 16:11:25 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Local\Logitech® Webcam-Software
[2012.08.26 16:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012.08.26 16:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LWS
[2012.08.26 16:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2012.08.23 18:24:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012.08.23 18:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012.08.19 15:24:55 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freenet
[2012.08.19 15:24:42 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Local\Freenet
[2012.08.10 18:55:08 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Roaming\Malwarebytes
[2012.08.10 18:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.10 18:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.10 18:54:31 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.10 18:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.08 16:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMRush
[2012.08.08 16:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAMRush
[2012.08.05 20:49:11 | 000,000,000 | ---D | C] -- C:\Users\Christof\AppData\Roaming\I2P
[2012.08.05 20:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\i2p
[2012.08.05 20:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I2P
[2012.08.05 20:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\i2p
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.03 19:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.03 19:31:58 | 000,000,000 | ---- | M] () -- C:\Users\Christof\defogger_reenable
[2012.09.03 19:17:26 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 19:17:26 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 19:15:33 | 000,007,603 | ---- | M] () -- C:\Users\Christof\AppData\Local\Resmon.ResmonCfg
[2012.09.03 19:03:01 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.03 11:28:42 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.03 11:15:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.01 23:48:50 | 001,768,540 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.01 23:48:50 | 000,760,156 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.01 23:48:50 | 000,704,026 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.01 23:48:50 | 000,169,484 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.01 23:48:50 | 000,137,916 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.28 21:58:13 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.26 21:52:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012.08.18 23:45:19 | 004,909,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.11 00:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.08.10 13:48:23 | 000,000,803 | ---- | M] () -- C:\Users\Christof\Desktop\TOR-Browser.lnk
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.26 15:53:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012.08.26 15:29:02 | 000,000,658 | ---- | C] () -- C:\Users\Christof\Daten.lnk
[2012.08.10 23:00:28 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.08.10 13:48:23 | 000,000,803 | ---- | C] () -- C:\Users\Christof\Desktop\TOR-Browser.lnk
[2012.05.07 20:02:52 | 000,000,763 | ---- | C] () -- C:\Windows\wiso.ini
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.12.20 21:53:21 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.07.09 18:32:11 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.09 18:32:10 | 000,214,760 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.09 18:32:09 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.07.09 18:32:08 | 013,355,008 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.06.02 18:53:04 | 000,000,367 | ---- | C] () -- C:\Users\Christof\Heimnetzgruppe - Verknüpfung.lnk
[2011.05.02 13:04:10 | 000,005,632 | ---- | C] () -- C:\Users\Christof\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.17 13:31:13 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.04.17 13:31:13 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.04.14 22:35:47 | 000,007,603 | ---- | C] () -- C:\Users\Christof\AppData\Local\Resmon.ResmonCfg
[2011.04.13 19:50:52 | 001,796,094 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.07 02:59:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.07 00:38:10 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
 
========== LOP Check ==========
 
[2011.12.11 22:00:33 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\AmoK
[2011.11.07 21:53:31 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Audacity
[2012.04.10 14:18:22 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Bioshock
[2012.04.03 16:03:48 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\BoneCraft
[2011.04.24 03:56:33 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\BoneTown
[2012.05.07 19:56:13 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Buhl Data Service
[2011.08.08 10:36:58 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.06.03 00:55:35 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\DAZ 3D
[2012.04.17 20:14:01 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\DVDVideoSoft
[2011.12.11 21:36:46 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\EAC
[2012.04.17 20:59:37 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\FreeScreenToVideo
[2011.10.16 01:23:13 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Haenlein-Software
[2011.12.22 22:02:22 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Hulubulu
[2012.08.05 20:50:06 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\I2P
[2011.04.12 22:32:50 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\IrfanView
[2011.11.10 22:06:10 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\JAM Software
[2011.10.07 17:57:04 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Leadertech
[2011.06.03 13:46:36 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\LSMGUIAIR.64AAB1E9DCCE40D96A4E881F8BD26884D826DB32.1
[2011.11.07 21:23:11 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\mp3DirectCut
[2011.11.14 22:54:07 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Mp3tag
[2011.11.07 21:55:01 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\NCH Swift Sound
[2011.10.31 23:48:28 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Nokia
[2011.10.31 23:48:28 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Nokia Ovi Suite
[2011.07.10 17:20:13 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Nullsoft
[2011.04.13 22:06:58 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\OpenOffice.org
[2011.10.31 20:52:02 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\PC Suite
[2011.04.16 21:06:28 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\PCDr
[2012.08.16 20:04:40 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\PersBackup5
[2011.06.03 13:14:58 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Poser Pro
[2011.06.03 14:35:03 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Queue Manager
[2011.11.01 00:08:14 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Samsung
[2012.07.07 20:18:42 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Scan2PDF
[2011.12.27 15:04:30 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\SoftGrid Client
[2011.04.12 20:26:41 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Thunderbird
[2011.04.13 19:51:31 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\TP
[2011.04.15 22:55:34 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\TrueCrypt
[2012.09.01 22:53:26 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\uTorrent
[2011.11.16 14:45:59 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\Video DVD Maker FREE
[2011.12.11 21:57:12 | 000,000,000 | ---D | M] -- C:\Users\Christof\AppData\Roaming\XMedia Recode
[2012.08.11 00:30:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.08.06 10:48:38 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

--- --- ---

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 03.09.2012 19:27:27 - Run 1
OTL by OldTimer - Version 3.2.60.0     Folder = C:\Daten\Downloaded
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 51,59% Memory free
9,78 Gb Paging File | 6,30 Gb Available in Paging File | 64,39% Paging File free
Paging file location(s): c:\pagefile.sys 2000 6015 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 86,83 Gb Free Space | 19,25% Space Free | Partition Type: NTFS
Drive X: | 1397,26 Gb Total Space | 287,86 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive Y: | 14,65 Gb Total Space | 6,60 Gb Free Space | 45,04% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Christof | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{066F1F04-3A16-43D2-BE77-5E14D7C2F76A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{0FEB614E-F3FD-41AB-B80C-7C838E8C89E4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{10AD724A-EA3D-4507-9214-4792E130ABA0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{10FE40E8-A8E5-478F-ACB3-1B637640634D}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{15B6B7E0-A43A-4614-AB28-D1C8C987A606}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1D4E01D7-0A4C-46F6-89C1-AB0F7608AC91}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2F73511F-A1D7-4DB3-85B4-C6A94D0A690D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3AAF7E28-84F0-4D8D-AB1B-F71BCE282BC3}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3CDC653B-C6E8-495B-BE5E-8DE1D834352D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3FBADC46-199F-4FE8-AA98-B1EC09F008DF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{52FED967-EF8D-4FFC-8098-83229FD27087}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{55D1183F-4518-434E-BDA9-BAE03FEDA700}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{63028AFF-2040-4118-93DF-B456B1C59CD1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{64831E5F-578D-4CF5-BE01-DA6448E44709}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8D361E25-8DC9-4702-AA1E-E19694C95A0F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9069CE67-1834-4EB6-AA6B-6DE0BEDA51AF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9778FFD4-86C3-49A0-B548-BC7BC7B582FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{993CAEF9-8FA0-42A3-881B-9B2307D6A347}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C84EAF2D-250D-46B0-82AD-E2D198F83506}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C8534200-977B-413A-B87C-7A65FEC57888}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C90E5AAF-C851-4D6B-AF18-31D151B9286A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C91F2244-9C73-4EAF-AE57-01AB9F450E94}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D8AD8AF1-7488-4995-99DC-772F36F54B6A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E3A11CDE-CB14-4A6A-9EBB-401B5469F746}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E5BC3FA4-2166-4831-ABF1-96DE9525D63D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AC7F83C-5621-4ED5-A14F-A2307AD6DB97}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{115ABA75-8B4A-41E8-8D4E-F1932A0ACF00}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{148890EF-226F-4257-80FB-4A3E6F576FD1}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | 
"{2788A8C2-A505-450D-8B2E-37AB33CD5C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2A080DD5-44C4-4B0C-BDC8-3572BE0347BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2C386643-5A00-4856-8135-727C2B0A326A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{46576849-632C-44E9-963D-8D11EAFBA611}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5473AD81-2EF9-4050-A4CA-F92E40048E12}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{5C29255B-C09F-4198-B269-8AED7B5F055E}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{5D7F6DA8-470B-4F65-B4FB-C641BACF7CA4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{67BEA91C-CFCB-4458-BBC5-DD77997B0AD4}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{6CE16132-33A6-46A1-833B-DC39694C7B14}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{72251C53-052B-4928-A237-24393004609B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{78D99598-5990-4903-9238-30600E2B9994}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7AEB6C07-062D-4EB4-9269-E38B785CF6DE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7CFF933B-EC5B-445F-B812-21B0FCE9DE6C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7FF60838-C2DF-4250-BFB5-0F0C4B0B0C1A}" = protocol=6 | dir=out | app=system | 
"{824813FD-0A62-4C63-B6C2-801486C6581A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{97BCB868-0D3E-4347-9001-5DCD3A2FD18A}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{9A11D706-2AF4-476F-B924-5D4051486892}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{A146AE6B-5C06-4CF9-92B3-D812DB60748C}" = protocol=17 | dir=in | app=c:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{A8C6C77B-0946-4535-9247-06D7F8F5B924}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{AE4C4EDD-FD6D-456C-BCD4-6BCBA1F68C76}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{AEAB588A-F890-4CA6-A5B5-8C6B29403E78}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{C6BAAC0B-DC23-45A6-8D7B-41F41EC5665A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{CA660328-167F-4BAB-A866-D0508661BCC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CAA06C62-F556-4AB5-9F4D-F80B8E7D4D8E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CDA0FBF9-8C9B-44B9-8FCA-059095DAA473}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CF01C4E0-3F82-428F-BC08-CCCCEF431449}" = protocol=6 | dir=in | app=c:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{CF8F65C5-9CD8-4B78-B2FD-2CC4F19919F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DB67666D-ED26-4C54-AED6-2F7AA7CD4801}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DE9B79E7-65D4-4678-97F3-F68D329F2FCF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E6CBF595-4DE1-41B8-8E33-FF9005CD9B3A}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{F1B90787-58AA-4458-AA5F-54B8EF668551}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{F97733BB-7F33-4D1C-A392-9DEBABD2D85B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{FCF34791-8563-46AF-8934-BA8753030134}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{1798F151-4C70-44E5-809A-02CAA9A89BD5}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | 
"TCP Query User{254369CA-71B8-4408-A847-9B5B34C1FECD}C:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"TCP Query User{27552AEF-5C25-4712-AB24-9BC4D9269C74}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{44BDDD7C-19B0-4F40-88D6-26BF4CF452A9}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | 
"TCP Query User{48515458-B150-41B3-8855-F83622B782BC}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | 
"TCP Query User{5B5931C1-C73B-4416-AFEE-53B10DD2BE6D}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"TCP Query User{6E7C73A7-27F2-46BE-9646-3BAB72FB9889}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe | 
"TCP Query User{8A3BC23B-201C-466E-A5E0-953B86051F4D}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe | 
"TCP Query User{8AD76D81-C72B-48A1-A9F2-4C01ECA3073F}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe | 
"TCP Query User{9D1F7A26-928C-492A-BBA7-A308D99A0FCF}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe | 
"TCP Query User{A2569C41-8B36-4DAB-8A8A-095E0BCBADD4}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"TCP Query User{BD829B34-920E-4A17-A70D-85D5EA5A6FAF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{C52F951B-2107-479D-89B3-10FAEFF0FBD0}C:\program files (x86)\smith micro\poser pro 2010\poserpro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smith micro\poser pro 2010\poserpro.exe | 
"TCP Query User{D3AD1690-63F0-423E-8C37-04B47688C216}C:\program files\smith micro\poser pro 2010\poserpro.exe" = protocol=6 | dir=in | app=c:\program files\smith micro\poser pro 2010\poserpro.exe | 
"TCP Query User{D52D3B82-EC21-4198-AD2A-45ECB4BB362B}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 
"TCP Query User{FD50FF43-6D62-4575-B067-E6AE5C5D293E}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{0030E742-FDCD-4CFC-B4E8-B4A62437C7C1}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe | 
"UDP Query User{0B760AB3-A942-49C8-B955-516915F04886}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{16F77D67-B907-4E9B-94F9-1233C2961CF5}C:\program files (x86)\jdownloader\jdlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdlauncher.exe | 
"UDP Query User{1929F8B1-C6D1-4DD5-AAD7-A7D06766C823}C:\program files (x86)\smith micro\poser pro 2010\poserpro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smith micro\poser pro 2010\poserpro.exe | 
"UDP Query User{283A5499-30D4-4109-BE84-D86547073A3F}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | 
"UDP Query User{3D59484B-70F6-4266-A70A-3817DA7E01F0}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{3EDF9504-00A4-4612-A477-F15E013B5725}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"UDP Query User{47B16AE9-4F2C-492F-9E74-BD3D123C1F86}C:\program files\smith micro\poser pro 2010\poserpro.exe" = protocol=17 | dir=in | app=c:\program files\smith micro\poser pro 2010\poserpro.exe | 
"UDP Query User{589D3A03-07D2-4FE6-8D4B-537235B6F51E}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{5AC79634-4F85-474E-9770-83DAA81CDDBA}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe | 
"UDP Query User{6E10921E-E3AC-4829-8015-981A807FFAC7}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe | 
"UDP Query User{8C4527AF-C632-4267-80B2-F9757B40D44A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{94F23B23-3E57-40EA-9677-225C66D90413}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | 
"UDP Query User{B4EEC606-06AB-4161-80D1-831CEFD22F36}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe | 
"UDP Query User{CB318595-210C-4E94-A68A-5D1599BAD55B}C:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\christof\appdata\local\apps\2.0\7vj7gxr5.o47\rwgnnhrp.9v6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"UDP Query User{CFC63567-4DC0-46E4-8E55-CC0B340FCCDF}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03350F94-689A-4A16-9D1B-C432D73EDE5B}" = BOINC
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.1.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7EEF79E-06B2-4382-9D2E-39DBA0F72D50}" = Eraser 6.0.8.2273
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.21
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PC-Doctor for Windows" = Dell Support Center
"Pen Tablet Driver" = Bamboo
"Poser Pro 2010_is1" = Poser Pro 2010 Content
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"sp6" = Logitech SetPoint 6.30
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.00 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001FD094-E6A3-483E-A699-05FD6D332D79}" = BoneCraft
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Steuer 2009
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D00CD3F-AEDC-45F1-A2DD-DADF74407D7B}_is1" = Edna Bricht Aus 6.3
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1" = Free Video Joiner 1.1
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}" = Video DVD Maker v3.32.0.80
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{2C16BD93-892E-4560-AA22-723F874CB8BA}" = Update Service
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Kwik Themes 1
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite DCP-145C
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5E7C721D-B008-4269-A1C4-2CE7E9757983}" = BoneTown
"{616AF091-D73C-481B-9113-FD758EB2F50A}" = MusicStage
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Kwik Themes 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92443D78-4C75-4320-BFC6-47D75122625F}" = Captcha Brotherhood
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}" = Corel Painter IX
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1" = WAV MP3 Converter v4.4 build 1429
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Kwik Themes 4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1723E2-05BC-49C1-86AB-409764C0E608}" = Dell Stage
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD60F72D-3F2F-4AE1-9C41-3CF75B2CA59A}" = DVR-Studio Pro 2
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CCD438F0-5D72-4945-9E72-6560C7E5E0D0}" = Captcha Brotherhood
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Kwik Themes 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE3B9518-9FF3-4D89-8A8D-E540C9CCAF3B}" = NVIDIA 3D Vision Video Player
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"1489-3350-5074-6281" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Renamer_is1" = Advanced Renamer
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"avast" = avast! Free Antivirus
"AVI Splitter_is1" = AVI Splitter
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAZ Content Management Service 4.8.1.6" = DAZ Content Management Service
"DAZ Studio 4 4.0.0.335" = DAZ Studio 4
"Dell Webcam Central" = Dell Webcam Central
"DS4 Default Content 4.0.0.8" = DS4 Default Content
"Easy Video Joiner_is1" = Easy Video Joiner 5.21
"eMule Plus_is1" = eMule Plus 1.2e
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"Exifer_is1" = Exifer
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Free Screen To Video_is1" = Free Screen To Video V 2.0
"HaaliMkx" = Haali Media Splitter
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"IrfanView" = IrfanView (remove only)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MediaMonkey_is1" = MediaMonkey 3.2
"Mihov Picture Downloader" = Mihov Picture Downloader 1.5 (remove only)
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 15.0 (x86 de)" = Mozilla Thunderbird 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49a
"NAVIGON Fresh" = NAVIGON Fresh 3.3.2
"NCH_DE Toolbar" = NCH DE Toolbar
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Personal Backup 5_is1" = Personal Backup 5.3
"Portal" = Portal
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RAMRush_is1" = RAMRush 1.0.6.917
"Scan2PDF_is1" = Scan2PDF 1.6
"Synology Assistant" = Synology Assistant (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TFSETTOP_is1" = Top Set 2.00
"TreeSize Professional_is1" = TreeSize Professional V5.4.3
"TrueCrypt" = TrueCrypt
"uTorrent" = µTorrent
"Victoria 4.2 Base DAZ Studio Content ps_pe069_Victoria4DS" = Victoria 4.2 Base DAZ Studio Content
"Victoria 4.2 Base ps_pe069_Victoria4" = Victoria 4.2 Base
"VLC media player" = VLC media player 2.0.2
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WavePad" = WavePad Audiobearbeitungs-Software
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.5 [64-Bit]
"WinLiveSuite" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.5.4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3DSexVilla2" = 3DSexVilla2
"Amazon Kindle" = Amazon Kindle
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
"Freenet" = Freenet
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23.08.2012 16:47:38 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:38.487]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.08.2012 16:47:40 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:40.032]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.08.2012 16:47:41 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:41.561]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.08.2012 16:47:43 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:43.104]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.08.2012 16:47:45 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:45.406]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 23.08.2012 16:47:46 | Computer Name = Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/08/23 22:47:46.927]: [00006832]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 01.09.2012 04:17:41 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
 Zeitstempel: 0x4fecf1b7  Name des fehlerhaften Moduls: aswWebRepIE.dll, Version: 
7.0.1456.418, Zeitstempel: 0x4ff31b8b  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0004d9fb
ID
 des fehlerhaften Prozesses: 0x45c  Startzeit der fehlerhaften Anwendung: 0x01cd87c3b20d08f2
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  Berichtskennung:
 7f7c4b72-f40d-11e1-a945-bc773715c2c2
 
Error - 01.09.2012 08:09:25 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vidalia.exe, Version: 0.2.20.0, Zeitstempel:
 0x5006a328  Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.8.1.0, Zeitstempel:
 0x4f6c7688  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00249020  ID des fehlerhaften Prozesses:
 0x36c8  Startzeit der fehlerhaften Anwendung: 0x01cd8839f4626bf1  Pfad der fehlerhaften
 Anwendung: C:\Daten\Software\Tor Browser\App\vidalia.exe  Pfad des fehlerhaften Moduls:
 C:\Daten\Software\Tor Browser\App\QtCore4.dll  Berichtskennung: de981dd7-f42d-11e1-a945-bc773715c2c2
 
Error - 01.09.2012 17:19:35 | Computer Name = Notebook | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 26d8    Startzeit: 01cd88876b305b3e    Endzeit: 26    Anwendungspfad:
 C:\Program Files (x86)\Windows Media Player\wmplayer.exe    Berichts-ID: b84965c8-f47a-11e1-a945-bc773715c2c2

 
Error - 01.09.2012 17:19:58 | Computer Name = Notebook | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 3260    Startzeit: 01cd88877e688779    Endzeit: 42    Anwendungspfad:
 C:\Program Files (x86)\Windows Media Player\wmplayer.exe    Berichts-ID: c5c10353-f47a-11e1-a945-bc773715c2c2

 
Error - 03.09.2012 12:48:46 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc0000008  Fehleroffset: 0x000000000000cacd
ID
 des fehlerhaften Prozesses: 0x928  Startzeit der fehlerhaften Anwendung: 0x01cd8557826ab4b8
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 3a013ee8-f5e7-11e1-a945-bc773715c2c2
 
[ Dell Events ]
Error - 23.06.2011 07:10:06 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 24.06.2011 07:06:12 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 24.06.2011 07:06:12 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 12.08.2011 12:32:19 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 12.08.2011 12:32:19 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.09.2011 13:48:58 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.09.2011 13:48:58 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.09.2011 14:14:34 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 17.09.2011 14:14:34 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
Error - 08.10.2011 12:26:19 | Computer Name = Notebook | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
 
[ System Events ]
Error - 03.04.2012 08:02:27 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:03:29 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:03:31 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:04:08 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:04:10 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:04:12 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:04:16 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:05:15 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:06:14 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
Error - 03.04.2012 08:07:06 | Computer Name = Notebook | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom1 gefunden.
 
 
< End of report >
         
--- --- ---

Geändert von Ancalagon (03.09.2012 um 18:45 Uhr)

Alt 04.09.2012, 21:59   #2
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Zitat:
Adobe Photoshop CS5.1
Gekauft ? Anlügen bringt nix
__________________

__________________

Alt 04.09.2012, 22:47   #3
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Nein, das war eine Testversion, die geht aber nicht mehr. Das kann ich mir leider nicht leisten, weil ich das nur für Hobby bräuchte.
__________________

Alt 04.09.2012, 23:01   #4
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Zitat:
weil ich das nur für Hobby bräuchte.
Ich kenn Experten und nichtmal die kommen mit der Software wirklich klar. GIMP




Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 05.09.2012, 19:26   #5
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Hier das Logfile, es wurde aber nichts gefunden:

20:22:51.0720 23184 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:22:52.0019 23184 ============================================================
20:22:52.0019 23184 Current date / time: 2012/09/05 20:22:52.0019
20:22:52.0019 23184 SystemInfo:
20:22:52.0019 23184
20:22:52.0019 23184 OS Version: 6.1.7601 ServicePack: 1.0
20:22:52.0019 23184 Product type: Workstation
20:22:52.0020 23184 ComputerName: NOTEBOOK
20:22:52.0020 23184 UserName: Christof
20:22:52.0020 23184 Windows directory: C:\Windows
20:22:52.0020 23184 System windows directory: C:\Windows
20:22:52.0020 23184 Running under WOW64
20:22:52.0020 23184 Processor architecture: Intel x64
20:22:52.0020 23184 Number of processors: 4
20:22:52.0020 23184 Page size: 0x1000
20:22:52.0020 23184 Boot type: Normal boot
20:22:52.0020 23184 ============================================================
20:22:52.0612 23184 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:22:52.0618 23184 ============================================================
20:22:52.0618 23184 \Device\Harddisk0\DR0:
20:22:52.0619 23184 MBR partitions:
20:22:52.0619 23184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x1D4C000
20:22:52.0619 23184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7F000, BlocksNum 0x38606830
20:22:52.0619 23184 ============================================================
20:22:52.0643 23184 C: <-> \Device\Harddisk0\DR0\Partition2
20:22:52.0643 23184 ============================================================
20:22:52.0643 23184 Initialize success
20:22:52.0643 23184 ============================================================
20:23:39.0601 23204 ============================================================
20:23:39.0601 23204 Scan started
20:23:39.0601 23204 Mode: Manual;
20:23:39.0601 23204 ============================================================
20:23:41.0695 23204 ================ Scan system memory ========================
20:23:41.0695 23204 System memory - ok
20:23:41.0695 23204 ================ Scan services =============================
20:23:41.0880 23204 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:23:41.0883 23204 1394ohci - ok
20:23:41.0943 23204 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:23:41.0948 23204 ACPI - ok
20:23:41.0999 23204 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:23:42.0000 23204 AcpiPmi - ok
20:23:42.0041 23204 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
20:23:42.0043 23204 adfs - ok
20:23:42.0164 23204 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:23:42.0165 23204 AdobeARMservice - ok
20:23:42.0281 23204 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:42.0284 23204 AdobeFlashPlayerUpdateSvc - ok
20:23:42.0326 23204 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:23:42.0331 23204 adp94xx - ok
20:23:42.0367 23204 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:23:42.0372 23204 adpahci - ok
20:23:42.0389 23204 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:23:42.0392 23204 adpu320 - ok
20:23:42.0420 23204 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:23:42.0421 23204 AeLookupSvc - ok
20:23:42.0493 23204 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:23:42.0495 23204 AERTFilters - ok
20:23:42.0563 23204 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:23:42.0569 23204 AFD - ok
20:23:42.0615 23204 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:23:42.0617 23204 agp440 - ok
20:23:42.0648 23204 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:23:42.0650 23204 ALG - ok
20:23:42.0696 23204 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:23:42.0697 23204 aliide - ok
20:23:42.0719 23204 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:23:42.0721 23204 amdide - ok
20:23:42.0752 23204 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:23:42.0754 23204 AmdK8 - ok
20:23:42.0758 23204 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:23:42.0760 23204 AmdPPM - ok
20:23:42.0811 23204 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:23:42.0814 23204 amdsata - ok
20:23:42.0832 23204 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:23:42.0836 23204 amdsbs - ok
20:23:42.0856 23204 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:23:42.0858 23204 amdxata - ok
20:23:42.0919 23204 [ 7380B9072EBC65A54DA3074E14BF34B9 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
20:23:42.0923 23204 ApfiltrService - ok
20:23:43.0012 23204 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
20:23:43.0014 23204 AppHostSvc - ok
20:23:43.0073 23204 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:23:43.0075 23204 AppID - ok
20:23:43.0101 23204 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:23:43.0104 23204 AppIDSvc - ok
20:23:43.0150 23204 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:23:43.0152 23204 Appinfo - ok
20:23:43.0188 23204 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:23:43.0190 23204 arc - ok
20:23:43.0197 23204 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:23:43.0199 23204 arcsas - ok
20:23:43.0269 23204 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:23:43.0270 23204 aswFsBlk - ok
20:23:43.0347 23204 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:23:43.0349 23204 aswMonFlt - ok
20:23:43.0416 23204 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:23:43.0418 23204 aswRdr - ok
20:23:43.0471 23204 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:23:43.0489 23204 aswSnx - ok
20:23:43.0516 23204 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:23:43.0521 23204 aswSP - ok
20:23:43.0565 23204 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:23:43.0567 23204 aswTdi - ok
20:23:43.0603 23204 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:43.0605 23204 AsyncMac - ok
20:23:43.0648 23204 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:23:43.0650 23204 atapi - ok
20:23:43.0716 23204 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:23:43.0723 23204 AudioEndpointBuilder - ok
20:23:43.0737 23204 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:23:43.0742 23204 AudioSrv - ok
20:23:43.0815 23204 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:23:43.0816 23204 avast! Antivirus - ok
20:23:43.0842 23204 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
20:23:43.0844 23204 avmaudio - ok
20:23:43.0904 23204 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:23:43.0906 23204 AxInstSV - ok
20:23:43.0965 23204 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:23:43.0971 23204 b06bdrv - ok
20:23:44.0015 23204 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:23:44.0018 23204 b57nd60a - ok
20:23:44.0060 23204 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:23:44.0063 23204 BDESVC - ok
20:23:44.0082 23204 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:23:44.0084 23204 Beep - ok
20:23:44.0157 23204 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:23:44.0165 23204 BFE - ok
20:23:44.0213 23204 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:23:44.0227 23204 BITS - ok
20:23:44.0270 23204 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:23:44.0272 23204 blbdrive - ok
20:23:44.0366 23204 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:23:44.0385 23204 Bluetooth Device Monitor - ok
20:23:44.0435 23204 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:23:44.0468 23204 Bluetooth Media Service - ok
20:23:44.0523 23204 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:23:44.0543 23204 Bluetooth OBEX Service - ok
20:23:44.0588 23204 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:23:44.0590 23204 bowser - ok
20:23:44.0628 23204 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:23:44.0629 23204 BrFiltLo - ok
20:23:44.0659 23204 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:23:44.0660 23204 BrFiltUp - ok
20:23:44.0707 23204 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:23:44.0709 23204 Browser - ok
20:23:44.0738 23204 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:23:44.0742 23204 Brserid - ok
20:23:44.0748 23204 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:23:44.0750 23204 BrSerWdm - ok
20:23:44.0766 23204 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:23:44.0768 23204 BrUsbMdm - ok
20:23:44.0774 23204 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:23:44.0775 23204 BrUsbSer - ok
20:23:44.0822 23204 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:23:44.0824 23204 BthEnum - ok
20:23:44.0852 23204 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:23:44.0854 23204 BTHMODEM - ok
20:23:44.0891 23204 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:23:44.0893 23204 BthPan - ok
20:23:44.0946 23204 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:23:44.0953 23204 BTHPORT - ok
20:23:44.0994 23204 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:23:44.0995 23204 bthserv - ok
20:23:45.0036 23204 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:23:45.0038 23204 BTHUSB - ok
20:23:45.0081 23204 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
20:23:45.0083 23204 btmaux - ok
20:23:45.0122 23204 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
20:23:45.0126 23204 btmhsf - ok
20:23:45.0154 23204 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:23:45.0156 23204 cdfs - ok
20:23:45.0222 23204 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:23:45.0225 23204 cdrom - ok
20:23:45.0278 23204 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:23:45.0280 23204 CertPropSvc - ok
20:23:45.0325 23204 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:23:45.0326 23204 circlass - ok
20:23:45.0359 23204 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:23:45.0363 23204 CLFS - ok
20:23:45.0430 23204 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:23:45.0432 23204 clr_optimization_v2.0.50727_32 - ok
20:23:45.0486 23204 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:23:45.0488 23204 clr_optimization_v2.0.50727_64 - ok
20:23:45.0578 23204 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:23:45.0580 23204 clr_optimization_v4.0.30319_32 - ok
20:23:45.0619 23204 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:23:45.0621 23204 clr_optimization_v4.0.30319_64 - ok
20:23:45.0662 23204 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:23:45.0664 23204 CmBatt - ok
20:23:45.0687 23204 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:23:45.0689 23204 cmdide - ok
20:23:45.0727 23204 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:23:45.0732 23204 CNG - ok
20:23:45.0792 23204 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:23:45.0794 23204 Compbatt - ok
20:23:45.0853 23204 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:23:45.0855 23204 CompositeBus - ok
20:23:45.0875 23204 COMSysApp - ok
20:23:45.0898 23204 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:23:45.0900 23204 crcdisk - ok
20:23:45.0961 23204 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:23:45.0964 23204 CryptSvc - ok
20:23:46.0004 23204 [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:23:46.0008 23204 CtClsFlt - ok
20:23:46.0130 23204 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:23:46.0140 23204 cvhsvc - ok
20:23:46.0257 23204 [ 958EF96991ABCCFDAC0953C4A24081DC ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
20:23:46.0258 23204 DAZContentManagementService - ok
20:23:46.0324 23204 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:23:46.0331 23204 DcomLaunch - ok
20:23:46.0387 23204 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:23:46.0392 23204 defragsvc - ok
20:23:46.0446 23204 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:23:46.0449 23204 DfsC - ok
20:23:46.0501 23204 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:23:46.0506 23204 Dhcp - ok
20:23:46.0542 23204 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:23:46.0544 23204 discache - ok
20:23:46.0571 23204 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:23:46.0572 23204 Disk - ok
20:23:46.0602 23204 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:23:46.0607 23204 Dnscache - ok
20:23:46.0658 23204 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:23:46.0662 23204 dot3svc - ok
20:23:46.0706 23204 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:23:46.0709 23204 DPS - ok
20:23:46.0749 23204 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:23:46.0751 23204 drmkaud - ok
20:23:46.0811 23204 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:23:46.0831 23204 DXGKrnl - ok
20:23:46.0856 23204 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:23:46.0858 23204 EapHost - ok
20:23:46.0950 23204 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:23:47.0014 23204 ebdrv - ok
20:23:47.0050 23204 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:23:47.0053 23204 EFS - ok
20:23:47.0122 23204 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:23:47.0130 23204 ehRecvr - ok
20:23:47.0154 23204 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:23:47.0156 23204 ehSched - ok
20:23:47.0183 23204 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:23:47.0189 23204 elxstor - ok
20:23:47.0240 23204 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:23:47.0242 23204 ErrDev - ok
20:23:47.0276 23204 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:23:47.0281 23204 EventSystem - ok
20:23:47.0377 23204 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:23:47.0410 23204 EvtEng - ok
20:23:47.0439 23204 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:23:47.0443 23204 exfat - ok
20:23:47.0466 23204 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:23:47.0470 23204 fastfat - ok
20:23:47.0539 23204 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:23:47.0548 23204 Fax - ok
20:23:47.0568 23204 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:23:47.0570 23204 fdc - ok
20:23:47.0591 23204 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:23:47.0593 23204 fdPHost - ok
20:23:47.0600 23204 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:23:47.0602 23204 FDResPub - ok
20:23:47.0630 23204 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:23:47.0632 23204 FileInfo - ok
20:23:47.0639 23204 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:23:47.0641 23204 Filetrace - ok
20:23:47.0659 23204 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:23:47.0660 23204 flpydisk - ok
20:23:47.0717 23204 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:23:47.0721 23204 FltMgr - ok
20:23:47.0791 23204 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:23:47.0824 23204 FontCache - ok
20:23:47.0899 23204 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:23:47.0900 23204 FontCache3.0.0.0 - ok
20:23:47.0921 23204 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:23:47.0923 23204 FsDepends - ok
20:23:47.0959 23204 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:23:47.0961 23204 Fs_Rec - ok
20:23:48.0009 23204 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:23:48.0012 23204 fvevol - ok
20:23:48.0033 23204 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:23:48.0035 23204 gagp30kx - ok
20:23:48.0092 23204 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:23:48.0101 23204 gpsvc - ok
20:23:48.0242 23204 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:48.0244 23204 gupdate - ok
20:23:48.0257 23204 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:48.0258 23204 gupdatem - ok
20:23:48.0294 23204 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:23:48.0295 23204 hcw85cir - ok
20:23:48.0332 23204 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:23:48.0336 23204 HdAudAddService - ok
20:23:48.0402 23204 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:23:48.0406 23204 HDAudBus - ok
20:23:48.0412 23204 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:23:48.0413 23204 HidBatt - ok
20:23:48.0419 23204 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:23:48.0424 23204 HidBth - ok
20:23:48.0437 23204 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:23:48.0438 23204 HidIr - ok
20:23:48.0469 23204 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:23:48.0471 23204 hidserv - ok
20:23:48.0526 23204 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:23:48.0528 23204 HidUsb - ok
20:23:48.0573 23204 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:23:48.0576 23204 hkmsvc - ok
20:23:48.0619 23204 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:23:48.0623 23204 HomeGroupListener - ok
20:23:48.0664 23204 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:23:48.0669 23204 HomeGroupProvider - ok
20:23:48.0716 23204 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:23:48.0718 23204 HpSAMD - ok
20:23:48.0786 23204 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:23:48.0795 23204 HTTP - ok
20:23:48.0837 23204 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:23:48.0839 23204 hwpolicy - ok
20:23:48.0959 23204 [ 39602803DE367C94134C585072F5DF02 ] i2p C:\Program Files\i2p\I2Psvc.exe
20:23:48.0964 23204 i2p - ok
20:23:49.0019 23204 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:23:49.0021 23204 i8042prt - ok
20:23:49.0057 23204 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:23:49.0060 23204 iaStor - ok
20:23:49.0099 23204 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:23:49.0104 23204 iaStorV - ok
20:23:49.0163 23204 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
20:23:49.0165 23204 iBtFltCoex - ok
20:23:49.0226 23204 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:23:49.0236 23204 idsvc - ok
20:23:49.0578 23204 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:23:49.0863 23204 igfx - ok
20:23:49.0896 23204 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:23:49.0898 23204 iirsp - ok
20:23:49.0944 23204 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:23:49.0953 23204 IKEEXT - ok
20:23:49.0981 23204 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:23:49.0983 23204 Impcd - ok
20:23:50.0061 23204 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:23:50.0119 23204 IntcAzAudAddService - ok
20:23:50.0155 23204 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:23:50.0157 23204 intelide - ok
20:23:50.0189 23204 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:23:50.0191 23204 intelppm - ok
20:23:50.0224 23204 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:23:50.0227 23204 IPBusEnum - ok
20:23:50.0264 23204 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:23:50.0266 23204 IpFilterDriver - ok
20:23:50.0318 23204 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:23:50.0325 23204 iphlpsvc - ok
20:23:50.0371 23204 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:23:50.0373 23204 IPMIDRV - ok
20:23:50.0402 23204 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:23:50.0404 23204 IPNAT - ok
20:23:50.0424 23204 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:23:50.0425 23204 IRENUM - ok
20:23:50.0475 23204 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:23:50.0477 23204 isapnp - ok
20:23:50.0517 23204 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:23:50.0521 23204 iScsiPrt - ok
20:23:50.0549 23204 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:23:50.0551 23204 kbdclass - ok
20:23:50.0600 23204 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:23:50.0602 23204 kbdhid - ok
20:23:50.0617 23204 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:23:50.0619 23204 KeyIso - ok
20:23:50.0640 23204 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:23:50.0642 23204 KSecDD - ok
20:23:50.0660 23204 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:23:50.0663 23204 KSecPkg - ok
20:23:50.0687 23204 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:23:50.0688 23204 ksthunk - ok
20:23:50.0720 23204 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:23:50.0726 23204 KtmRm - ok
20:23:50.0783 23204 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:23:50.0788 23204 LanmanServer - ok
20:23:50.0834 23204 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:23:50.0838 23204 LanmanWorkstation - ok
20:23:50.0998 23204 [ 19EFF704CD16DD0429E128431F1DD631 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:23:51.0002 23204 LBTServ - ok
20:23:51.0079 23204 [ ABFD2B5726F4CCE49297AE48806CC594 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
20:23:51.0081 23204 LEqdUsb - ok
20:23:51.0130 23204 [ 933F69CF9ACD2498693BFCD7ED68E8D4 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
20:23:51.0132 23204 LHidEqd - ok
20:23:51.0147 23204 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:23:51.0150 23204 LHidFilt - ok
20:23:51.0195 23204 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:23:51.0197 23204 lltdio - ok
20:23:51.0230 23204 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:23:51.0236 23204 lltdsvc - ok
20:23:51.0284 23204 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:23:51.0286 23204 lmhosts - ok
20:23:51.0296 23204 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:23:51.0298 23204 LMouFilt - ok
20:23:51.0360 23204 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:23:51.0364 23204 LMS - ok
20:23:51.0400 23204 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:23:51.0403 23204 LSI_FC - ok
20:23:51.0409 23204 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:23:51.0412 23204 LSI_SAS - ok
20:23:51.0419 23204 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:23:51.0420 23204 LSI_SAS2 - ok
20:23:51.0426 23204 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:23:51.0428 23204 LSI_SCSI - ok
20:23:51.0447 23204 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:23:51.0450 23204 luafv - ok
20:23:51.0492 23204 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:23:51.0497 23204 LVRS64 - ok
20:23:51.0626 23204 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:23:51.0729 23204 LVUVC64 - ok
20:23:51.0792 23204 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
20:23:51.0795 23204 mcdbus - ok
20:23:51.0844 23204 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:23:51.0847 23204 Mcx2Svc - ok
20:23:51.0867 23204 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:23:51.0868 23204 megasas - ok
20:23:51.0893 23204 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:23:51.0896 23204 MegaSR - ok
20:23:51.0940 23204 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:23:51.0942 23204 MEIx64 - ok
20:23:51.0980 23204 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:23:51.0983 23204 MMCSS - ok
20:23:52.0000 23204 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:23:52.0001 23204 Modem - ok
20:23:52.0041 23204 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:23:52.0043 23204 monitor - ok
20:23:52.0063 23204 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:23:52.0065 23204 mouclass - ok
20:23:52.0092 23204 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:23:52.0093 23204 mouhid - ok
20:23:52.0138 23204 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:23:52.0140 23204 mountmgr - ok
20:23:52.0197 23204 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:23:52.0199 23204 MozillaMaintenance - ok
20:23:52.0218 23204 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:23:52.0221 23204 mpio - ok
20:23:52.0246 23204 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:23:52.0248 23204 mpsdrv - ok
20:23:52.0309 23204 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:23:52.0323 23204 MpsSvc - ok
20:23:52.0364 23204 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:23:52.0367 23204 MRxDAV - ok
20:23:52.0410 23204 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:23:52.0414 23204 mrxsmb - ok
20:23:52.0463 23204 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:23:52.0467 23204 mrxsmb10 - ok
20:23:52.0496 23204 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:23:52.0499 23204 mrxsmb20 - ok
20:23:52.0520 23204 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:23:52.0522 23204 msahci - ok
20:23:52.0560 23204 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:23:52.0563 23204 msdsm - ok
20:23:52.0582 23204 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:23:52.0586 23204 MSDTC - ok
20:23:52.0621 23204 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:23:52.0623 23204 Msfs - ok
20:23:52.0645 23204 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:23:52.0646 23204 mshidkmdf - ok
20:23:52.0687 23204 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:23:52.0688 23204 msisadrv - ok
20:23:52.0719 23204 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:23:52.0723 23204 MSiSCSI - ok
20:23:52.0727 23204 msiserver - ok
20:23:52.0757 23204 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:23:52.0759 23204 MSKSSRV - ok
20:23:52.0791 23204 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:23:52.0792 23204 MSPCLOCK - ok
20:23:52.0806 23204 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:23:52.0808 23204 MSPQM - ok
20:23:52.0850 23204 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:23:52.0855 23204 MsRPC - ok
20:23:52.0906 23204 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:23:52.0907 23204 mssmbios - ok
20:23:52.0914 23204 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:23:52.0916 23204 MSTEE - ok
20:23:52.0928 23204 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:23:52.0930 23204 MTConfig - ok
20:23:52.0953 23204 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:23:52.0954 23204 Mup - ok
20:23:52.0999 23204 [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:23:53.0003 23204 MyWiFiDHCPDNS - ok
20:23:53.0060 23204 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:23:53.0066 23204 napagent - ok
20:23:53.0127 23204 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:23:53.0131 23204 NativeWifiP - ok
20:23:53.0218 23204 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:23:53.0225 23204 NAUpdate - ok
20:23:53.0308 23204 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:23:53.0318 23204 NDIS - ok
20:23:53.0386 23204 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:23:53.0388 23204 NdisCap - ok
20:23:53.0420 23204 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:23:53.0421 23204 NdisTapi - ok
20:23:53.0483 23204 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:23:53.0485 23204 Ndisuio - ok
20:23:53.0533 23204 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:23:53.0536 23204 NdisWan - ok
20:23:53.0581 23204 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:23:53.0583 23204 NDProxy - ok
20:23:53.0606 23204 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:23:53.0608 23204 NetBIOS - ok
20:23:53.0662 23204 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:23:53.0665 23204 NetBT - ok
20:23:53.0683 23204 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:23:53.0685 23204 Netlogon - ok
20:23:53.0733 23204 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:23:53.0739 23204 Netman - ok
20:23:53.0778 23204 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:53.0780 23204 NetMsmqActivator - ok
20:23:53.0786 23204 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:53.0787 23204 NetPipeActivator - ok
20:23:53.0813 23204 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:23:53.0820 23204 netprofm - ok
20:23:53.0824 23204 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:53.0825 23204 NetTcpActivator - ok
20:23:53.0829 23204 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:53.0830 23204 NetTcpPortSharing - ok
20:23:54.0026 23204 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
20:23:54.0223 23204 NETwNs64 - ok
20:23:54.0243 23204 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:23:54.0245 23204 nfrd960 - ok
20:23:54.0305 23204 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:23:54.0310 23204 NlaSvc - ok
20:23:54.0328 23204 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:23:54.0330 23204 Npfs - ok
20:23:54.0355 23204 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:23:54.0358 23204 nsi - ok
20:23:54.0366 23204 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:23:54.0368 23204 nsiproxy - ok
20:23:54.0416 23204 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:23:54.0454 23204 Ntfs - ok
20:23:54.0484 23204 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:23:54.0485 23204 Null - ok
20:23:54.0525 23204 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:23:54.0527 23204 nusb3hub - ok
20:23:54.0551 23204 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:23:54.0555 23204 nusb3xhc - ok
20:23:54.0606 23204 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:23:54.0609 23204 NVHDA - ok
20:23:54.0929 23204 [ D5DEA2C1865CAB9EE6AA29CF9E79A2CE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:23:55.0238 23204 nvlddmkm - ok
20:23:55.0259 23204 [ 5EF70F7714C664BCF50EDFC141DEA9B8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:23:55.0260 23204 nvpciflt - ok
20:23:55.0300 23204 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:23:55.0304 23204 nvraid - ok
20:23:55.0327 23204 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:23:55.0330 23204 nvstor - ok
20:23:55.0392 23204 [ 5A4AF8EA634B4FEEAF6F16BB1845715A ] NVSvc C:\Windows\system32\nvvsvc.exe
20:23:55.0411 23204 NVSvc - ok
20:23:55.0509 23204 [ 4B7636C52A359AB0783B350A5FBDBB49 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:23:55.0557 23204 nvUpdatusService - ok
20:23:55.0609 23204 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:23:55.0611 23204 nv_agp - ok
20:23:55.0653 23204 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:23:55.0655 23204 ohci1394 - ok
20:23:55.0715 23204 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:23:55.0718 23204 ose - ok
20:23:55.0891 23204 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:23:56.0002 23204 osppsvc - ok
20:23:56.0044 23204 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:23:56.0049 23204 p2pimsvc - ok
20:23:56.0075 23204 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:23:56.0081 23204 p2psvc - ok
20:23:56.0106 23204 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:23:56.0108 23204 Parport - ok
20:23:56.0147 23204 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:23:56.0149 23204 partmgr - ok
20:23:56.0161 23204 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:23:56.0165 23204 PcaSvc - ok
20:23:56.0208 23204 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:23:56.0210 23204 pccsmcfd - ok
20:23:56.0229 23204 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:23:56.0232 23204 pci - ok
20:23:56.0269 23204 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:23:56.0271 23204 pciide - ok
20:23:56.0309 23204 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:23:56.0312 23204 pcmcia - ok
20:23:56.0327 23204 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:23:56.0328 23204 pcw - ok
20:23:56.0354 23204 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:23:56.0362 23204 PEAUTH - ok
20:23:56.0441 23204 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:23:56.0444 23204 PerfHost - ok
20:23:56.0517 23204 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:23:56.0554 23204 pla - ok
20:23:56.0604 23204 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:23:56.0612 23204 PlugPlay - ok
20:23:56.0622 23204 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:23:56.0626 23204 PNRPAutoReg - ok
20:23:56.0645 23204 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:23:56.0649 23204 PNRPsvc - ok
20:23:56.0702 23204 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:23:56.0708 23204 PolicyAgent - ok
20:23:56.0734 23204 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:23:56.0739 23204 Power - ok
20:23:56.0793 23204 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:23:56.0795 23204 PptpMiniport - ok
20:23:56.0808 23204 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:23:56.0810 23204 Processor - ok
20:23:56.0864 23204 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:23:56.0869 23204 ProfSvc - ok
20:23:56.0884 23204 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:23:56.0886 23204 ProtectedStorage - ok
20:23:56.0938 23204 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:23:56.0940 23204 Psched - ok
20:23:56.0964 23204 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:23:56.0966 23204 PxHlpa64 - ok
20:23:57.0016 23204 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:23:57.0053 23204 ql2300 - ok
20:23:57.0058 23204 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:23:57.0061 23204 ql40xx - ok
20:23:57.0084 23204 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:23:57.0089 23204 QWAVE - ok
20:23:57.0116 23204 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:23:57.0118 23204 QWAVEdrv - ok
20:23:57.0124 23204 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:23:57.0126 23204 RasAcd - ok
20:23:57.0153 23204 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:23:57.0156 23204 RasAgileVpn - ok
20:23:57.0172 23204 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:23:57.0175 23204 RasAuto - ok
20:23:57.0231 23204 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:23:57.0233 23204 Rasl2tp - ok
20:23:57.0281 23204 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:23:57.0287 23204 RasMan - ok
20:23:57.0339 23204 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:23:57.0342 23204 RasPppoe - ok
20:23:57.0357 23204 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:23:57.0359 23204 RasSstp - ok
20:23:57.0410 23204 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:23:57.0414 23204 rdbss - ok
20:23:57.0458 23204 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:23:57.0460 23204 rdpbus - ok
20:23:57.0479 23204 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:23:57.0480 23204 RDPCDD - ok
20:23:57.0517 23204 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:23:57.0519 23204 RDPENCDD - ok
20:23:57.0530 23204 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:23:57.0532 23204 RDPREFMP - ok
20:23:57.0567 23204 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:23:57.0570 23204 RDPWD - ok
20:23:57.0640 23204 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:23:57.0643 23204 rdyboost - ok
20:23:57.0729 23204 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:23:57.0740 23204 RegSrvc - ok
20:23:57.0782 23204 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:23:57.0787 23204 RemoteAccess - ok
20:23:57.0819 23204 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:23:57.0823 23204 RemoteRegistry - ok
20:23:57.0859 23204 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:23:57.0862 23204 RFCOMM - ok
20:23:57.0968 23204 [ BDDC447AB46625A54619808575D5CB46 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:23:58.0002 23204 RoxMediaDB12OEM - ok
20:23:58.0034 23204 [ CE203243ADF512540249DF9C264F12DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:23:58.0037 23204 RoxWatch12 - ok
20:23:58.0071 23204 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:23:58.0075 23204 RpcEptMapper - ok
20:23:58.0103 23204 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:23:58.0106 23204 RpcLocator - ok
20:23:58.0157 23204 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:23:58.0162 23204 RpcSs - ok
20:23:58.0203 23204 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:23:58.0205 23204 rspndr - ok
20:23:58.0229 23204 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:23:58.0230 23204 RSUSBSTOR - ok
20:23:58.0275 23204 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:23:58.0282 23204 RTL8167 - ok
20:23:58.0295 23204 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:23:58.0297 23204 SamSs - ok
20:23:58.0335 23204 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:23:58.0337 23204 sbp2port - ok
20:23:58.0364 23204 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:23:58.0369 23204 SCardSvr - ok
20:23:58.0414 23204 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:23:58.0416 23204 scfilter - ok
20:23:58.0480 23204 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:23:58.0514 23204 Schedule - ok
20:23:58.0556 23204 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:23:58.0558 23204 SCPolicySvc - ok
20:23:58.0597 23204 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:23:58.0602 23204 SDRSVC - ok
20:23:58.0641 23204 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:23:58.0643 23204 secdrv - ok
20:23:58.0689 23204 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:23:58.0692 23204 seclogon - ok
20:23:58.0726 23204 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:23:58.0730 23204 SENS - ok
20:23:58.0746 23204 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:23:58.0749 23204 SensrSvc - ok
20:23:58.0785 23204 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:23:58.0786 23204 Serenum - ok
20:23:58.0802 23204 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:23:58.0805 23204 Serial - ok
20:23:58.0850 23204 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:23:58.0852 23204 sermouse - ok
20:23:58.0916 23204 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:23:58.0925 23204 ServiceLayer - ok
20:23:58.0990 23204 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:23:58.0995 23204 SessionEnv - ok
20:23:59.0032 23204 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:23:59.0034 23204 sffdisk - ok
20:23:59.0044 23204 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:23:59.0046 23204 sffp_mmc - ok
20:23:59.0051 23204 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:23:59.0053 23204 sffp_sd - ok
20:23:59.0100 23204 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:23:59.0101 23204 sfloppy - ok
20:23:59.0172 23204 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:23:59.0181 23204 Sftfs - ok
20:23:59.0295 23204 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:23:59.0301 23204 sftlist - ok
20:23:59.0321 23204 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:23:59.0326 23204 Sftplay - ok
20:23:59.0358 23204 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:23:59.0360 23204 Sftredir - ok
20:23:59.0444 23204 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:23:59.0481 23204 SftService - ok
20:23:59.0501 23204 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:23:59.0502 23204 Sftvol - ok
20:23:59.0585 23204 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:23:59.0587 23204 sftvsa - ok
20:23:59.0620 23204 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:23:59.0626 23204 SharedAccess - ok
20:23:59.0690 23204 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:23:59.0698 23204 ShellHWDetection - ok
20:23:59.0726 23204 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:23:59.0727 23204 SiSRaid2 - ok
20:23:59.0765 23204 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:23:59.0768 23204 SiSRaid4 - ok
20:23:59.0801 23204 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:23:59.0803 23204 Smb - ok
20:23:59.0844 23204 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:23:59.0847 23204 SNMPTRAP - ok
20:23:59.0860 23204 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:23:59.0862 23204 spldr - ok
20:23:59.0921 23204 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:23:59.0929 23204 Spooler - ok
20:24:00.0061 23204 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:24:00.0137 23204 sppsvc - ok
20:24:00.0179 23204 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:24:00.0183 23204 sppuinotify - ok
20:24:00.0227 23204 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:24:00.0233 23204 srv - ok
20:24:00.0276 23204 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:24:00.0281 23204 srv2 - ok
20:24:00.0296 23204 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:24:00.0299 23204 srvnet - ok
20:24:00.0333 23204 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:24:00.0339 23204 SSDPSRV - ok
20:24:00.0356 23204 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:24:00.0360 23204 SstpSvc - ok
20:24:00.0401 23204 [ 79969ACAEEBEDA7DC3673656AB9918FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:24:00.0406 23204 Stereo Service - ok
20:24:00.0430 23204 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:24:00.0432 23204 stexstor - ok
20:24:00.0495 23204 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:24:00.0504 23204 stisvc - ok
20:24:00.0544 23204 [ 9E182DD94496550A22A392CC1A8E0F52 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:24:00.0546 23204 stllssvr - ok
20:24:00.0581 23204 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:24:00.0583 23204 swenum - ok
20:24:00.0686 23204 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:24:00.0693 23204 SwitchBoard - ok
20:24:00.0764 23204 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:24:00.0773 23204 swprv - ok
20:24:00.0880 23204 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:24:00.0914 23204 SysMain - ok
20:24:00.0964 23204 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:00.0968 23204 TabletInputService - ok
20:24:01.0150 23204 [ 5F5AC85DE73FD25AD36BF591185EC009 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
20:24:01.0340 23204 TabletServicePen - ok
20:24:01.0397 23204 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:24:01.0405 23204 TapiSrv - ok
20:24:01.0470 23204 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:24:01.0473 23204 TBS - ok
20:24:01.0535 23204 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:24:01.0584 23204 Tcpip - ok
20:24:01.0660 23204 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:24:01.0678 23204 TCPIP6 - ok
20:24:01.0724 23204 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:24:01.0726 23204 tcpipreg - ok
20:24:01.0768 23204 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:24:01.0770 23204 TDPIPE - ok
20:24:01.0797 23204 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:24:01.0799 23204 TDTCP - ok
20:24:01.0850 23204 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:24:01.0853 23204 tdx - ok
20:24:01.0898 23204 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:24:01.0900 23204 TermDD - ok
20:24:01.0953 23204 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:24:01.0963 23204 TermService - ok
20:24:01.0992 23204 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:24:01.0995 23204 Themes - ok
20:24:02.0025 23204 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:24:02.0028 23204 THREADORDER - ok
20:24:02.0072 23204 [ 7446E9D669A3B747BC4D11A82F69A5ED ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
20:24:02.0078 23204 TouchServicePen - ok
20:24:02.0096 23204 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:24:02.0100 23204 TrkWks - ok
20:24:02.0129 23204 [ EA43DE1743C1BA0D2D17B8DB90C91D88 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
20:24:02.0133 23204 truecrypt - ok
20:24:02.0194 23204 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:02.0197 23204 TrustedInstaller - ok
20:24:02.0245 23204 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:02.0247 23204 tssecsrv - ok
20:24:02.0278 23204 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:24:02.0280 23204 TsUsbFlt - ok
20:24:02.0360 23204 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:24:02.0362 23204 tunnel - ok
20:24:02.0395 23204 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:24:02.0397 23204 TurboB - ok
20:24:02.0433 23204 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:24:02.0437 23204 TurboBoost - ok
20:24:02.0463 23204 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:24:02.0465 23204 uagp35 - ok
20:24:02.0599 23204 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:24:02.0603 23204 udfs - ok
20:24:02.0670 23204 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:24:02.0674 23204 UI0Detect - ok
20:24:02.0711 23204 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:24:02.0713 23204 uliagpkx - ok
20:24:02.0779 23204 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:24:02.0781 23204 umbus - ok
20:24:02.0801 23204 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:24:02.0803 23204 UmPass - ok
20:24:02.0892 23204 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:24:02.0897 23204 UMVPFSrv - ok
20:24:02.0980 23204 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
20:24:02.0982 23204 UnlockerDriver5 - ok
20:24:03.0153 23204 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:03.0211 23204 UNS - ok
20:24:03.0241 23204 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:24:03.0247 23204 upnphost - ok
20:24:03.0273 23204 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:24:03.0275 23204 usbaudio - ok
20:24:03.0320 23204 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:03.0322 23204 usbccgp - ok
20:24:03.0368 23204 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:24:03.0371 23204 usbcir - ok
20:24:03.0386 23204 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:24:03.0387 23204 usbehci - ok
20:24:03.0445 23204 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:24:03.0450 23204 usbhub - ok
20:24:03.0502 23204 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:24:03.0505 23204 usbohci - ok
20:24:03.0552 23204 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:24:03.0554 23204 usbprint - ok
20:24:03.0583 23204 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:24:03.0585 23204 usbscan - ok
20:24:03.0633 23204 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:03.0636 23204 USBSTOR - ok
20:24:03.0658 23204 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:24:03.0660 23204 usbuhci - ok
20:24:03.0720 23204 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:24:03.0723 23204 usbvideo - ok
20:24:03.0747 23204 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:24:03.0750 23204 UxSms - ok
20:24:03.0761 23204 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:24:03.0765 23204 VaultSvc - ok
20:24:03.0776 23204 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:24:03.0778 23204 vdrvroot - ok
20:24:03.0848 23204 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:24:03.0856 23204 vds - ok
20:24:03.0896 23204 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:03.0898 23204 vga - ok
20:24:03.0912 23204 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:24:03.0914 23204 VgaSave - ok
20:24:03.0966 23204 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:24:03.0969 23204 vhdmp - ok
20:24:04.0008 23204 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:24:04.0010 23204 viaide - ok
20:24:04.0033 23204 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:24:04.0035 23204 volmgr - ok
20:24:04.0081 23204 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:24:04.0087 23204 volmgrx - ok
20:24:04.0103 23204 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:24:04.0107 23204 volsnap - ok
20:24:04.0138 23204 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:24:04.0142 23204 vsmraid - ok
20:24:04.0210 23204 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:24:04.0256 23204 VSS - ok
20:24:04.0273 23204 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:24:04.0275 23204 vwifibus - ok
20:24:04.0308 23204 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:24:04.0310 23204 vwififlt - ok
20:24:04.0343 23204 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:24:04.0345 23204 vwifimp - ok
20:24:04.0375 23204 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:24:04.0401 23204 W32Time - ok
20:24:04.0493 23204 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
20:24:04.0498 23204 W3SVC - ok
20:24:04.0541 23204 [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:24:04.0542 23204 wacmoumonitor - ok
20:24:04.0589 23204 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:24:04.0591 23204 wacommousefilter - ok
20:24:04.0606 23204 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:24:04.0608 23204 WacomPen - ok
20:24:04.0636 23204 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
20:24:04.0638 23204 wacomvhid - ok
20:24:04.0699 23204 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:24:04.0701 23204 WANARP - ok
20:24:04.0705 23204 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:24:04.0706 23204 Wanarpv6 - ok
20:24:04.0749 23204 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
20:24:04.0752 23204 WAS - ok
20:24:04.0811 23204 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:24:04.0848 23204 wbengine - ok
20:24:04.0888 23204 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:24:04.0895 23204 WbioSrvc - ok
20:24:04.0936 23204 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:24:04.0944 23204 wcncsvc - ok
20:24:04.0963 23204 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:24:04.0967 23204 WcsPlugInService - ok
20:24:04.0998 23204 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:24:05.0000 23204 Wd - ok
20:24:05.0031 23204 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:24:05.0038 23204 Wdf01000 - ok
20:24:05.0057 23204 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:24:05.0061 23204 WdiServiceHost - ok
20:24:05.0064 23204 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:24:05.0068 23204 WdiSystemHost - ok
20:24:05.0103 23204 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
20:24:05.0105 23204 wdkmd - ok
20:24:05.0150 23204 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:24:05.0156 23204 WebClient - ok
20:24:05.0190 23204 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:24:05.0196 23204 Wecsvc - ok
20:24:05.0206 23204 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:24:05.0210 23204 wercplsupport - ok
20:24:05.0242 23204 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:24:05.0246 23204 WerSvc - ok
20:24:05.0279 23204 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:24:05.0282 23204 WfpLwf - ok
20:24:05.0309 23204 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:24:05.0313 23204 WimFltr - ok
20:24:05.0330 23204 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:24:05.0332 23204 WIMMount - ok
20:24:05.0344 23204 WinDefend - ok
20:24:05.0349 23204 WinHttpAutoProxySvc - ok
20:24:05.0394 23204 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:24:05.0397 23204 Winmgmt - ok
20:24:05.0481 23204 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:24:05.0531 23204 WinRM - ok
20:24:05.0607 23204 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
20:24:05.0609 23204 WinUSB - ok
20:24:05.0659 23204 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:24:05.0675 23204 Wlansvc - ok
20:24:05.0722 23204 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:24:05.0724 23204 wlcrasvc - ok
20:24:05.0852 23204 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:24:05.0903 23204 wlidsvc - ok
20:24:05.0966 23204 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:24:05.0968 23204 WmiAcpi - ok
20:24:06.0000 23204 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:24:06.0003 23204 wmiApSrv - ok
20:24:06.0040 23204 WMPNetworkSvc - ok
20:24:06.0063 23204 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:24:06.0067 23204 WPCSvc - ok
20:24:06.0113 23204 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:24:06.0118 23204 WPDBusEnum - ok
20:24:06.0152 23204 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:24:06.0154 23204 ws2ifsl - ok
20:24:06.0169 23204 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:24:06.0173 23204 wscsvc - ok
20:24:06.0176 23204 WSearch - ok
20:24:06.0262 23204 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:24:06.0322 23204 wuauserv - ok
20:24:06.0348 23204 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:24:06.0351 23204 WudfPf - ok
20:24:06.0402 23204 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:06.0405 23204 WUDFRd - ok
20:24:06.0436 23204 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:24:06.0440 23204 wudfsvc - ok
20:24:06.0467 23204 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:24:06.0473 23204 WwanSvc - ok
20:24:06.0490 23204 ================ Scan global ===============================
20:24:06.0517 23204 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:24:06.0551 23204 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:24:06.0561 23204 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:24:06.0592 23204 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:24:06.0629 23204 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:24:06.0635 23204 [Global] - ok
20:24:06.0635 23204 ================ Scan MBR ==================================
20:24:06.0645 23204 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:24:06.0924 23204 \Device\Harddisk0\DR0 - ok
20:24:06.0924 23204 ================ Scan VBR ==================================
20:24:06.0927 23204 [ CA2E3639A093B2D9C85146588E9DB88F ] \Device\Harddisk0\DR0\Partition1
20:24:06.0928 23204 \Device\Harddisk0\DR0\Partition1 - ok
20:24:06.0945 23204 [ C845D5C8BB657EE4EBCDF33A84300C9A ] \Device\Harddisk0\DR0\Partition2
20:24:06.0946 23204 \Device\Harddisk0\DR0\Partition2 - ok
20:24:06.0947 23204 ============================================================
20:24:06.0947 23204 Scan finished
20:24:06.0947 23204 ============================================================
20:24:06.0955 22184 Detected object count: 0
20:24:06.0955 22184 Actual detected object count: 0


Alt 06.09.2012, 14:10   #6
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> iexplorer prozess

Alt 06.09.2012, 19:25   #7
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Anbei der log von combofix:

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-06.02 - Christof 06.09.2012  19:10:03.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4010.2343 [GMT 2:00]
ausgeführt von:: c:\users\Christof\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\07439fd5-7039-4014-b635-5bf088a1465b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d85b53c-d766-4bf0-8940-17b534910268.dll
c:\programdata\PCDr\6032\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\140239b3-d59a-46fa-b856-17682a46cb44.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16ab6978-b6b5-41fa-81a1-8bffc55a69b9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\246b20c1-8ea9-4148-a34e-d03c8a1d5a76.dll
c:\programdata\PCDr\6032\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\27e5bc9a-105f-4d7f-8352-e6ef1c8933dd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2ee79d71-badc-46b4-b731-42b15f3cd1c3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3a79f062-8f3e-464f-9815-2c45840494ee.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3e4c86d5-a5c1-4c3f-8fc7-6258992b16c5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6032\AddOnDownloaded\493f295d-1a46-46f6-926c-63b474cedab4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5e1c102f-bfde-420c-87c0-64fe851888e5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6928cebe-dc61-4564-a488-e19724a8de68.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7014e871-cc3b-4dec-b82b-bc70222b40ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8a6735b1-c078-4648-9416-b6bb29ec3dc1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9ad10df8-6662-488d-9a0f-1fab1ee3403d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9f8591c3-5048-42f7-9553-387b30449f54.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a2192d8a-3d73-4ff7-be9b-02134f41db63.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a4930af9-016c-4915-a740-a3364e7618aa.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ac96894a-064b-4c44-a457-9d5aaee7032a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\adb45b82-004f-4eed-bd54-d60d7eda1ff5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2ed8d53-41ce-48e6-b4ac-8b8e5e1a4fdf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b9ce760f-6209-48f2-a4a3-695324591c45.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbfa36b0-30b0-4e36-8d8c-69df1d87626b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c2690c4c-81f4-4565-a861-643c7af1fa90.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\daf30858-49d8-434b-b4b1-068b5dc9267c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e86f11dd-8b83-43cc-899e-f935ce0a1ea0.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e9bb45d9-5a2b-47e8-9c48-168276d422cc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\eb1a169a-7868-4b2c-ae46-52b55b4db151.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f80d4ad1-1fad-43b5-b6f3-347848b5ddd5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\programdata\Roaming
c:\users\Christof\AppData\Local\Microsoft\Windows\Temporary Internet Files\countdown.gadget
c:\windows\SysWow64\muzapp.exe
Y:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-06 bis 2012-09-06  ))))))))))))))))))))))))))))))
.
.
2012-09-06 17:36 . 2012-09-06 17:36	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-09-06 17:36 . 2012-09-06 17:36	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2012-09-06 17:36 . 2012-09-06 17:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-01 20:22 . 2012-09-01 20:22	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-28 19:57 . 2012-08-28 19:57	--------	d-----w-	c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-08-26 14:11 . 2012-08-26 14:11	--------	d-----w-	c:\users\Christof\AppData\Local\Logitech® Webcam-Software
2012-08-26 14:08 . 2012-08-26 14:08	53248	----a-r-	c:\users\Christof\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-08-26 14:07 . 2012-08-26 14:07	--------	d-----w-	c:\programdata\Logitech
2012-08-26 14:07 . 2012-08-26 14:07	--------	d-----w-	c:\program files (x86)\Common Files\LWS
2012-08-26 14:06 . 2012-08-26 14:06	--------	d-----w-	c:\program files (x86)\Logitech
2012-08-23 16:24 . 2012-08-23 16:24	--------	d-----w-	c:\programdata\PC-Doctor for Windows
2012-08-19 13:24 . 2012-08-22 21:28	--------	d-----w-	c:\users\Christof\AppData\Local\Freenet
2012-08-17 15:12 . 2012-07-06 20:07	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-08-15 19:03 . 2012-02-11 06:43	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-15 19:03 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-15 19:03 . 2012-02-11 05:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-15 19:03 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-15 19:03 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2012-08-15 19:03 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-15 19:03 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 19:03 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-15 19:03 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-15 19:03 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-15 19:03 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 19:03 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-10 16:55 . 2012-08-10 16:55	--------	d-----w-	c:\users\Christof\AppData\Roaming\Malwarebytes
2012-08-10 16:54 . 2012-08-10 16:54	--------	d-----w-	c:\programdata\Malwarebytes
2012-08-10 16:54 . 2012-08-10 16:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-10 16:54 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-08 14:35 . 2012-08-08 14:35	0	----a-w-	c:\windows\SysWow64\sho8300.tmp
2012-08-08 14:29 . 2012-08-08 14:29	--------	d-----w-	c:\program files (x86)\RAMRush
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 20:04 . 2012-04-05 12:56	696520	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-28 20:04 . 2011-05-23 20:43	73416	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-17 15:06 . 2011-04-11 20:42	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-03-17 13:51	54072	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2011-07-06 20:42	355856	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2011-07-06 20:42	59728	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2011-07-06 20:42	958400	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2011-07-06 20:42	71064	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2011-07-06 20:42	25232	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2011-07-06 20:41	41224	----a-w-	c:\windows\avastSS.scr
2012-07-03 16:21 . 2011-07-06 20:41	227648	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2011-07-06 20:42	285328	----a-w-	c:\windows\system32\aswBoot.exe
2012-06-09 05:43 . 2012-07-11 17:22	14172672	----a-w-	c:\windows\system32\shell32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\NCH_DE\prxtbNCH_.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AVMUSBFernanschluss"="c:\users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [2011-04-17 147456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-01 522736]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-04-08 1406248]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-10 559616]
.
c:\users\Christof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
JDownloader.lnk - c:\program files (x86)\JDownloader\JDLauncher.exe [2011-4-13 341120]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-6-3 576000]
Mozilla Firefox.lnk - c:\program files (x86)\Mozilla Firefox\firefox.exe [2012-6-12 917984]
Mozilla Thunderbird.lnk - c:\program files (x86)\Mozilla Thunderbird\thunderbird.exe [2011-4-12 388576]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-28 250568]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-01 114144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 18288]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-02-18 25960]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 i2p;I2P Service;c:\program files\i2p\I2Psvc.exe [2012-08-05 415232]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-18 2009704]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 5790064]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 487280]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2011-04-17 116096]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-04-30 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-04-30 15128]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-22 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 04909311
*Deregistered* - 04909311
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 20:04]
.
2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 22:32]
.
2012-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-13 22:32]
.
2012-08-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-08-23 05:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21	133400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-01-05 592240]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-10 4500640]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-01-25 1802472]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2010-11-04 980368]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-02-18 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-07 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-07 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-07 415064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2011-06-13 6707888]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2011-06-13 71344]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Christof\AppData\Roaming\Mozilla\Firefox\Profiles\4monslo4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ig?hl=de
FF - prefs.js: network.proxy.http - 77.220.20.198
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-UnlockerAssistant - c:\program files (x86)\Unlocker\UnlockerAssistant.exe
Toolbar-Locked - (no file)
WebBrowser-{B106B661-3E1B-4015-AF5C-195E909F35C6} - (no file)
.
.
.
Zeit der Fertigstellung: 2012-09-06  20:11:22
ComboFix-quarantined-files.txt  2012-09-06 18:11
.
Vor Suchlauf: 17 Verzeichnis(se), 96.855.261.184 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 97.172.504.576 Bytes frei
.
- - End Of File - - 25D8AAB75EF72A94086F2AF551C9B80B
         
--- --- ---

Es gab während der Ausführung mehrere Fehlermeldungen, ich hab mal Screenshots davon angehängt (ich hoffe es geht). Die eine ohne scan im Titel war während des entpackens der Software, die zweite war während Schritt 2 beim Scan und die dritte war kurz vor dem Ende, als angezeigt wurde, dass sich das Fenster gleich schließen wird.
Miniaturansicht angehängter Grafiken
iexplorer prozess-1.-fehlermeldung-combofix_scan.jpg   iexplorer prozess-2.-fehlermeldung-combofix_scan.jpg   iexplorer prozess-1.-fehlermeldung-combofix.jpg  

Alt 07.09.2012, 12:54   #8
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Downloade dir bitte Farbar Recovery Scan Tool 64-Bit und speichere diese auf einen USB Stick.

Schließe den USB Stick an das infizierte System an

Du musst das System nun in die System Reparatur Option booten.

Über den Boot Manager
  • Starte den Rechner neu auf.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu auf und starte von der CD
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !!
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".


Wähle in den Reparaturoptionen Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument --> Datei --> Speichern unter und wähle Computer
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Yes und klicke Scan
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 11.09.2012, 15:16   #9
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 11.09.2012, 19:32   #10
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Sorry, hatte die letzten Tage keine Zeit mich hierum zu kümmern, ich will das auf jeden Fall zu Ende bringen. Hier also der Scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2012
Ran by SYSTEM at 11-09-2012 20:20:07
Running from F:\
Windows 7 Home Premium (X64) OS Language: German Standard
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [592240 2011-01-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10222080 2010-12-14] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [207350 2011-01-25] ()
HKLM\...\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart [980368 2010-11-04] (The Eraser Project)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [312936 2011-02-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s [6707888 2011-06-13] (Space Sciences Laboratory)
HKLM\...\Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe" [71344 2011-06-13] (Space Sciences Laboratory)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-06-23] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35768 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-09-04] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe" [522736 2010-11-01] ()
HKLM-x32\...\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4282728 2012-08-21] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart [1406248 2011-04-08] (Nero AG)
HKLM-x32\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [929680 2011-09-29] (Samsung)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508112 2011-09-29] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
HKU\Christof\...\Run: [AVMUSBFernanschluss] "C:\Users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [147456 2011-04-17] (AVM Berlin)
HKU\UpdatusUser\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" [880496 2012-05-11] (BitTorrent, Inc.)
HKU\UpdatusUser\...\Run: [AVMUSBFernanschluss] "C:\Users\Christof\AppData\Local\Apps\2.0\7VJ7GXR5.O47\RWGNNHRP.9V6\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [147456 2011-04-17] (AVM Berlin)
HKU\UpdatusUser\...\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-10] (Dell)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
AppInit_DLLs: C:\Windows\System32\nvinitx.dll

==================== Services ====================

2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-08-21] (AVAST Software)
2 Bluetooth Device Monitor; "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" [901184 2010-12-14] (Intel Corporation)
3 Bluetooth Media Service; "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" [1298496 2010-12-14] (Intel Corporation)
2 Bluetooth OBEX Service; "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" [974912 2010-12-14] (Intel Corporation)
2 DAZContentManagementService; "C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe" [22528 2011-05-05] ()
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
2 NetPipeActivator; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 NetTcpActivator; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
2 W3SVC; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [397824 2010-11-20] (Microsoft Corporation)
2 i2p; "C:\Program Files\i2p\I2Psvc.exe" -s "C:\Program Files\i2p\wrapper.config" [x]

==================== Drivers =================================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
3 avmaudio; C:\Windows\System32\Drivers\avmaudio.sys [116096 2011-04-17] (AVM Berlin)
3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) =================


==================== One Month Created Files and Folders ======================

2012-09-11 20:19 - 2012-09-11 20:20 - 00000000 ____D C:\FRST
2012-09-09 15:37 - 2012-09-09 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-09-06 13:11 - 2012-09-06 13:11 - 00026293 ____A C:\ComboFix.txt
2012-09-06 12:56 - 2012-09-06 12:56 - 00000000 ____D C:\Windows\erdnt
2012-09-06 12:05 - 2012-09-06 13:12 - 00000000 ___AD C:\Qoobox
2012-09-06 12:05 - 2011-06-26 01:45 - 00256000 ____A C:\Windows\PEV.exe
2012-09-06 12:05 - 2010-11-07 12:20 - 00208896 ____A C:\Windows\MBR.exe
2012-09-06 12:05 - 2009-04-19 23:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-09-06 12:05 - 2000-08-30 19:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-09-06 12:05 - 2000-08-30 19:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-09-06 12:05 - 2000-08-30 19:00 - 00098816 ____A C:\Windows\sed.exe
2012-09-06 12:05 - 2000-08-30 19:00 - 00080412 ____A C:\Windows\grep.exe
2012-09-06 12:05 - 2000-08-30 19:00 - 00068096 ____A C:\Windows\zip.exe
2012-09-06 12:00 - 2012-09-06 12:00 - 04745369 ____R (Swearware) C:\Users\Christof\Desktop\ComboFix.exe
2012-09-05 13:22 - 2012-09-05 13:22 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\Christof\Desktop\tdsskiller.exe
2012-09-03 12:31 - 2012-09-03 12:31 - 00000000 ____A C:\Users\Christof\defogger_reenable
2012-08-28 14:57 - 2012-08-28 14:57 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-08-26 09:11 - 2012-08-26 09:11 - 00000000 ____D C:\Users\Christof\AppData\Local\Logitech® Webcam-Software
2012-08-26 09:07 - 2012-08-26 09:07 - 00000000 ____D C:\Users\All Users\Logitech
2012-08-26 09:07 - 2012-08-26 09:07 - 00000000 ____D C:\Users\All Users\Application Data\Logitech
2012-08-26 09:06 - 2012-08-26 09:06 - 00000000 ____D C:\Program Files (x86)\Logitech
2012-08-26 08:53 - 2012-08-26 14:52 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2012-08-26 08:53 - 2012-08-26 09:08 - 00011395 ____A C:\Windows\System32\lvcoinst.log
2012-08-26 08:29 - 2012-09-09 07:53 - 00065024 __ASH C:\Users\Christof\Thumbs.db
2012-08-26 08:29 - 2011-04-12 14:48 - 00000658 ____A C:\Users\Christof\Daten.lnk
2012-08-19 08:24 - 2012-08-22 16:28 - 00000000 ____D C:\Users\Christof\AppData\Local\Freenet
2012-08-17 10:12 - 2012-07-06 15:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-08-17 10:11 - 2012-06-28 23:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-17 10:11 - 2012-06-28 23:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-17 10:11 - 2012-06-28 22:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-17 10:11 - 2012-06-28 22:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-17 10:11 - 2012-06-28 22:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-17 10:11 - 2012-06-28 22:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-17 10:11 - 2012-06-28 22:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-17 10:11 - 2012-06-28 22:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-17 10:11 - 2012-06-28 22:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-17 10:11 - 2012-06-28 22:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-17 10:11 - 2012-06-28 22:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-17 10:11 - 2012-06-28 22:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-17 10:11 - 2012-06-28 22:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-17 10:11 - 2012-06-28 22:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-17 10:11 - 2012-06-28 19:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-17 10:11 - 2012-06-28 19:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-17 10:11 - 2012-06-28 19:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-17 10:11 - 2012-06-28 19:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-17 10:11 - 2012-06-28 19:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-17 10:11 - 2012-06-28 19:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-17 10:11 - 2012-06-28 19:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-17 10:11 - 2012-06-28 19:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-17 10:11 - 2012-06-28 19:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-17 10:11 - 2012-06-28 19:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-17 10:11 - 2012-06-28 19:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-17 10:11 - 2012-06-28 19:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-17 10:11 - 2012-06-28 19:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-17 10:11 - 2012-06-28 18:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 14:03 - 2012-07-18 13:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 14:03 - 2012-07-04 17:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 14:03 - 2012-07-04 17:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 14:03 - 2012-07-04 17:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 14:03 - 2012-07-04 16:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 14:03 - 2012-07-04 16:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-15 14:03 - 2012-05-14 00:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 14:03 - 2012-05-05 03:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 14:03 - 2012-05-05 02:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-15 14:03 - 2012-02-11 01:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 14:03 - 2012-02-11 01:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-15 14:03 - 2012-02-11 01:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 14:03 - 2012-02-11 00:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

==================== 3 Months Modified Files ================================

2012-09-11 13:14 - 2009-07-14 00:10 - 01412816 ____A C:\Windows\WindowsUpdate.log
2012-09-11 13:03 - 2012-04-13 17:32 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-09-11 12:35 - 2012-04-05 07:56 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-09-11 12:03 - 2012-04-13 17:32 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-09-10 13:44 - 2009-07-14 12:58 - 00760156 ____A C:\Windows\System32\perfh007.dat
2012-09-10 13:44 - 2009-07-14 12:58 - 00169484 ____A C:\Windows\System32\perfc007.dat
2012-09-10 13:44 - 2009-07-14 00:13 - 01768540 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-10 11:27 - 2012-04-05 07:56 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-09-10 11:27 - 2011-05-23 15:43 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-09-10 11:27 - 2009-07-13 23:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-10 11:27 - 2009-07-13 23:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-10 11:26 - 2011-04-14 15:35 - 00007599 ____A C:\Users\Christof\AppData\Local\Resmon.ResmonCfg
2012-09-10 11:09 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-10 11:09 - 2009-07-13 23:51 - 00078616 ____A C:\Windows\setupact.log
2012-09-09 07:53 - 2012-08-26 08:29 - 00065024 __ASH C:\Users\Christof\Thumbs.db
2012-09-09 03:40 - 2011-07-06 15:42 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-09-07 16:16 - 2011-04-06 10:20 - 00030086 ____A C:\Windows\PFRO.log
2012-09-06 13:11 - 2012-09-06 13:11 - 00026293 ____A C:\ComboFix.txt
2012-09-06 12:37 - 2009-07-13 21:34 - 00000215 ____A C:\Windows\system.ini
2012-09-06 12:00 - 2012-09-06 12:00 - 04745369 ____R (Swearware) C:\Users\Christof\Desktop\ComboFix.exe
2012-09-05 13:22 - 2012-09-05 13:22 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\Christof\Desktop\tdsskiller.exe
2012-09-03 12:31 - 2012-09-03 12:31 - 00000000 ____A C:\Users\Christof\defogger_reenable
2012-08-26 14:52 - 2012-08-26 08:53 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2012-08-26 09:08 - 2012-08-26 08:53 - 00011395 ____A C:\Windows\System32\lvcoinst.log
2012-08-26 09:08 - 2011-10-07 10:56 - 00010648 ____A C:\Windows\LDPINST.LOG
2012-08-21 04:13 - 2012-03-17 08:51 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-08-21 04:13 - 2011-07-06 15:42 - 00969200 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-08-21 04:13 - 2011-07-06 15:42 - 00359464 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-08-21 04:13 - 2011-07-06 15:42 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-08-21 04:13 - 2011-07-06 15:42 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-08-21 04:13 - 2011-07-06 15:42 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-08-21 04:12 - 2011-07-06 15:42 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-08-21 04:12 - 2011-07-06 15:41 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-08-21 04:12 - 2011-07-06 15:41 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-08-18 16:45 - 2009-07-13 23:45 - 04909368 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-17 10:06 - 2011-04-11 15:42 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-10 17:30 - 2012-08-10 16:00 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
2012-08-10 06:48 - 2012-08-10 06:48 - 00000803 ____A C:\Users\Christof\Desktop\TOR-Browser.lnk
2012-08-08 09:35 - 2012-08-08 09:35 - 00000000 ____A C:\Windows\SysWOW64\sho8300.tmp
2012-08-06 03:48 - 2009-07-14 00:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-25 13:14 - 2011-12-29 12:37 - 00000064 ____A C:\Users\Christof\Desktop\Küchenutensilien.txt
2012-07-18 13:15 - 2012-08-15 14:03 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-15 12:01 - 2012-07-15 12:01 - 00002294 ____A C:\Users\Christof\Desktop\CBH Captcha Solver.lnk
2012-07-13 14:49 - 2012-05-26 15:04 - 00000791 ____A C:\Users\Christof\Desktop\Lokale Videos.lnk
2012-07-13 11:34 - 2012-07-13 11:30 - 00000614 ____A C:\Users\Christof\Desktop\SO-Zugang.txt
2012-07-12 13:38 - 2012-07-12 13:38 - 00001032 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-07-12 13:38 - 2012-07-12 13:38 - 00001032 ____A C:\Users\All Users\Desktop\VLC media player.lnk
2012-07-07 15:56 - 2012-06-26 15:31 - 00000627 ____A C:\Users\Christof\Desktop\Lautsprecher Umbau Auto.txt
2012-07-06 17:35 - 2011-09-04 07:09 - 00024018 ____A C:\Users\Christof\Desktop\Wacken Bandlist.ods
2012-07-06 15:07 - 2012-08-17 10:12 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-07-04 17:16 - 2012-08-15 14:03 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 17:13 - 2012-08-15 14:03 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 17:13 - 2012-08-15 14:03 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 16:16 - 2012-08-15 14:03 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 16:14 - 2012-08-15 14:03 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-07-04 12:35 - 2011-04-23 16:34 - 00002162 ____A C:\Users\Christof\Desktop\Grand Theft Auto IV.lnk
2012-07-03 06:46 - 2012-08-10 11:54 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-28 23:55 - 2012-08-17 10:11 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 23:09 - 2012-08-17 10:11 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 22:56 - 2012-08-17 10:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 22:49 - 2012-08-17 10:11 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 22:49 - 2012-08-17 10:11 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 22:48 - 2012-08-17 10:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 22:47 - 2012-08-17 10:11 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 22:45 - 2012-08-17 10:11 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 22:44 - 2012-08-17 10:11 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 22:43 - 2012-08-17 10:11 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 22:42 - 2012-08-17 10:11 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 22:40 - 2012-08-17 10:11 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 22:39 - 2012-08-17 10:11 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 22:35 - 2012-08-17 10:11 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 19:52 - 2012-08-17 10:11 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 19:27 - 2012-08-17 10:11 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 19:16 - 2012-08-17 10:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 19:09 - 2012-08-17 10:11 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 19:09 - 2012-08-17 10:11 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 19:08 - 2012-08-17 10:11 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 19:07 - 2012-08-17 10:11 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 19:06 - 2012-08-17 10:11 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 19:04 - 2012-08-17 10:11 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 19:04 - 2012-08-17 10:11 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 19:01 - 2012-08-17 10:11 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 19:01 - 2012-08-17 10:11 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 19:00 - 2012-08-17 10:11 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 18:57 - 2012-08-17 10:11 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-08-24 11:10:26
Restore point made on: 2012-08-28 14:56:56
Restore point made on: 2012-09-06 12:06:50

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 4010.17 MB
Available physical RAM: 3413.36 MB
Total Pagefile: 4008.32 MB
Available Pagefile: 3414 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions ============================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:82.62 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:1.96 GB) (Free:1.96 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 465 GB 0 B
Datentr„ger 1 Online 2004 MB 0 B

Partitions of Disk 0:
===============

Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 OEM 101 MB 31 KB
Partition 2 Prim„r 14 GB 102 MB
Partition 3 Prim„r 451 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Typ : DE
Versteckt: Ja
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 101 MB Fehlerfre Versteck

==================================================================================

Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 14 GB Fehlerfre

==================================================================================

Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Fehlerfre

==================================================================================

Partitions of Disk 1:
===============

Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 2003 MB 32 KB

==================================================================================

Disk: 1
Partition 1
Typ : 06
Versteckt: Nein
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT Wechselmed 2003 MB Fehlerfre

==================================================================================

Last Boot: 2012-09-06 14:07

==================== End Of Log =============================

Alt 12.09.2012, 14:53   #11
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Downloade dir bitte Farbar's Service Scanner.
Gehe sicher, dass folgende Einstellungen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.
Poste bitte den Inhalt hier.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 16.09.2012, 12:55   #12
Ancalagon
 
iexplorer prozess - Standard

iexplorer prozess



Farbar Service Scanner Version: 06-08-2012
Ran by Christof (administrator) on 16-09-2012 at 13:53:40
Running from "C:\Daten\Downloaded"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-12 18:49] - [2012-08-22 20:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Alt 16.09.2012, 17:12   #13
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Sieht eigentlich alles gut aus.

Update bitte Malwarebytes und lass einen QuickScan laufen. Entferne alle Funde und poste das Logfile hier.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 26.09.2012, 17:29   #14
Larusso
/// Selecta Jahrusso
 
iexplorer prozess - Standard

iexplorer prozess



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu iexplorer prozess
64bit, 7-zip, arbeitsspeicher, aufsetzen, ausgelastet, conduit, einiger, eraser, grand theft auto, hallo zusammen, home, home premium, iexplore.exe, iexplorer, iexplorer.exe, install.exe, intranet, irgend, locker, microsoft office starter 2010, mindestens, neu, nvidia update, nvpciflt.sys, plug-in, premium, probleme, prozess, prozesse, recuva, schei, seltsame, synology, tablet, taskma, taskmanager, usb 2.0, usb 3.0, windows, windows 7, wscript.exe, zusammen



Ähnliche Themen: iexplorer prozess


  1. Internet Explorer Prozess (NUR PROZESS) iexplore.exe startet sich selbst 3 mal
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (21)
  2. Internet Explorer Prozess (NUR PROZESS) iexplore.exe startet sich selbst 3 mal
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (9)
  3. Prozess Withelisting
    Antiviren-, Firewall- und andere Schutzprogramme - 07.07.2010 (1)
  4. 2 mal firefox-prozess?
    Log-Analyse und Auswertung - 12.04.2010 (1)
  5. Prozess Canaveral?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2010 (1)
  6. injected Prozess
    Plagegeister aller Art und deren Bekämpfung - 09.08.2009 (2)
  7. Hab Prozess csrss.exe
    Plagegeister aller Art und deren Bekämpfung - 29.06.2009 (1)
  8. Der prozess iexplorer.exe verbraucht immer aller mindestens 60K
    Log-Analyse und Auswertung - 07.02.2009 (0)
  9. Prozess MDM
    Plagegeister aller Art und deren Bekämpfung - 21.03.2008 (2)
  10. Problem mit Prozess: iexplorer.exe
    Log-Analyse und Auswertung - 14.03.2007 (8)
  11. PROZESS iexplorer.exe verschwindet nicht
    Mülltonne - 11.03.2007 (1)
  12. Problem, Prozess
    Mülltonne - 08.03.2007 (1)
  13. Unbekannter Prozess!
    Log-Analyse und Auswertung - 26.10.2006 (8)
  14. Prozess iexplorer.exe
    Log-Analyse und Auswertung - 10.08.2006 (1)
  15. Norton Prozess
    Antiviren-, Firewall- und andere Schutzprogramme - 03.03.2006 (7)
  16. fragwürdiger Prozess
    Plagegeister aller Art und deren Bekämpfung - 26.01.2005 (3)
  17. Frage zu nem Prozess...
    Alles rund um Windows - 09.01.2004 (2)

Zum Thema iexplorer prozess - Hallo zusammen, ich hab seit einiger Zeit Probleme mit meinem Arbeitsspeicher, der völlig ausgelastet zu sein scheint, Ich hab das Problem mitlerweile eingegrenzt auf einen seltsamen Prozess, nämlich iexplore.exe (und - iexplorer prozess...
Archiv
Du betrachtest: iexplorer prozess auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.