Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Diese Webseite kann nicht angezeigt werden - Trojaner

Diese Webseite kann nicht angezeigt werden - Trojaner


Plagegeister aller Art und deren Bekämpfung: Diese Webseite kann nicht angezeigt werden - Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 25.09.2012, 16:38   #1
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Hallo liebe Community,

ich habe auch das Problem, dass sobald ich meinen Laptop mit Windows 7 Ultimate starte, ein weißer Vollbildscreen kommt, auf dem steht "Diese Webseite kann nicht angezeigt werden". Keine Tastenkombination ausser dem Taskmanager funktioniert.


Ich habe schon OTL benutzt und folgenden Code benutzt:

Code:
ATTFilter
 activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
Hier OTL.txt

Code:
ATTFilter
OTL logfile created on: 31.12.2000 23:29:02 - Run 1
OTL by OldTimer - Version 3.2.68.0     Folder = F:\
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,16 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 85,94% Memory free
4,33 Gb Paging File | 4,05 Gb Available in Paging File | 93,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49,14 Gb Total Space | 18,79 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
Drive E: | 416,30 Gb Total Space | 45,38 Gb Free Space | 10,90% Space Free | Partition Type: HFS
Drive F: | 1,86 Gb Total Space | 0,41 Gb Free Space | 22,26% Space Free | Partition Type: FAT
 
Computer Name: HERRBERGMANN-PC | User Name: Herr Bergmann | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.25 17:05:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.16 13:26:39 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.08.15 17:34:40 | 000,194,432 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.09 00:24:20 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2011.02.07 16:35:37 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.07 16:35:37 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.02.07 16:33:31 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.08.24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.07.26 02:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.04.19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 12:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011.08.15 17:34:40 | 000,058,200 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS)
DRV - [2011.08.15 17:34:40 | 000,015,320 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT)
DRV - [2011.08.15 17:34:40 | 000,015,064 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2011.06.28 00:28:37 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc)
DRV - [2011.06.02 19:36:46 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2011.06.02 19:36:41 | 000,034,304 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\applebmt.sys -- (applebmt)
DRV - [2011.03.01 23:08:08 | 000,054,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bScsiSDx.sys -- (bScsiSDx)
DRV - [2011.02.07 16:35:37 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011.02.07 16:35:33 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter)
DRV - [2011.02.07 16:34:52 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2011.02.07 16:34:42 | 000,029,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtp.sys -- (applemtp)
DRV - [2011.02.07 16:34:42 | 000,010,880 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtm.sys -- (applemtm)
DRV - [2011.02.07 16:34:38 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2011.02.07 16:33:31 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.02.07 16:33:31 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpials.sys -- (acpials)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 72 F5 74 64 0B CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer@divx.com:2.0.2.039
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.09.11 09:04:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.16 16:37:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.16 13:26:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.16 13:26:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.10.09 12:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herr Bergmann\AppData\Roaming\mozilla\Extensions
[2012.05.02 19:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herr Bergmann\AppData\Roaming\mozilla\Firefox\Profiles\xwndc1gg.default\extensions
[2011.10.09 19:27:16 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Herr Bergmann\AppData\Roaming\mozilla\firefox\profiles\xwndc1gg.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.01.15 23:19:08 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.16 13:26:39 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.16 13:26:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.16 13:26:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.16 13:26:38 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.16 13:26:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.16 13:26:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.16 13:26:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Programme\Boot Camp\Bootcamp.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [jdmffyypucepojo] C:\ProgramData\jdmffyyp.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - c:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - c:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0931FFE-B8C5-4249-99DE-79F4EA1B05F3}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D1F418-B6CB-442B-9A08-202146E2C806}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47B3BDBB-F2AE-4B55-95C8-921C25DB3B76} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5A604D2C-E968-429B-8327-62B5CE52126D} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^Users^Herr Bergmann^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.25 14:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\cgaltvububnqbrn
[2012.09.11 09:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.08.25 15:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.08.25 15:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Guild Wars 2
[2012.08.25 15:36:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012.08.25 15:14:52 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\elsterformular
[2012.08.25 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2012.08.25 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2012.08.25 15:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2012.08.24 14:43:18 | 000,301,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012.08.15 14:18:12 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Funcom
[2012.08.15 14:07:23 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Macromedia
[2012.07.26 02:21:30 | 000,237,408 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2012.05.17 22:44:44 | 000,000,000 | RH-D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\SecuROM
[2012.05.17 22:44:43 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.05.11 00:21:54 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Chromium
[2012.05.10 20:43:50 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Documents\GUILD WARS 2
[2012.05.07 21:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.05.07 21:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.19 14:32:47 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Desktop\view_email.aspx-Dateien
[2012.04.19 03:50:26 | 000,024,896 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
[2012.04.12 12:16:48 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\WinRAR
[2012.04.12 12:16:47 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.04.12 12:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.04.12 12:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.02.23 23:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.23 23:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.02.23 23:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.22 15:20:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.02.19 02:37:48 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Diagnostics
[2012.01.31 03:46:50 | 000,031,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2012.01.23 16:28:32 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\vlc
[2012.01.23 16:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.01.23 16:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.01.21 13:46:33 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.12.23 12:32:14 | 000,041,040 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2011.12.23 12:32:08 | 000,017,232 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2011.12.23 12:32:06 | 000,024,144 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsfilterx.sys
[2011.12.23 12:32:00 | 000,139,856 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2011.12.17 15:31:57 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\ATI
[2011.12.17 15:31:57 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\ATI
[2011.12.17 15:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.17 15:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011.12.17 15:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.12.17 15:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011.12.17 15:29:55 | 000,000,000 | ---D | C] -- C:\ATI
[2011.12.17 15:27:21 | 000,000,000 | ---D | C] -- C:\AMD
[2011.12.16 22:40:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.12.16 22:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.12.16 22:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.12.07 21:58:39 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\OpenOffice.org
[2011.12.07 21:57:39 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.12.07 21:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011.12.07 21:56:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.12.07 21:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.12.07 21:56:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.11.27 21:51:52 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Documents\HeroBlade Logs
[2011.11.27 18:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.11.27 18:20:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011.11.23 18:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2011.11.19 16:22:15 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Apple Computer
[2011.11.19 16:22:14 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Apple Computer
[2011.11.19 16:21:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.11.19 16:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.11.19 16:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.11.19 16:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.11.19 16:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.11.10 20:59:46 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Adobe
[2011.11.10 20:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.11.10 20:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.11.10 20:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.11.09 22:37:46 | 000,044,032 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.11.06 02:50:28 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Documents\SimpleMeter
[2011.11.06 01:43:34 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\TS3Client
[2011.11.06 01:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.11.06 01:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011.10.23 21:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011.10.21 20:16:12 | 001,843,200 | ---- | C] (Multicore Ware) -- C:\Windows\System32\SlotMaximizerBe.dll
[2011.10.21 20:15:46 | 000,104,448 | ---- | C] (Multicore Ware) -- C:\Windows\System32\SlotMaximizerAg.dll
[2011.10.10 15:38:40 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.10.10 14:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.10.10 14:19:36 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\uTorrent
[2011.10.10 14:19:36 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\uTorrent
[2011.10.10 14:13:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011.10.10 14:12:28 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\RIFT
[2011.10.09 19:56:45 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.10.09 19:56:30 | 000,000,000 | -HSD | C] -- C:\Boot
[2011.10.09 18:13:11 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Skype
[2011.10.09 18:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.10.09 17:40:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011.10.09 17:35:58 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Documents\Games for Windows - LIVE Demos
[2011.10.09 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Lionhead Studios
[2011.10.09 17:33:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2011.10.09 17:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.10.09 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.10.09 16:47:26 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\Documents\Belastingdienst
[2011.10.09 16:47:26 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Belastingdienst
[2011.10.09 13:04:41 | 000,000,000 | ---D | C] -- C:\C92DC0695643F2387664
[2011.10.09 12:49:19 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.10.09 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Macromedia
[2011.10.09 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Adobe
[2011.10.09 12:47:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011.10.09 12:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011.10.09 12:31:39 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\AVG2012
[2011.10.09 12:31:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.10.09 12:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011.10.09 12:30:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011.10.09 12:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011.10.09 12:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.10.09 12:26:10 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Mozilla
[2011.10.09 12:26:10 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Mozilla
[2011.10.09 12:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011.10.09 10:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Boot Camp
[2011.10.09 10:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2011.10.09 10:15:39 | 000,058,656 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.10.09 10:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.10.09 10:14:33 | 000,065,824 | ---- | C] (Cirrus Logic Inc.) -- C:\Windows\System32\CirrusAPO_x86.dll
[2011.10.09 10:14:33 | 000,014,336 | ---- | C] (Cirrus Logic) -- C:\Windows\System32\drivers\CS420x86.sys
[2011.10.09 10:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011.10.09 10:14:19 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2011.10.09 10:14:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011.10.09 10:14:19 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.10.09 10:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.10.09 10:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011.10.09 10:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2011.10.09 10:13:22 | 000,397,312 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2011.10.09 10:13:22 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2011.10.09 10:13:17 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2011.10.09 10:13:05 | 000,015,872 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2011.10.09 10:12:50 | 000,058,144 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2011.10.09 10:12:47 | 000,000,000 | ---D | C] -- C:\Intel
[2011.10.09 10:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.10.09 10:10:49 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Apple
[2011.10.09 10:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.10.09 10:10:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.10.09 10:07:07 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.10.09 10:07:07 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Searches
[2011.10.09 10:07:07 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.10.09 10:06:57 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Identities
[2011.10.09 10:06:55 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Contacts
[2011.10.09 10:06:49 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\VirtualStore
[2011.10.09 10:06:47 | 000,000,000 | --SD | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Videos
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Saved Games
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Pictures
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Music
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Links
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Favorites
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Downloads
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Documents
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\Desktop
[2011.10.09 10:06:47 | 000,000,000 | R--D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Vorlagen
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\AppData\Local\Verlauf
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\AppData\Local\Temporary Internet Files
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Startmenü
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\SendTo
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Recent
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Netzwerkumgebung
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Lokale Einstellungen
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Documents\Eigene Videos
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Documents\Eigene Musik
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Eigene Dateien
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Documents\Eigene Bilder
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Druckumgebung
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Cookies
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\AppData\Local\Anwendungsdaten
[2011.10.09 10:06:47 | 000,000,000 | -HSD | C] -- C:\Users\Herr Bergmann\Anwendungsdaten
[2011.10.09 10:06:47 | 000,000,000 | -H-D | C] -- C:\Users\Herr Bergmann\AppData
[2011.10.09 10:06:47 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Temp
[2011.10.09 10:06:47 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Local\Microsoft
[2011.10.09 10:06:47 | 000,000,000 | ---D | C] -- C:\Users\Herr Bergmann\AppData\Roaming\Media Center Programs
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.10.09 10:06:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.10.09 10:00:35 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.10.09 09:58:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.10.09 09:57:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.08.19 07:13:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\ru-RU
[2009.08.19 07:13:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2009.08.19 07:13:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru
[2009.08.19 07:13:19 | 000,000,000 | ---D | C] -- C:\Windows\ru-RU
[2009.08.19 07:09:42 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ru-RU\yk62x86.sys.mui
[2009.08.19 07:09:42 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1q6032.sys.mui
[2009.08.19 07:09:42 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1k6032.sys.mui
[2009.08.19 07:09:42 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerIb.sys.mui
[2009.08.19 07:09:42 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ru-RU\ltmdmnt.sys.mui
[2009.08.19 07:09:36 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ru-RU\pscr.sys.mui
[2009.08.19 07:09:35 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerId.sys.mui
[2009.08.19 07:09:35 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrParwdm.sys.mui
[2009.08.19 07:09:31 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\mountmgr.sys.mui
[2009.08.19 07:09:05 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\volmgrx.sys.mui
[2009.08.19 07:03:45 | 000,000,000 | ---D | C] -- C:\Windows\nl-NL
[2009.08.19 07:03:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl
[2009.08.19 07:03:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413
[2009.08.19 07:03:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\nl-NL
[2009.08.19 07:03:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2009.08.19 06:59:55 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nl-NL\yk62x86.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerId.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerIb.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nl-NL\ltmdmnt.sys.mui
[2009.08.19 06:59:49 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nl-NL\pscr.sys.mui
[2009.08.19 06:59:47 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrParwdm.sys.mui
[2009.08.19 06:53:01 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2009.08.19 06:52:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\it-IT
[2009.08.19 06:52:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2009.08.19 06:52:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410
[2009.08.19 06:52:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2009.08.19 06:49:53 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2009.08.19 06:49:47 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2009.08.19 06:49:45 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2009.08.19 06:42:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\es-ES
[2009.08.19 06:42:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2009.08.19 06:42:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A
[2009.08.19 06:42:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2009.08.19 06:42:47 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2009.08.19 06:39:58 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk62x86.sys.mui
[2009.08.19 06:39:57 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerId.sys.mui
[2009.08.19 06:39:57 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerIb.sys.mui
[2009.08.19 06:39:57 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2009.08.19 06:39:52 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\es-ES\pscr.sys.mui
[2009.08.19 06:39:50 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrParwdm.sys.mui
[2009.08.19 06:33:38 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2009.08.19 06:33:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C
[2009.08.19 06:33:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\fr-FR
[2009.08.19 06:33:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2009.08.19 06:33:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2009.08.19 06:31:32 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2009.08.19 06:31:32 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2009.08.19 06:31:32 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2009.08.19 06:31:27 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2009.08.19 06:31:24 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2009.08.19 06:31:24 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2009.08.19 06:26:05 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2009.08.19 06:25:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2009.08.19 06:25:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\de-DE
[2009.08.19 06:25:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2009.08.19 06:25:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2009.08.19 06:25:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2009.08.19 06:24:17 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2009.08.19 06:24:17 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2009.08.19 06:24:17 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2009.08.19 06:24:12 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2009.08.19 06:24:11 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2009.08.19 06:24:11 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2009.07.14 08:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal
[2009.07.14 08:49:48 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2009.07.14 08:49:48 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2009.07.14 08:49:45 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents
[2009.07.14 08:49:45 | 000,000,000 | ---D | C] -- C:\Windows\RemotePackages
[2009.07.14 08:49:45 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2009.07.14 08:48:45 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\winrm
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCN
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\slmgr
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF\en-US
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\en-US
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\en
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker
[2009.07.14 05:56:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\0409
[2009.07.14 05:56:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Printing_Admin_Scripts
[2009.07.14 05:55:09 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\en-US\pscr.sys.mui
[2009.07.14 05:55:07 | 000,032,256 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\en-US\yk62x86.sys.mui
[2009.07.14 05:54:41 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrSerId.sys.mui
[2009.07.14 05:54:41 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrSerIb.sys.mui
[2009.07.14 05:54:41 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\en-US\ltmdmnt.sys.mui
[2009.07.14 05:54:41 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrParwdm.sys.mui
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2009.07.14 05:53:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2009.07.14 05:53:23 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009.07.14 05:52:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2009.07.14 05:52:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WinBioPlugIns
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WinBioDatabase
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\twain_32
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\restore
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Performance
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Offline Web Pages
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\FxsTmp
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Maker
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics
[2009.07.14 05:52:30 | 000,000,000 | ---D | C] -- C:\Windows\addins
[2009.07.14 05:34:21 | 000,000,000 | ---D | C] -- C:\Windows\debug
[2009.07.14 05:34:16 | 000,000,000 | ---D | C] -- C:\Windows\Setup
[2009.07.14 05:34:13 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2009.07.14 05:34:06 | 000,000,000 | --SD | C] -- C:\Windows\System32\Microsoft
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-TW
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-HK
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CN
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\winsxs
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\winevt
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wfp
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Web
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wdi
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\wbem
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Vss
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\uk-UA
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr-TR
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\tracing
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\th-TH
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\Tasks
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\Tasks
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\TAPI
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sysprep
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv-SE
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sr-Latn-CS
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sppui
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\spp
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\spool
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\Speech
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SMI
[2009.07.14 03:37:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\sl-SI
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\UMDF
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\sk-SK
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Setup
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru-RU
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ro-RO
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Recovery
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ras
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt-PT
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pt-BR
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\pl-PL
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\oobe
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl-NL
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\NetworkList
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\NDF
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\nb-NO
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\MUI
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Msdtc
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\migwiz
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\migration
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\manifeststore
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\lv-LV
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\lt-LT
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\LogFiles
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko-KR
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja-JP
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\it-IT
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\inetsrv
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\IME
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\icsxml
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\ias
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\hu-HU
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\hr-HR
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\he-IL
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\GroupPolicyUsers
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\GroupPolicy
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr-FR
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\fi-FI
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\et-EE
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\etc
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-ES
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\en-US
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\el-GR
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\DriverStore
[2009.07.14 03:37:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\system
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Speech
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\servicing
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\security
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\schemas
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\SchCache
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Resources
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\PLA
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft.NET
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Dism
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\de-DE
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\da-DK
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\cs-CZ
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\config
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\com
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\CodeIntegrity
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Boot
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\bg-BG
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar-SA
[2009.07.14 03:37:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\AdvancedInstallers
[2009.07.14 03:37:06 | 000,000,000 | R-SD | C] -- C:\Windows\Media
[2009.07.14 03:37:06 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Logs
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\inf
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\IME
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Help
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Globalization
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Cursors
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Branding
[2009.07.14 03:37:06 | 000,000,000 | ---D | C] -- C:\Windows\Boot
[2009.07.14 03:37:05 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft
[2009.07.14 03:37:05 | 000,000,000 | R-SD | C] -- C:\Windows\assembly
[2009.07.14 03:37:05 | 000,000,000 | R--D | C] -- C:\Users
[2009.07.14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2009.07.14 03:37:05 | 000,000,000 | R--D | C] -- C:\Program Files
[2009.07.14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2009.07.14 03:37:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2009.07.14 03:37:05 | 000,000,000 | -H-D | C] -- C:\ProgramData
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Windows
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch
[2009.07.14 03:37:05 | 000,000,000 | ---D | C] -- C:\Windows\AppCompat
[2009.07.14 03:36:15 | 000,000,000 | -HSD | C] -- C:\$Recycle.Bin
[2009.07.14 01:59:14 | 000,017,408 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\brcoinst.dll
[2009.07.14 00:25:34 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.25 14:58:41 | 095,685,175 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.09.25 14:56:41 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.25 14:56:41 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.25 14:47:22 | 000,077,701 | ---- | M] () -- C:\ProgramData\bkciwmswssufmeb
[2012.09.25 06:43:15 | 000,086,016 | ---- | M] () -- C:\ProgramData\jdmffyyp.exe
[2012.09.25 06:43:15 | 000,086,016 | ---- | M] () -- C:\Users\Herr Bergmann\0.40886653536471984.exe
[2012.09.17 20:44:50 | 000,253,411 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Sofortüberweisung Cheaptickets.xps
[2012.09.17 19:13:58 | 000,141,112 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\REVISED MODULE DATES Bali to Thailand.pdf
[2012.09.17 14:44:22 | 003,271,682 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Badesalz - 06 - Daabefuckeler.mp3
[2012.09.16 12:13:18 | 000,249,902 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\schedule1.xps
[2012.09.12 18:55:03 | 006,666,057 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Aitken-Spence-Hotel-Holdings-PLC-11-12.pdf
[2012.09.11 09:04:38 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.08.25 15:42:43 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.25 15:37:20 | 000,012,444 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\komprimierte Steuererklärung_ESt2011_BERGMANN_JULIAN.pdf
[2012.08.25 15:35:12 | 000,041,036 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\ESt2011_BERGMANN_JULIAN.elfo
[2012.08.25 15:14:24 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.08.24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012.07.26 02:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2012.05.17 22:44:43 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.04.27 16:27:29 | 000,246,242 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.04.19 14:40:31 | 000,244,733 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Beatport Order Receipt April JBergmann.xps
[2012.04.19 14:32:47 | 000,013,992 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\view_email.aspx.htm
[2012.04.19 14:30:48 | 000,210,996 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\gageverklaring.pdf
[2012.04.19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidshx.sys
[2012.04.15 18:11:36 | 000,220,160 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Group lists period 4 2011-2012 dd 14042012
[2012.04.09 20:11:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.04.02 17:31:45 | 000,032,253 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\381856_282483195121854_109628312407344_717696_693534084_n.jpg
[2012.04.02 11:21:46 | 000,085,508 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\Horeca cao English April 2010 to 31 March 2012.pdf
[2012.03.19 14:14:59 | 000,032,015 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\swtor_eu_60_days_gamecard_99088848_KVAXBXZZ.jpg
[2012.03.15 12:42:06 | 000,013,515 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\P&P Planning1.odt
[2012.02.23 23:11:30 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.02.22 15:19:50 | 000,001,066 | ---- | M] () -- C:\Users\Herr Bergmann\Documents\cc_20120222_151946.reg
[2012.01.31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2012.01.23 16:27:19 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.12.23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2011.12.23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2011.12.23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsfilterx.sys
[2011.12.23 12:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\avgidsdriverx.sys
[2011.12.22 22:07:44 | 000,026,728 | ---- | M] () -- C:\Users\Herr Bergmann\Documents\cc_20111222_220736.reg
[2011.12.22 15:44:06 | 000,025,457 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\swtor_eu_60_days_gamecard_41237170_X42AW9XU.jpg
[2011.12.16 14:17:15 | 000,292,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.02 18:07:45 | 000,496,082 | ---- | M] () -- C:\Users\Herr Bergmann\Desktop\FLT_2RQ6FR18907_0.pdf
[2011.11.27 18:36:52 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.09 22:39:44 | 000,059,904 | ---- | M] () -- C:\Windows\System32\OpenVideo.dll
[2011.11.09 22:39:32 | 000,054,784 | ---- | M] () -- C:\Windows\System32\OVDecode.dll
[2011.11.09 22:37:46 | 000,044,032 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.10.23 21:32:59 | 000,561,420 | ---- | M] () -- C:\Windows\System32\oem39.inf
[2011.10.21 20:16:12 | 001,843,200 | ---- | M] (Multicore Ware) -- C:\Windows\System32\SlotMaximizerBe.dll
[2011.10.21 20:15:46 | 000,104,448 | ---- | M] (Multicore Ware) -- C:\Windows\System32\SlotMaximizerAg.dll
[2011.10.09 19:56:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.10.09 10:18:26 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.10.09 10:15:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_applemtp_01005.Wdf
[2011.10.09 10:15:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_applemtm_01005.Wdf
[2011.10.09 10:14:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_applebmt_01005.Wdf
[2011.10.09 10:14:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_AppleBtBc_01005.Wdf
[2011.10.09 10:12:18 | 000,561,420 | ---- | M] () -- C:\Windows\System32\oem7.inf
[2011.10.09 10:11:48 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_KeyMagic_01005.Wdf
[2011.10.09 10:04:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
[2011.10.09 10:02:31 | 000,053,911 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011.08.15 17:34:40 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | M] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.08 02:35:36 | 000,058,656 | R--- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.02.07 16:35:37 | 000,013,600 | ---- | M] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011.02.07 16:35:33 | 000,065,824 | ---- | M] (Cirrus Logic Inc.) -- C:\Windows\System32\CirrusAPO_x86.dll
[2011.02.07 16:35:33 | 000,014,336 | ---- | M] (Cirrus Logic) -- C:\Windows\System32\drivers\CS420x86.sys
[2011.02.07 16:33:33 | 000,675,584 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2011.02.07 16:33:33 | 000,058,144 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2011.02.07 16:33:32 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2011.02.07 16:33:32 | 000,022,280 | ---- | M] () -- C:\Windows\atiogl.xml
[2011.02.07 16:33:32 | 000,002,975 | ---- | M] () -- C:\Windows\System32\atipblag.dat
[2011.02.07 16:33:31 | 000,397,312 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2011.02.07 16:33:31 | 000,226,857 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2011.02.07 16:33:31 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2011.02.07 16:33:31 | 000,138,384 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2011.02.07 16:33:31 | 000,015,872 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2009.08.19 07:10:56 | 000,336,704 | ---- | M] () -- C:\Windows\System32\perfi019.dat
[2009.08.19 07:10:56 | 000,039,446 | ---- | M] () -- C:\Windows\System32\perfd019.dat
[2009.08.19 07:09:42 | 000,033,792 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\ru-RU\yk62x86.sys.mui
[2009.08.19 07:09:42 | 000,011,264 | ---- | M] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1q6032.sys.mui
[2009.08.19 07:09:42 | 000,011,264 | ---- | M] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1k6032.sys.mui
[2009.08.19 07:09:42 | 000,010,752 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerIb.sys.mui
[2009.08.19 07:09:42 | 000,010,240 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\ru-RU\ltmdmnt.sys.mui
[2009.08.19 07:09:36 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ru-RU\pscr.sys.mui
[2009.08.19 07:09:35 | 000,010,752 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerId.sys.mui
[2009.08.19 07:09:35 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrParwdm.sys.mui
[2009.08.19 07:09:31 | 000,002,560 | ---- | M] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\mountmgr.sys.mui
[2009.08.19 07:09:05 | 000,002,560 | ---- | M] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\volmgrx.sys.mui
[2009.08.19 07:01:28 | 000,341,322 | ---- | M] () -- C:\Windows\System32\perfi013.dat
[2009.08.19 07:01:28 | 000,043,068 | ---- | M] () -- C:\Windows\System32\perfd013.dat
[2009.08.19 06:59:55 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\nl-NL\yk62x86.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerId.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerIb.sys.mui
[2009.08.19 06:59:54 | 000,011,264 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\nl-NL\ltmdmnt.sys.mui
[2009.08.19 06:59:49 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nl-NL\pscr.sys.mui
[2009.08.19 06:59:47 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrParwdm.sys.mui
[2009.08.19 06:51:09 | 000,335,478 | ---- | M] () -- C:\Windows\System32\perfi010.dat
[2009.08.19 06:51:09 | 000,037,534 | ---- | M] () -- C:\Windows\System32\perfd010.dat
[2009.08.19 06:49:53 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2009.08.19 06:49:52 | 000,011,264 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2009.08.19 06:49:47 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2009.08.19 06:49:45 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2009.08.19 06:41:20 | 000,341,432 | ---- | M] () -- C:\Windows\System32\perfi00A.dat
[2009.08.19 06:41:20 | 000,041,390 | ---- | M] () -- C:\Windows\System32\perfd00A.dat
[2009.08.19 06:39:58 | 000,033,792 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk62x86.sys.mui
[2009.08.19 06:39:57 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerId.sys.mui
[2009.08.19 06:39:57 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerIb.sys.mui
[2009.08.19 06:39:57 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2009.08.19 06:39:52 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\es-ES\pscr.sys.mui
[2009.08.19 06:39:50 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrParwdm.sys.mui
[2009.08.19 06:32:42 | 000,344,522 | ---- | M] () -- C:\Windows\System32\perfi00C.dat
[2009.08.19 06:32:42 | 000,038,160 | ---- | M] () -- C:\Windows\System32\perfd00C.dat
[2009.08.19 06:31:32 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2009.08.19 06:31:32 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2009.08.19 06:31:32 | 000,011,264 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2009.08.19 06:31:27 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2009.08.19 06:31:24 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2009.08.19 06:31:24 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2009.08.19 06:25:35 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2009.08.19 06:25:35 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2009.08.19 06:24:17 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2009.08.19 06:24:17 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2009.08.19 06:24:17 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2009.08.19 06:24:12 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2009.08.19 06:24:11 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2009.08.19 06:24:11 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2009.07.14 05:56:51 | 000,021,504 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2009.07.14 05:47:13 | 000,009,216 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2009.07.14 05:42:29 | 000,001,244 | ---- | M] () -- C:\Windows\System32\migwiz.lnk
[2009.07.14 05:42:26 | 000,000,535 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2009.07.14 03:09:40 | 000,010,240 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrSerId.sys.mui
[2009.07.14 03:07:42 | 000,009,728 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\en-US\ltmdmnt.sys.mui
[2009.07.14 03:04:20 | 000,010,240 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrSerIb.sys.mui
[2009.07.14 03:03:46 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\en-US\pscr.sys.mui
[2009.07.14 03:03:08 | 000,032,256 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\en-US\yk62x86.sys.mui
[2009.07.14 03:02:36 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\en-US\BrParwdm.sys.mui
[2009.07.14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009.07.14 02:15:21 | 000,093,696 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2009.07.14 02:15:00 | 000,073,728 | ---- | M] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 02:15:00 | 000,064,000 | ---- | M] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 02:15:00 | 000,017,408 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\brcoinst.dll
[2009.07.14 02:14:28 | 000,066,048 | ---- | M] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:34:40 | 000,291,294 | ---- | M] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 01:34:38 | 000,031,548 | ---- | M] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 00:06:14 | 000,004,453 | ---- | M] () -- C:\Windows\System32\odbcconf.rsp
[2009.07.13 23:58:08 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin
[2009.07.13 23:38:23 | 000,071,951 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2009.07.13 22:38:33 | 000,000,610 | ---- | M] () -- C:\Windows\System32\WdsUnattendTemplate.xml
[2009.07.13 21:29:26 | 000,000,714 | ---- | M] () -- C:\Windows\System32\RestartManager.mof
[2009.07.13 21:29:26 | 000,000,176 | ---- | M] () -- C:\Windows\System32\RestartManagerUninstall.mof
[2009.07.13 19:59:22 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2009.06.10 22:47:11 | 000,047,679 | ---- | M] () -- C:\Windows\System32\diskmgmt.msc
[2009.06.10 22:46:53 | 000,008,280 | ---- | M] () -- C:\Windows\System32\spcinstrumentation.man
[2009.06.10 22:46:40 | 000,152,516 | ---- | M] () -- C:\Windows\System32\systemsf.ebd
[2009.06.10 22:46:28 | 000,105,371 | ---- | M] () -- C:\Windows\System32\RacRules.xml
[2009.06.10 22:46:08 | 000,145,640 | ---- | M] () -- C:\Windows\System32\devmgmt.msc
[2009.06.10 22:44:34 | 003,170,304 | ---- | M] () -- C:\Windows\System32\boot.sdi
[2009.06.10 22:43:22 | 000,000,874 | ---- | M] () -- C:\Windows\System32\manage-bde.wsf
[2009.06.10 22:43:20 | 000,144,862 | ---- | M] () -- C:\Windows\System32\tpm.msc
[2009.06.10 22:42:54 | 000,028,420 | ---- | M] () -- C:\Windows\System32\bios1.rom
[2009.06.10 22:42:54 | 000,018,832 | ---- | M] () -- C:\Windows\System32\v7vga.rom
[2009.06.10 22:42:54 | 000,008,191 | ---- | M] () -- C:\Windows\System32\bios4.rom
[2009.06.10 22:42:49 | 000,000,707 | ---- | M] () -- C:\Windows\_default.pif
[2009.06.10 22:42:32 | 000,021,232 | ---- | M] () -- C:\Windows\System32\graphics.pro
[2009.06.10 22:42:20 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009.06.10 22:42:20 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2009.06.10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009.06.10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009.06.10 22:42:08 | 000,000,843 | ---- | M] () -- C:\Windows\System32\onlinesetup.cmd
[2009.06.10 22:42:07 | 000,004,041 | ---- | M] () -- C:\Windows\System32\xwizard.dtd
[2009.06.10 22:41:29 | 000,211,938 | ---- | M] () -- C:\Windows\System32\lcphrase.tbl
[2009.06.10 22:41:29 | 000,024,114 | ---- | M] () -- C:\Windows\System32\lcptr.tbl
[2009.06.10 22:40:51 | 000,146,389 | ---- | M] () -- C:\Windows\System32\printmanagement.msc
[2009.06.10 22:40:47 | 000,201,034 | ---- | M] () -- C:\Windows\System32\winrm.vbs
[2009.06.10 22:40:47 | 000,004,675 | ---- | M] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2009.06.10 22:40:47 | 000,002,426 | ---- | M] () -- C:\Windows\System32\WsmTxt.xsl
[2009.06.10 22:40:47 | 000,001,559 | ---- | M] () -- C:\Windows\System32\WsmPty.xsl
[2009.06.10 22:40:47 | 000,000,035 | ---- | M] () -- C:\Windows\System32\winrm.cmd
[2009.06.10 22:39:59 | 000,001,041 | ---- | M] () -- C:\Windows\System32\tcpbidi.xml
[2009.06.10 22:39:54 | 000,003,577 | ---- | M] () -- C:\Windows\System32\sysprtj.sep
[2009.06.10 22:39:54 | 000,003,214 | ---- | M] () -- C:\Windows\System32\sysprint.sep
[2009.06.10 22:39:53 | 000,000,114 | ---- | M] () -- C:\Windows\System32\pcl.sep
[2009.06.10 22:39:53 | 000,000,051 | ---- | M] () -- C:\Windows\System32\pscript.sep
[2009.06.10 22:39:44 | 000,144,673 | ---- | M] () -- C:\Windows\System32\WmiMgmt.msc
[2009.06.10 22:39:37 | 000,017,463 | ---- | M] () -- C:\Windows\System32\drivers\etc\services
[2009.06.10 22:39:37 | 000,003,683 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts.sam
[2009.06.10 22:39:37 | 000,001,358 | ---- | M] () -- C:\Windows\System32\drivers\etc\protocol
[2009.06.10 22:39:37 | 000,000,824 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009.06.10 22:39:37 | 000,000,407 | ---- | M] () -- C:\Windows\System32\drivers\etc\networks
[2009.06.10 22:39:18 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2009.06.10 22:38:48 | 000,113,629 | ---- | M] () -- C:\Windows\System32\slmgr.vbs
[2009.06.10 22:38:43 | 000,145,059 | ---- | M] () -- C:\Windows\System32\taskschd.msc
[2009.06.10 22:38:33 | 000,145,127 | ---- | M] () -- C:\Windows\System32\eventvwr.msc
[2009.06.10 22:38:10 | 000,017,935 | ---- | M] () -- C:\Windows\System32\EventViewer_EventDetails.xsl
[2009.06.10 22:36:33 | 000,063,070 | ---- | M] () -- C:\Windows\System32\certmgr.msc
[2009.06.10 22:35:57 | 000,120,458 | ---- | M] () -- C:\Windows\System32\secpol.msc
[2009.06.10 22:34:45 | 000,215,943 | ---- | M] () -- C:\Windows\System32\dssec.dat
[2009.06.10 22:34:23 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx
[2009.06.10 22:32:47 | 000,000,741 | ---- | M] () -- C:\Windows\System32\NOISE.DAT
[2009.06.10 22:32:07 | 000,002,060 | ---- | M] () -- C:\Windows\System32\noise.jpn
[2009.06.10 22:31:26 | 000,145,519 | ---- | M] () -- C:\Windows\System32\perfmon.msc
[2009.06.10 22:29:34 | 000,000,697 | ---- | M] () -- C:\Windows\System32\NOISE.THA
[2009.06.10 22:29:29 | 011,967,524 | ---- | M] () -- C:\Windows\System32\korwbrkr.lex
[2009.06.10 22:29:29 | 000,001,486 | ---- | M] () -- C:\Windows\System32\noise.kor
[2009.06.10 22:29:28 | 000,001,696 | ---- | M] () -- C:\Windows\System32\NOISE.CHT
[2009.06.10 22:29:17 | 000,001,696 | ---- | M] () -- C:\Windows\System32\NOISE.CHS
[2009.06.10 22:28:59 | 000,147,439 | ---- | M] () -- C:\Windows\System32\gpedit.msc
[2009.06.10 22:28:59 | 000,043,566 | ---- | M] () -- C:\Windows\System32\rsop.msc
[2009.06.10 22:27:46 | 000,115,091 | ---- | M] () -- C:\Windows\System32\WF.msc
[2009.06.10 22:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2009.06.10 22:26:15 | 000,144,998 | ---- | M] () -- C:\Windows\System32\lusrmgr.msc
[2009.06.10 22:26:10 | 000,673,088 | ---- | M] () -- C:\Windows\System32\mlang.dat
[2009.06.10 22:26:01 | 000,127,213 | ---- | M] () -- C:\Windows\System32\ega.cpi
[2009.06.10 22:25:52 | 000,063,411 | ---- | M] () -- C:\Windows\System32\NAPCLCFG.MSC
[2009.06.10 22:21:09 | 000,092,745 | ---- | M] () -- C:\Windows\System32\services.msc
[2009.06.10 22:21:07 | 000,144,909 | ---- | M] () -- C:\Windows\System32\fsmgmt.msc
[2009.06.10 22:21:06 | 000,113,256 | ---- | M] () -- C:\Windows\System32\compmgmt.msc
[2009.06.10 22:21:06 | 000,041,587 | ---- | M] () -- C:\Windows\System32\azman.msc
[2009.06.10 22:19:05 | 000,040,552 | ---- | M] () -- C:\Windows\System32\gatherNetworkInfo.vbs
[2009.06.10 22:19:05 | 000,021,812 | ---- | M] () -- C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[2009.06.10 22:18:29 | 000,000,565 | ---- | M] () -- C:\Windows\System32\NdfEventView.xml
[2009.06.10 22:17:44 | 000,124,118 | ---- | M] () -- C:\Windows\System32\comexp.msc
[2009.06.10 22:16:56 | 000,002,233 | ---- | M] () -- C:\Windows\System32\12520850.cpx
[2009.06.10 22:16:56 | 000,002,151 | ---- | M] () -- C:\Windows\System32\12520437.cpx
[2009.06.10 22:16:38 | 000,002,727 | ---- | M] () -- C:\Windows\System32\locationnotificationsview.xml
[2009.06.10 22:15:19 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2009.06.10 22:15:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2009.06.10 22:15:06 | 000,076,060 | ---- | M] () -- C:\Windows\System32\xpsrchvw.xml
[2009.06.10 22:14:45 | 000,051,867 | ---- | M] () -- C:\Windows\Ultimate.xml
[2009.06.10 22:14:45 | 000,048,201 | ---- | M] () -- C:\Windows\Starter.xml
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\System32\drivers\gm.dls
[2007.11.07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2007.11.07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007.11.07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007.11.07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007.11.07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2000.12.31 23:24:40 | 000,684,756 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2000.12.31 23:24:40 | 000,683,802 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2000.12.31 23:24:40 | 000,681,158 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2000.12.31 23:24:40 | 000,679,812 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2000.12.31 23:24:40 | 000,666,534 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2000.12.31 23:24:40 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2000.12.31 23:24:40 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2000.12.31 23:24:40 | 000,133,506 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2000.12.31 23:24:40 | 000,129,410 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2000.12.31 23:24:40 | 000,128,694 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2000.12.31 23:24:40 | 000,126,872 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2000.12.31 23:24:40 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2000.12.31 23:24:40 | 000,123,808 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2000.12.31 23:24:40 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2000.12.31 23:01:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2000.12.31 23:00:59 | 1743,310,848 | -HS- | M] () -- C:\hiberfil.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.25 14:58:41 | 095,685,175 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.09.25 14:47:21 | 000,086,016 | ---- | C] () -- C:\ProgramData\jdmffyyp.exe
[2012.09.25 06:43:17 | 000,077,701 | ---- | C] () -- C:\ProgramData\bkciwmswssufmeb
[2012.09.25 06:43:15 | 000,086,016 | ---- | C] () -- C:\Users\Herr Bergmann\0.40886653536471984.exe
[2012.09.17 20:44:49 | 000,253,411 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Sofortüberweisung Cheaptickets.xps
[2012.09.17 19:13:49 | 000,141,112 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\REVISED MODULE DATES Bali to Thailand.pdf
[2012.09.17 14:44:20 | 003,271,682 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Badesalz - 06 - Daabefuckeler.mp3
[2012.09.16 12:13:09 | 000,249,902 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\schedule1.xps
[2012.09.12 18:55:03 | 006,666,057 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Aitken-Spence-Hotel-Holdings-PLC-11-12.pdf
[2012.08.25 15:42:43 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.25 15:37:20 | 000,012,444 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\komprimierte Steuererklärung_ESt2011_BERGMANN_JULIAN.pdf
[2012.08.25 15:21:30 | 000,041,036 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\ESt2011_BERGMANN_JULIAN.elfo
[2012.08.25 15:14:24 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.08.16 16:37:55 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.04.27 16:27:29 | 000,246,242 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.04.19 14:40:28 | 000,244,733 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Beatport Order Receipt April JBergmann.xps
[2012.04.19 14:32:46 | 000,013,992 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\view_email.aspx.htm
[2012.04.19 14:30:46 | 000,210,996 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\gageverklaring.pdf
[2012.04.15 18:11:34 | 000,220,160 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Group lists period 4 2011-2012 dd 14042012
[2012.04.09 20:11:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.04.02 17:31:41 | 000,032,253 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\381856_282483195121854_109628312407344_717696_693534084_n.jpg
[2012.04.02 11:21:46 | 000,085,508 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\Horeca cao English April 2010 to 31 March 2012.pdf
[2012.03.19 14:14:55 | 000,032,015 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\swtor_eu_60_days_gamecard_99088848_KVAXBXZZ.jpg
[2012.03.15 12:21:27 | 000,013,515 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\P&P Planning1.odt
[2012.02.23 23:11:30 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.02.22 15:19:48 | 000,001,066 | ---- | C] () -- C:\Users\Herr Bergmann\Documents\cc_20120222_151946.reg
[2012.01.23 16:27:19 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.12.22 22:07:41 | 000,026,728 | ---- | C] () -- C:\Users\Herr Bergmann\Documents\cc_20111222_220736.reg
[2011.12.22 15:44:01 | 000,025,457 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\swtor_eu_60_days_gamecard_41237170_X42AW9XU.jpg
[2011.12.02 18:07:31 | 000,496,082 | ---- | C] () -- C:\Users\Herr Bergmann\Desktop\FLT_2RQ6FR18907_0.pdf
[2011.11.27 18:36:52 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.10 20:59:18 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.10.23 21:33:06 | 000,561,420 | ---- | C] () -- C:\Windows\System32\oem39.inf
[2011.10.09 19:56:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011.10.09 19:56:30 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2011.10.09 17:33:03 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.10.09 12:26:06 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.10.09 10:18:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.09 10:16:25 | 000,013,600 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011.10.09 10:15:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_applemtp_01005.Wdf
[2011.10.09 10:15:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_applemtm_01005.Wdf
[2011.10.09 10:14:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_applebmt_01005.Wdf
[2011.10.09 10:14:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_AppleBtBc_01005.Wdf
[2011.10.09 10:13:37 | 000,022,280 | ---- | C] () -- C:\Windows\atiogl.xml
[2011.10.09 10:12:59 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.10.09 10:12:59 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.10.09 10:12:54 | 000,675,584 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011.10.09 10:12:53 | 000,138,384 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2011.10.09 10:12:22 | 000,561,420 | ---- | C] () -- C:\Windows\System32\oem7.inf
[2011.10.09 10:11:48 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_KeyMagic_01005.Wdf
[2011.10.09 10:10:48 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.10.09 10:07:08 | 000,001,409 | ---- | C] () -- C:\Users\Herr Bergmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.10.09 10:04:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
[2011.10.09 10:02:23 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.10.09 10:02:18 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.10.09 09:57:40 | 1743,310,848 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.15 17:34:40 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.08.19 07:13:50 | 000,666,534 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2009.08.19 07:13:50 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2009.08.19 07:13:50 | 000,128,694 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2009.08.19 07:13:50 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2009.08.19 07:04:06 | 000,681,158 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2009.08.19 07:04:06 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2009.08.19 07:04:06 | 000,129,410 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2009.08.19 07:04:06 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2009.08.19 06:53:20 | 000,679,812 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2009.08.19 06:53:20 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2009.08.19 06:53:20 | 000,123,808 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2009.08.19 06:53:20 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2009.08.19 06:43:19 | 000,683,802 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2009.08.19 06:43:19 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2009.08.19 06:43:19 | 000,133,506 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2009.08.19 06:43:19 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2009.08.19 06:33:57 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009.08.19 06:33:56 | 000,684,756 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009.08.19 06:33:56 | 000,126,872 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009.08.19 06:33:56 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009.08.19 06:26:20 | 000,643,628 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.08.19 06:26:20 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.08.19 06:26:20 | 000,126,188 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.08.19 06:26:20 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 08:51:56 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:48:09 | 000,048,201 | ---- | C] () -- C:\Windows\Starter.xml
[2009.07.14 05:46:52 | 000,053,911 | ---- | C] () -- C:\Windows\System32\license.rtf
[2009.07.14 05:46:36 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2009.07.14 05:42:30 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2009.07.14 05:42:29 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2009.07.14 05:42:29 | 000,001,244 | ---- | C] () -- C:\Windows\System32\migwiz.lnk
[2009.07.14 05:42:26 | 000,000,535 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2009.07.14 05:42:24 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2009.07.14 05:34:15 | 000,014,784 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.07.14 05:34:15 | 000,014,784 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.07.14 05:34:00 | 000,021,504 | ---- | C] () -- C:\Windows\System32\umstartup.etl
[2009.07.14 05:34:00 | 000,009,216 | ---- | C] () -- C:\Windows\System32\umstartup000.etl
[2009.07.14 05:33:53 | 000,292,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2009.07.14 03:05:05 | 000,001,696 | ---- | C] () -- C:\Windows\System32\NOISE.CHT
[2009.07.14 03:05:05 | 000,001,696 | ---- | C] () -- C:\Windows\System32\NOISE.CHS
[2009.07.14 03:05:05 | 000,001,486 | ---- | C] () -- C:\Windows\System32\noise.kor
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:05:05 | 000,000,697 | ---- | C] () -- C:\Windows\System32\NOISE.THA
[2009.07.14 03:05:03 | 000,003,683 | ---- | C] () -- C:\Windows\System32\drivers\etc\lmhosts.sam
[2009.07.14 03:04:17 | 000,017,463 | ---- | C] () -- C:\Windows\System32\drivers\etc\services
[2009.07.14 03:04:17 | 000,001,358 | ---- | C] () -- C:\Windows\System32\drivers\etc\protocol
[2009.07.14 03:04:17 | 000,000,824 | ---- | C] () -- C:\Windows\System32\drivers\etc\hosts
[2009.07.14 03:04:17 | 000,000,407 | ---- | C] () -- C:\Windows\System32\drivers\etc\networks
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 03:04:04 | 000,002,577 | ---- | C] () -- C:\Windows\System32\config.nt
[2009.07.14 03:04:04 | 000,001,688 | ---- | C] () -- C:\Windows\System32\autoexec.nt
[2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- C:\autoexec.bat
[2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- C:\config.sys
[2009.07.14 03:03:57 | 000,008,798 | ---- | C] () -- C:\Windows\System32\icrav03.rat
[2009.07.14 03:03:57 | 000,001,988 | ---- | C] () -- C:\Windows\System32\ticrf.rat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 00:11:57 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2009.07.14 00:08:01 | 000,003,577 | ---- | C] () -- C:\Windows\System32\sysprtj.sep
[2009.07.14 00:08:01 | 000,000,114 | ---- | C] () -- C:\Windows\System32\pcl.sep
[2009.07.14 00:08:01 | 000,000,051 | ---- | C] () -- C:\Windows\System32\pscript.sep
[2009.07.14 00:06:14 | 000,004,453 | ---- | C] () -- C:\Windows\System32\odbcconf.rsp
[2009.07.13 23:53:38 | 000,146,389 | ---- | C] () -- C:\Windows\System32\printmanagement.msc
[2009.07.13 23:41:10 | 000,002,233 | ---- | C] () -- C:\Windows\System32\12520850.cpx
[2009.07.13 23:38:23 | 000,071,951 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009.07.13 23:12:16 | 000,063,411 | ---- | C] () -- C:\Windows\System32\NAPCLCFG.MSC
[2009.07.13 23:11:17 | 000,115,091 | ---- | C] () -- C:\Windows\System32\WF.msc
[2009.07.13 23:10:48 | 000,021,812 | ---- | C] () -- C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[2009.07.13 23:06:29 | 000,201,034 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2009.07.13 23:06:29 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2009.07.13 23:06:29 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2009.07.13 23:06:29 | 000,001,559 | ---- | C] () -- C:\Windows\System32\WsmPty.xsl
[2009.07.13 23:01:40 | 000,124,118 | ---- | C] () -- C:\Windows\System32\comexp.msc
[2009.07.13 22:55:47 | 000,144,998 | ---- | C] () -- C:\Windows\System32\lusrmgr.msc
[2009.07.13 22:53:23 | 000,147,439 | ---- | C] () -- C:\Windows\System32\gpedit.msc
[2009.07.13 22:53:23 | 000,043,566 | ---- | C] () -- C:\Windows\System32\rsop.msc
[2009.07.13 22:47:53 | 000,063,070 | ---- | C] () -- C:\Windows\System32\certmgr.msc
[2009.07.13 22:46:10 | 000,145,127 | ---- | C] () -- C:\Windows\System32\eventvwr.msc
[2009.07.13 22:46:10 | 000,017,935 | ---- | C] () -- C:\Windows\System32\EventViewer_EventDetails.xsl
[2009.07.13 22:46:09 | 000,145,059 | ---- | C] () -- C:\Windows\System32\taskschd.msc
[2009.07.13 22:46:01 | 000,144,673 | ---- | C] () -- C:\Windows\System32\WmiMgmt.msc
[2009.07.13 22:44:25 | 000,120,458 | ---- | C] () -- C:\Windows\System32\secpol.msc
[2009.07.13 22:44:22 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2009.07.13 22:44:22 | 000,113,256 | ---- | C] () -- C:\Windows\System32\compmgmt.msc
[2009.07.13 22:44:22 | 000,092,745 | ---- | C] () -- C:\Windows\System32\services.msc
[2009.07.13 22:44:22 | 000,041,587 | ---- | C] () -- C:\Windows\System32\azman.msc
[2009.07.13 22:38:38 | 000,024,114 | ---- | C] () -- C:\Windows\System32\lcptr.tbl
[2009.07.13 22:38:33 | 000,000,610 | ---- | C] () -- C:\Windows\System32\WdsUnattendTemplate.xml
[2009.07.13 22:34:35 | 000,047,679 | ---- | C] () -- C:\Windows\System32\diskmgmt.msc
[2009.07.13 22:33:45 | 000,000,714 | ---- | C] () -- C:\Windows\System32\RestartManager.mof
[2009.07.13 22:33:45 | 000,000,176 | ---- | C] () -- C:\Windows\System32\RestartManagerUninstall.mof
[2009.07.13 22:30:30 | 000,000,707 | ---- | C] () -- C:\Windows\_default.pif
[2009.07.13 22:30:26 | 000,018,832 | ---- | C] () -- C:\Windows\System32\v7vga.rom
[2009.07.13 22:30:26 | 000,008,191 | ---- | C] () -- C:\Windows\System32\bios4.rom
[2009.07.13 22:28:41 | 000,145,519 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2009.07.13 22:23:44 | 000,145,640 | ---- | C] () -- C:\Windows\System32\devmgmt.msc
[2009.07.13 22:20:44 | 000,144,862 | ---- | C] () -- C:\Windows\System32\tpm.msc
[2009.07.13 21:31:17 | 000,127,213 | ---- | C] () -- C:\Windows\System32\ega.cpi
[2009.07.13 21:30:24 | 000,000,843 | ---- | C] () -- C:\Windows\System32\onlinesetup.cmd
[2009.07.13 21:22:04 | 000,000,874 | ---- | C] () -- C:\Windows\System32\manage-bde.wsf
[2009.07.13 19:59:22 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2009.06.10 22:46:53 | 000,008,280 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2009.06.10 22:46:40 | 000,152,516 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2009.06.10 22:46:28 | 000,105,371 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2009.06.10 22:44:34 | 003,170,304 | ---- | C] () -- C:\Windows\System32\boot.sdi
[2009.06.10 22:42:54 | 000,028,420 | ---- | C] () -- C:\Windows\System32\bios1.rom
[2009.06.10 22:42:32 | 000,021,232 | ---- | C] () -- C:\Windows\System32\graphics.pro
[2009.06.10 22:42:07 | 000,004,041 | ---- | C] () -- C:\Windows\System32\xwizard.dtd
[2009.06.10 22:41:29 | 000,211,938 | ---- | C] () -- C:\Windows\System32\lcphrase.tbl
[2009.06.10 22:40:47 | 000,000,035 | ---- | C] () -- C:\Windows\System32\winrm.cmd
[2009.06.10 22:39:59 | 000,001,041 | ---- | C] () -- C:\Windows\System32\tcpbidi.xml
[2009.06.10 22:39:54 | 000,003,214 | ---- | C] () -- C:\Windows\System32\sysprint.sep
[2009.06.10 22:39:18 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2009.06.10 22:38:48 | 000,113,629 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2009.06.10 22:34:23 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx
[2009.06.10 22:32:07 | 000,002,060 | ---- | C] () -- C:\Windows\System32\noise.jpn
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.06.10 22:19:05 | 000,040,552 | ---- | C] () -- C:\Windows\System32\gatherNetworkInfo.vbs
[2009.06.10 22:18:29 | 000,000,565 | ---- | C] () -- C:\Windows\System32\NdfEventView.xml
[2009.06.10 22:16:56 | 000,002,151 | ---- | C] () -- C:\Windows\System32\12520437.cpx
[2009.06.10 22:16:38 | 000,002,727 | ---- | C] () -- C:\Windows\System32\locationnotificationsview.xml
[2009.06.10 22:15:06 | 000,076,060 | ---- | C] () -- C:\Windows\System32\xpsrchvw.xml
[2009.06.10 22:14:28 | 003,440,660 | ---- | C] () -- C:\Windows\System32\drivers\gm.dls
[2007.11.07 07:12:28 | 000,232,960 | ---- | C] () -- C:\VC_RED.MSI
[2007.11.07 07:09:22 | 001,442,522 | ---- | C] () -- C:\VC_RED.cab
[2007.11.07 07:00:40 | 000,005,686 | ---- | C] () -- C:\vcredist.bmp
[2007.11.07 07:00:40 | 000,001,110 | ---- | C] () -- C:\globdata.ini
[2007.11.07 07:00:40 | 000,000,843 | ---- | C] () -- C:\install.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.07.27 15:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.10.09 12:31:39 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\AVG2012
[2011.10.09 16:47:26 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\Belastingdienst
[2012.08.25 15:14:53 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\elsterformular
[2011.10.09 17:34:11 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\Lionhead Studios
[2011.12.07 21:58:39 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\OpenOffice.org
[2012.02.22 15:16:44 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\RIFT
[2012.09.11 22:12:57 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\TS3Client
[2012.08.25 15:17:46 | 000,000,000 | ---D | M] -- C:\Users\Herr Bergmann\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.08.16 16:37:13 | 000,000,000 | -H-D | M] -- C:\$AVG
[2011.10.09 10:06:55 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.12.17 15:27:21 | 000,000,000 | ---D | M] -- C:\AMD
[2011.12.17 15:29:55 | 000,000,000 | ---D | M] -- C:\ATI
[2011.10.09 19:56:31 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.10.09 13:04:41 | 000,000,000 | ---D | M] -- C:\C92DC0695643F2387664
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.09 10:06:39 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.09 10:12:47 | 000,000,000 | ---D | M] -- C:\Intel
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.08.25 15:42:42 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.09.25 14:47:21 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.09 10:06:39 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.09 10:06:39 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.09.02 21:35:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.09 10:06:47 | 000,000,000 | R--D | M] -- C:\Users
[2012.09.25 15:00:01 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.09.25 06:43:15 | 000,086,016 | ---- | M] () -- C:\Users\Herr Bergmann\0.40886653536471984.exe
[2000.12.31 23:31:03 | 001,048,576 | -HS- | M] () -- C:\Users\Herr Bergmann\NTUSER.DAT
[2000.12.31 23:31:03 | 000,262,144 | -HS- | M] () -- C:\Users\Herr Bergmann\ntuser.dat.LOG1
[2011.10.09 10:06:47 | 000,000,000 | -HS- | M] () -- C:\Users\Herr Bergmann\ntuser.dat.LOG2
[2011.10.09 10:17:33 | 000,065,536 | -HS- | M] () -- C:\Users\Herr Bergmann\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2011.10.09 10:17:33 | 000,524,288 | -HS- | M] () -- C:\Users\Herr Bergmann\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2011.10.09 10:17:33 | 000,524,288 | -HS- | M] () -- C:\Users\Herr Bergmann\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011.10.09 10:06:47 | 000,000,020 | -HS- | M] () -- C:\Users\Herr Bergmann\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >



Vielen Dank im Voraus!


Liebe Grüße
Alt 25.09.2012, 16:40   #2
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Extras.txt

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.12.2000 23:29:02 - Run 1
OTL by OldTimer - Version 3.2.68.0     Folder = F:\
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,16 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 85,94% Memory free
4,33 Gb Paging File | 4,05 Gb Available in Paging File | 93,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49,14 Gb Total Space | 18,79 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
Drive E: | 416,30 Gb Total Space | 45,38 Gb Free Space | 10,90% Space Free | Partition Type: HFS
Drive F: | 1,86 Gb Total Space | 0,41 Gb Free Space | 22,26% Space Free | Partition Type: FAT
 
Computer Name: HERRBERGMANN-PC | User Name: Herr Bergmann | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041D73D9-EF84-4954-A5A8-AF38B05AAB82}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{2C112AD1-A220-49B8-87BC-12BBFF356BA8}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{45CA6A5E-9497-440F-9157-48F2DB1D9F03}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8293089D-6A52-4123-BE9D-B22BDA020C3E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{8477529B-FBCD-44D9-BA32-CB176BEAD510}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{90039785-1225-4100-ADF3-FC872AFDC542}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{90553A0B-1C99-48EA-911A-CF47547FF28D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{A4FA56C8-D9A9-44B5-9272-669A72B3F02E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{BA64A36A-2699-4936-82A1-25DF0E71825B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{D63E2BDE-BD49-4914-B504-DA6750F759B7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{DDD70308-88A7-491B-B13D-2309A4BD5FD2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{F8137CA7-D8B9-461D-9EBE-65203497C2AB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F88010EA-B74E-4621-AD02-10B7E1EBA34D}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{0084300B-58CC-485A-8A78-29CAF247CA02}C:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\guild wars 2\gw2.exe | 
"TCP Query User{1266E933-015D-4006-926C-B42029B6621A}C:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files\guild wars 2\gw2.exe | 
"TCP Query User{645A32B7-D557-48CB-8031-FB33F0DDEFCE}C:\users\herr bergmann\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\herr bergmann\appdata\local\temp\gw2.exe | 
"TCP Query User{CF943BC6-8B1E-442B-9966-B0872C430FFD}C:\program files\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe | 
"UDP Query User{4402FE0B-F8D8-44BD-8FAA-B9E9D30A709B}C:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\guild wars 2\gw2.exe | 
"UDP Query User{C70748F3-8100-46CC-B599-4F3424570189}C:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files\guild wars 2\gw2.exe | 
"UDP Query User{EB38699B-A62B-4140-8D07-38607489E773}C:\program files\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe | 
"UDP Query User{EB7DC62A-0D41-4BC7-A664-CBF1754B9B42}C:\users\herr bergmann\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\herr bergmann\appdata\local\temp\gw2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01513E3B-EB4C-BD2E-07F0-E2D9CEFCB580}" = CCC Help Italian
"{054E7727-CAAE-FE78-F75C-7DAA3B86DCC3}" = CCC Help Spanish
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C04BB3F-863B-E348-8633-03769E7A9097}" = CCC Help French
"{116B3E3B-2FBD-1585-3A41-7C033434E585}" = CCC Help Japanese
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2461E016-9FB4-B233-A74D-91D11A664342}" = CCC Help English
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2F3BC248-F857-F353-247C-CDC433D52DD7}" = CCC Help Swedish
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34E86173-00D0-7BA5-12D2-EE1248F99406}" = CCC Help Chinese Standard
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{3E915CB7-511A-0851-CC8C-4EEAFFCCD229}" = CCC Help Portuguese
"{3FB9DC57-ED98-1720-F5E7-A184EF7F4300}" = CCC Help Finnish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DC613E6-AE72-A110-0D0A-FC764B738C04}" = CCC Help Korean
"{51002784-18FA-8FF9-9A1A-2468E7FCA096}" = Catalyst Control Center Graphics Previews Common
"{5986514D-2EFE-B1C8-A5BF-57A084711B89}" = ccc-utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{88976B46-967A-9B1A-14AC-DC388AE2DF09}" = CCC Help Polish
"{9A00A308-1FFC-3E4E-976D-429E349CB5E0}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D1B275D-C436-E222-4220-B272F59ED78F}" = AMD Catalyst Install Manager
"{9DCA1423-F8DA-BE40-BE79-A2F60B418B01}" = CCC Help Hungarian
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B061ACC7-5819-B01A-87B5-712E713143A4}" = CCC Help Dutch
"{B56ACF7B-D7B5-442B-8E1D-6B41347D88B2}" = Boot Camp-Dienste
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{BB9B32B9-FD41-6C73-0196-D11E4B5135BF}" = CCC Help German
"{BEBFE0AC-97E2-DE43-AF13-40F86DAEB1CA}" = CCC Help Thai
"{BEF78FDE-9635-C229-60D2-FF606DF30765}" = CCC Help Chinese Traditional
"{C454E7DD-A09A-6D06-7FF9-59753475FC09}" = Catalyst Control Center
"{CE23BD08-F6FD-3337-D8BC-5B55E69263A5}" = Catalyst Control Center InstallProxy
"{DA109884-7CDC-5F21-5F0B-742AA74F84E1}" = Catalyst Control Center Localization All
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E7A7CD0A-8047-6241-1924-7F781A95BD85}" = CCC Help Norwegian
"{E847D16E-AA7A-33A3-AB9E-AC37B3D1E74F}" = CCC Help Russian
"{F0439D76-7759-DC14-652B-6947C005196E}" = CCC Help Czech
"{F07A428D-232A-5D06-E394-2BED0F311005}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FDB16CB6-48A0-5C95-5184-AECFF8B9716D}" = CCC Help Greek
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"01A62A9B7789BEB63691028C262628D44D17B091" = Windows-Treiberpaket - Broadcom (BCM43XX) Net  (02/17/2011 5.100.198.14)
"07170A155D5587C8782EABA10E94E4127A86F6E4" = Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.8.3.10)
"0A8E69CB2299FB82BA54D1D4C0F3B1810146DBAB" = Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (04/27/2011 4.0.0.1)
"0C48CE90F4A72375C881DD35535D8FA91D70D03B" = Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (04/12/2010 3.1.0.0)
"110E24F054DE5F4F72985BC1F3A53F61985BD4CC" = Windows-Treiberpaket - Broadcom (BCM43XX) Net  (04/06/2011 5.100.198.22)
"111E266FDD1556398EFC13BE47678F96E8497682" = Windows-Treiberpaket - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1)
"1376966B89859634DD07C0BCEAB2C895D5D1674D" = Windows-Treiberpaket - Apple Inc. Apple Multitouch (12/22/2010 3.2.0.2)
"157C5C3D3E97D5439AD0C6268A489EF68FB7AD4F" = Windows-Treiberpaket - Intel (e1yexpress) Net  (04/07/2010 10.1.9.0)
"1D68F7A8B8397256B162B831457A6775BD17F3F4" = Windows-Treiberpaket - Marvell (yukonwlh) Net  (03/23/2007 10.12.7.3)
"20CF1F4786CB13A83CD2EC358929609A9B7A205C" = Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1)
"28AB5A817BE0B4C6952E913DEB9CA907C7871C74" = Windows-Treiberpaket - Broadcom (b57nd60x) Net  (12/02/2010 14.4.2.2)
"2E2B6DCC02509BB8D2629A009DE8B5C3055B6779" = Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0)
"2E4C46B2F31E5452DEBDBF1839BF018898807AF3" = Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (12/22/2010 3.2.0.2)
"31BC243044B2C02B454ECDA8F5B44427F3754DD0" = Windows-Treiberpaket - Apple Inc. Bluetooth  (03/01/2010 3.0.0.5)
"3AEC183715500F464AC7F1A11890FE368F21AC8A" = Windows-Treiberpaket - Apple Inc. Apple Keyboard (10/12/2010 3.2.0.2)
"43B83D262B11C05DBFE8BEB0E2CBD5A9EA1E7F9C" = Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA  (12/03/2010 6.6001.1.30)
"44E2556E81BCB991055DD976642491906DD3B8A0" = Windows-Treiberpaket - Apple Inc. Apple Multitouch (05/05/2011 4.0.0.1)
"4B114013DDC5858DB929CE55F363AB88CDE1F78C" = Windows-Treiberpaket - Apple Inc. Apple Keyboard (05/05/2011 4.0.0.1)
"4D00971668041EDAD7097C5827D1739F03B9E5D7" = Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0)
"5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows-Treiberpaket - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)
"82BE89CA9B7493FA05D2D4D32B415CF07EA08B47" = Windows-Treiberpaket - Intel System  (07/20/2007 1.2.76.0)
"8BB769A00E5FB4E3C5C45B4B60C20B4322C430BD" = Windows-Treiberpaket - Intel (e1rexpress) Net  (01/07/2010 11.4.16.0)
"9324ED54E32F5399037F87E076CA01C6CEB92830" = Windows-Treiberpaket - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0)
"950F5FEDF7BEABD19AAE5CEA69570873BE2A99DA" = Windows-Treiberpaket - Atheros Communications Inc. (athr) Net  (11/18/2009 8.0.0.258)
"9646DB3A0BD532DCF0A6750140F84D0089FF608E" = Windows-Treiberpaket - Intel (e1express) Net  (03/26/2010 9.13.41.0)
"A0DAD483951AB3046050D68A2A1D8CEB4A7C61EE" = Windows-Treiberpaket - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1)
"A6FE31FDFB79BAF53F0D80728677EBE7FB6581BE" = Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (10/05/2010 3.2.0.1)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2012
"B9491C5C199D7236FCDCB76367922461FADC80C7" = Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (05/05/2011 4.0.0.1)
"BCFD182AEFFCC167E74298C1563F0C84CEE4D92C" = Windows-Treiberpaket - Intel (e1qexpress) Net  (12/04/2009 11.4.7.0)
"C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C" = Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0)
"CCleaner" = CCleaner
"CFC3D985EA69596C8BE0A30313010FCC8CE2C70F" = Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7)
"D885E9963D372B22E9F3CD04F0AF501F1FCCF220" = Windows-Treiberpaket - Intel (e1kexpress) Net  (04/12/2010 11.6.92.0)
"E85AC6326EE8585420067DD094210F828AEDFEBC" = Windows-Treiberpaket - Apple Inc. Apple System Device (01/28/2011 3.2.0.6)
"ElsterFormular" = ElsterFormular
"F46F6C2CF86ECDFF2CE25B508923B04E2F23F1CE" = Windows-Treiberpaket - Apple Inc. Apple System Device (04/05/2011 3.2.0.8)
"F4FD74182DF87939B302E81C3D80CA0D38D287AB" = Windows-Treiberpaket - Broadcom Corporation (bScsiSDx) SDHost  (01/18/2011 1.0.0.220)
"Guild Wars 2" = Guild Wars 2
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.09.2012 04:11:21 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error - 17.09.2012 19:35:27 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 17.09.2012 19:35:27 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9968
 
Error - 17.09.2012 19:35:27 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9968
 
Error - 19.09.2012 18:29:04 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 19.09.2012 18:29:04 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584
 
Error - 19.09.2012 18:29:04 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584
 
Error - 24.09.2012 18:14:41 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 24.09.2012 18:14:42 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15631
 
Error - 24.09.2012 18:14:42 | Computer Name = HerrBergmann-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15631
 
[ System Events ]
Error - 31.12.2000 18:17:19 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:17:19 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:17:19 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:17:19 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:17:19 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:24:01 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:24:01 | Computer Name = HerrBergmann-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 31.12.2000 18:24:01 | Computer Name = HerrBergmann-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 31.12.2000 18:25:32 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 31.12.2000 18:27:22 | Computer Name = HerrBergmann-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
--- --- ---


Soll ich denn schon mal Malwares drüber laufen lassen?

Noch eine Frage
Mein Laptop ist ein Macbook mit Windows unter Bootcamp - ist es für mich ungefährlich auf meiner Mac Partition zu booten und damit zu arbeiten? Weil ich auf meine Daten angewiesen bin und bis morgen darauf zugreifen müsste...

__________________
Alt 26.09.2012, 17:20   #3
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [jdmffyypucepojo] C:\ProgramData\jdmffyyp.exe ()
[2012.09.25 06:43:15 | 000,086,016 | ---- | M] () -- C:\Users\Herr Bergmann\0.40886653536471984.exe
 :Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.
__________________
__________________
Alt 26.09.2012, 18:12   #4
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Vielen, vielen Dank!

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\jdmffyypucepojo deleted successfully.
C:\ProgramData\jdmffyyp.exe moved successfully.
C:\Users\Herr Bergmann\0.40886653536471984.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Herr Bergmann
->Flash cache emptied: 14478 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Herr Bergmann
->Temp folder emptied: 140590161 bytes
->Temporary Internet Files folder emptied: 2454224 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 719604035 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 230 bytes
RecycleBin emptied: 274423 bytes
 
Total Files Cleaned = 823,00 mb
 
 
OTL by OldTimer - Version 3.2.68.0 log created on 01022001_011336

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 26.09.2012, 18:59   #5
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 20:54   #6
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Danke auch für diese Antwort.

Es gibt jedoch ein Problem.

Ich habe jetzt schon zum dritten Mal versucht mit Combofix zu scannen.

Combofix hängt sich jedoch bei der Suche auf bzw. anscheinend der Explorer (ich denke, dass ich das daran erkenne, dass symbole in der taskleiste beim hoovern nicht mehr hervorgehoben werden.)
Ich kann das combofix fenster auch nicht schließen.
Dann freezt windows komplett - taskmanager geht auch nicht mehr.

Ich habe combofix immer im administratormodus ausgeführt und nach dem zweiten Mal freeze avg antivirus komplett deinstalliert. - Es hängt sich immer noch auf..

Alt 26.09.2012, 21:06   #7
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


hi
starte mal neu, drücke f8 wähle abgesicherter modus mit netzwerk, melde dich in deinem konto an und versuchs erneut
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 21:48   #8
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Auch hier das gleiche Problem!

Alt 26.09.2012, 21:56   #9
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


ok
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 22:06   #10
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Code:
ATTFilter
23:01:17.0105 3008  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:01:17.0199 3008  ============================================================
23:01:17.0199 3008  Current date / time: 2012/09/26 23:01:17.0199
23:01:17.0199 3008  SystemInfo:
23:01:17.0214 3008  
23:01:17.0214 3008  OS Version: 6.1.7600 ServicePack: 0.0
23:01:17.0214 3008  Product type: Workstation
23:01:17.0214 3008  ComputerName: HERRBERGMANN-PC
23:01:17.0214 3008  UserName: Herr Bergmann
23:01:17.0214 3008  Windows directory: C:\Windows
23:01:17.0214 3008  System windows directory: C:\Windows
23:01:17.0214 3008  Processor architecture: Intel x86
23:01:17.0214 3008  Number of processors: 8
23:01:17.0214 3008  Page size: 0x1000
23:01:17.0214 3008  Boot type: Normal boot
23:01:17.0214 3008  ============================================================
23:01:18.0259 3008  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:01:18.0275 3008  ============================================================
23:01:18.0275 3008  \Device\Harddisk0\DR0:
23:01:18.0275 3008  GPT partitions:
23:01:18.0275 3008  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F07CB3A7-94F7-41A1-9646-A30D6E4C1AC7}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
23:01:18.0275 3008  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {48465300-0000-11AA-AA11-00306543ECAC}, UniqueGUID: {AA32A3EB-4427-49E8-A403-119410DE4038}, Name: NotQuiteMaxDisk, StartLBA 0x64028, BlocksNum 0x3409A340
23:01:18.0275 3008  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F90E7A6-74CC-4967-AA30-1D5479FFCC0E}, Name: BOOTCAMP, StartLBA 0x3413E800, BlocksNum 0x6247800
23:01:18.0275 3008  MBR partitions:
23:01:18.0275 3008  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x3413E800, BlocksNum 0x6247800
23:01:18.0275 3008  ============================================================
23:01:18.0322 3008  C: <-> \Device\Harddisk0\DR0\Partition4
23:01:18.0322 3008  ============================================================
23:01:18.0322 3008  Initialize success
23:01:18.0322 3008  ============================================================
23:02:02.0298 3944  ============================================================
23:02:02.0298 3944  Scan started
23:02:02.0298 3944  Mode: Manual; SigCheck; TDLFS; 
23:02:02.0298 3944  ============================================================
23:02:03.0624 3944  ================ Scan services =============================
23:02:03.0811 3944  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:02:03.0889 3944  1394ohci - ok
23:02:03.0905 3944  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:02:03.0921 3944  ACPI - ok
23:02:03.0967 3944  [ 79D6B28027C398B728CE7CD0570248B0 ] acpials         C:\Windows\system32\DRIVERS\acpials.sys
23:02:03.0999 3944  acpials - ok
23:02:04.0030 3944  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:02:04.0092 3944  AcpiPmi - ok
23:02:04.0155 3944  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:04.0170 3944  AdobeARMservice - ok
23:02:04.0233 3944  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:02:04.0264 3944  adp94xx - ok
23:02:04.0295 3944  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:02:04.0311 3944  adpahci - ok
23:02:04.0326 3944  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:02:04.0342 3944  adpu320 - ok
23:02:04.0357 3944  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:02:04.0420 3944  AeLookupSvc - ok
23:02:04.0451 3944  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
23:02:04.0498 3944  AFD - ok
23:02:04.0545 3944  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:02:04.0545 3944  agp440 - ok
23:02:04.0560 3944  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
23:02:04.0576 3944  aic78xx - ok
23:02:04.0623 3944  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
23:02:04.0669 3944  ALG - ok
23:02:04.0685 3944  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:02:04.0701 3944  aliide - ok
23:02:04.0732 3944  [ FB7FDA167F89694B8AF18A4636D0C19C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:02:04.0810 3944  AMD External Events Utility - ok
23:02:04.0841 3944  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
23:02:04.0857 3944  amdagp - ok
23:02:04.0888 3944  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:02:04.0888 3944  amdide - ok
23:02:04.0919 3944  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:02:04.0950 3944  AmdK8 - ok
23:02:05.0122 3944  [ 409D070998DE0C740372531174D22C91 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:02:05.0231 3944  amdkmdag - ok
23:02:05.0262 3944  [ 377CD7845A5C428112ADD976867A2819 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:02:05.0325 3944  amdkmdap - ok
23:02:05.0356 3944  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:02:05.0403 3944  AmdPPM - ok
23:02:05.0418 3944  [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:02:05.0434 3944  amdsata - ok
23:02:05.0465 3944  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:02:05.0481 3944  amdsbs - ok
23:02:05.0512 3944  [ B81C2B5616F6420A9941EA093A92B150 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:02:05.0527 3944  amdxata - ok
23:02:05.0543 3944  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
23:02:05.0605 3944  AppID - ok
23:02:05.0637 3944  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:02:05.0777 3944  AppIDSvc - ok
23:02:05.0824 3944  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
23:02:05.0855 3944  Appinfo - ok
23:02:05.0933 3944  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:02:05.0949 3944  Apple Mobile Device - ok
23:02:05.0980 3944  [ F81B2BAFAC16CD53E17E079EB2282D94 ] applebmt        C:\Windows\system32\DRIVERS\applebmt.sys
23:02:06.0027 3944  applebmt - ok
23:02:06.0058 3944  [ 75E597FFFA178C695E207DBC3AB769A1 ] AppleBtBc       C:\Windows\system32\DRIVERS\AppleBtBc.sys
23:02:06.0120 3944  AppleBtBc - ok
23:02:06.0136 3944  [ 539D370C240A4B8297C1B00C37898CDC ] AppleHFS        C:\Windows\system32\drivers\AppleHFS.sys
23:02:06.0198 3944  AppleHFS - ok
23:02:06.0229 3944  [ 4C3BC95763C1470CA91A1594A9D5DFDA ] AppleMNT        C:\Windows\system32\drivers\AppleMNT.sys
23:02:06.0245 3944  AppleMNT - ok
23:02:06.0276 3944  [ B99ED06DBAAE1809FB933308ACD6D799 ] applemtm        C:\Windows\system32\DRIVERS\applemtm.sys
23:02:06.0307 3944  applemtm - ok
23:02:06.0323 3944  [ 3597F5352692E7AC4EC7D7B13C1961CE ] applemtp        C:\Windows\system32\DRIVERS\applemtp.sys
23:02:06.0370 3944  applemtp - ok
23:02:06.0401 3944  [ 185967BC344F997B77A46AA0A1726780 ] AppleOSSMgr     C:\Windows\system32\AppleOSSMgr.exe
23:02:06.0432 3944  AppleOSSMgr - ok
23:02:06.0463 3944  [ 2653C1B9EA1BEDDDC49DC34F87986958 ] AppleTimeSrv    C:\Windows\system32\AppleTimeSrv.exe
23:02:06.0479 3944  AppleTimeSrv - ok
23:02:06.0510 3944  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:02:06.0557 3944  AppMgmt - ok
23:02:06.0573 3944  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:02:06.0588 3944  arc - ok
23:02:06.0604 3944  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:02:06.0619 3944  arcsas - ok
23:02:06.0651 3944  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:06.0682 3944  AsyncMac - ok
23:02:06.0682 3944  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
23:02:06.0697 3944  atapi - ok
23:02:06.0744 3944  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:06.0807 3944  AudioEndpointBuilder - ok
23:02:06.0822 3944  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:02:06.0838 3944  Audiosrv - ok
23:02:06.0853 3944  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:02:06.0885 3944  AxInstSV - ok
23:02:06.0916 3944  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
23:02:06.0978 3944  b06bdrv - ok
23:02:07.0009 3944  [ BF34695B9E74CD7D72CB945A6AF874B7 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:02:07.0041 3944  b57nd60x - ok
23:02:07.0181 3944  [ 4C63E9E6ECD999900CEEC9573D1F4ABA ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
23:02:07.0243 3944  BCM43XX - ok
23:02:07.0290 3944  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:02:07.0337 3944  BDESVC - ok
23:02:07.0368 3944  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:02:07.0431 3944  Beep - ok
23:02:07.0462 3944  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
23:02:07.0509 3944  BFE - ok
23:02:07.0555 3944  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
23:02:07.0665 3944  BITS - ok
23:02:07.0665 3944  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:02:07.0696 3944  blbdrive - ok
23:02:07.0774 3944  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:02:07.0789 3944  Bonjour Service - ok
23:02:07.0836 3944  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:02:07.0867 3944  bowser - ok
23:02:07.0883 3944  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:02:07.0930 3944  BrFiltLo - ok
23:02:07.0945 3944  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:02:07.0977 3944  BrFiltUp - ok
23:02:08.0008 3944  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:02:08.0055 3944  BridgeMP - ok
23:02:08.0086 3944  [ 598E1280E7FF3744F4B8329366CC5635 ] Browser         C:\Windows\System32\browser.dll
23:02:08.0117 3944  Browser - ok
23:02:08.0133 3944  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:02:08.0164 3944  Brserid - ok
23:02:08.0179 3944  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:02:08.0226 3944  BrSerWdm - ok
23:02:08.0242 3944  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:02:08.0257 3944  BrUsbMdm - ok
23:02:08.0273 3944  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:02:08.0289 3944  BrUsbSer - ok
23:02:08.0335 3944  [ 85E92EA830C773B1FB1AD935CF685FE6 ] bScsiSDx        C:\Windows\system32\DRIVERS\bScsiSDx.sys
23:02:08.0351 3944  bScsiSDx - ok
23:02:08.0367 3944  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:02:08.0398 3944  BthEnum - ok
23:02:08.0413 3944  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:02:08.0445 3944  BTHMODEM - ok
23:02:08.0460 3944  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:02:08.0476 3944  BthPan - ok
23:02:08.0507 3944  [ 4A34888E13224678DD062466AFEC4240 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:02:08.0538 3944  BTHPORT - ok
23:02:08.0569 3944  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
23:02:08.0616 3944  bthserv - ok
23:02:08.0616 3944  [ FA04C63916FA221DBB91FCE153D07A55 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:02:08.0647 3944  BTHUSB - ok
23:02:08.0710 3944  [ D94B86AD01A3CC323619D4FF512ED6FA ] catchme         C:\Users\HERRBE~1\AppData\Local\Temp\catchme.sys
23:02:08.0725 3944  catchme ( UnsignedFile.Multi.Generic ) - warning
23:02:08.0741 3944  catchme - detected UnsignedFile.Multi.Generic (1)
23:02:08.0757 3944  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:02:08.0803 3944  cdfs - ok
23:02:08.0835 3944  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:02:08.0866 3944  cdrom - ok
23:02:08.0897 3944  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:02:08.0959 3944  CertPropSvc - ok
23:02:08.0959 3944  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:02:08.0991 3944  circlass - ok
23:02:09.0022 3944  [ 4A53428F7C383EFBCFAAFDCB434E2AF4 ] CirrusFilter    C:\Windows\system32\DRIVERS\CS420x86.sys
23:02:09.0053 3944  CirrusFilter - ok
23:02:09.0100 3944  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
23:02:09.0115 3944  CLFS - ok
23:02:09.0162 3944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:09.0193 3944  clr_optimization_v2.0.50727_32 - ok
23:02:09.0209 3944  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:09.0240 3944  CmBatt - ok
23:02:09.0256 3944  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
23:02:09.0271 3944  cmdide - ok
23:02:09.0303 3944  [ 1B675691ED940766149C93E8F4488D68 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:02:09.0334 3944  CNG - ok
23:02:09.0365 3944  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:02:09.0381 3944  Compbatt - ok
23:02:09.0396 3944  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:02:09.0427 3944  CompositeBus - ok
23:02:09.0427 3944  COMSysApp - ok
23:02:09.0443 3944  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:02:09.0459 3944  crcdisk - ok
23:02:09.0490 3944  [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:02:09.0537 3944  CryptSvc - ok
23:02:09.0568 3944  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
23:02:09.0583 3944  CSC - ok
23:02:09.0646 3944  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
23:02:09.0677 3944  CscService - ok
23:02:09.0739 3944  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:02:09.0802 3944  DcomLaunch - ok
23:02:09.0817 3944  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:02:09.0849 3944  defragsvc - ok
23:02:09.0864 3944  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:02:09.0895 3944  DfsC - ok
23:02:09.0911 3944  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:02:09.0973 3944  Dhcp - ok
23:02:09.0989 3944  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
23:02:10.0036 3944  discache - ok
23:02:10.0067 3944  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:02:10.0067 3944  Disk - ok
23:02:10.0083 3944  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:02:10.0114 3944  Dnscache - ok
23:02:10.0129 3944  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:02:10.0176 3944  dot3svc - ok
23:02:10.0192 3944  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
23:02:10.0223 3944  DPS - ok
23:02:10.0239 3944  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:02:10.0270 3944  drmkaud - ok
23:02:10.0301 3944  [ 8B6C3464D7FAC176500061DBFFF42AD4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:02:10.0332 3944  DXGKrnl - ok
23:02:10.0363 3944  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
23:02:10.0395 3944  EapHost - ok
23:02:10.0535 3944  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
23:02:10.0613 3944  ebdrv - ok
23:02:10.0629 3944  [ F42309C4191C506B71DB5D1126D26318 ] EFS             C:\Windows\System32\lsass.exe
23:02:10.0660 3944  EFS - ok
23:02:10.0722 3944  [ 3A74A6E33685662B125A3269B1F2114F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:02:10.0769 3944  ehRecvr - ok
23:02:10.0785 3944  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
23:02:10.0816 3944  ehSched - ok
23:02:10.0863 3944  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:02:10.0894 3944  elxstor - ok
23:02:10.0909 3944  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
23:02:10.0925 3944  ErrDev - ok
23:02:10.0972 3944  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
23:02:11.0034 3944  EventSystem - ok
23:02:11.0050 3944  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
23:02:11.0081 3944  exfat - ok
23:02:11.0097 3944  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:02:11.0128 3944  fastfat - ok
23:02:11.0159 3944  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
23:02:11.0190 3944  Fax - ok
23:02:11.0206 3944  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:02:11.0237 3944  fdc - ok
23:02:11.0253 3944  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
23:02:11.0284 3944  fdPHost - ok
23:02:11.0299 3944  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
23:02:11.0315 3944  FDResPub - ok
23:02:11.0331 3944  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:02:11.0331 3944  FileInfo - ok
23:02:11.0346 3944  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:02:11.0377 3944  Filetrace - ok
23:02:11.0377 3944  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:11.0393 3944  flpydisk - ok
23:02:11.0440 3944  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:02:11.0455 3944  FltMgr - ok
23:02:11.0502 3944  [ B6512A85815FDC3D560C3705F5BDB93D ] FontCache       C:\Windows\system32\FntCache.dll
23:02:11.0580 3944  FontCache - ok
23:02:11.0627 3944  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:02:11.0643 3944  FontCache3.0.0.0 - ok
23:02:11.0658 3944  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:02:11.0674 3944  FsDepends - ok
23:02:11.0705 3944  [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:02:11.0721 3944  Fs_Rec - ok
23:02:11.0736 3944  [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:02:11.0752 3944  fvevol - ok
23:02:11.0783 3944  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:02:11.0799 3944  gagp30kx - ok
23:02:11.0845 3944  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:02:11.0861 3944  GEARAspiWDM - ok
23:02:11.0892 3944  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
23:02:11.0939 3944  gpsvc - ok
23:02:11.0955 3944  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:02:12.0001 3944  hcw85cir - ok
23:02:12.0033 3944  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:02:12.0095 3944  HdAudAddService - ok
23:02:12.0142 3944  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:02:12.0189 3944  HDAudBus - ok
23:02:12.0204 3944  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:02:12.0235 3944  HidBatt - ok
23:02:12.0267 3944  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:02:12.0298 3944  HidBth - ok
23:02:12.0313 3944  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:02:12.0376 3944  HidIr - ok
23:02:12.0391 3944  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
23:02:12.0469 3944  hidserv - ok
23:02:12.0501 3944  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:02:12.0532 3944  HidUsb - ok
23:02:12.0579 3944  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:02:12.0641 3944  hkmsvc - ok
23:02:12.0688 3944  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:02:12.0735 3944  HomeGroupListener - ok
23:02:12.0766 3944  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:02:12.0797 3944  HomeGroupProvider - ok
23:02:12.0828 3944  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
23:02:12.0844 3944  HpSAMD - ok
23:02:12.0875 3944  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:02:12.0922 3944  HTTP - ok
23:02:12.0937 3944  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:02:12.0953 3944  hwpolicy - ok
23:02:12.0969 3944  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:02:13.0000 3944  i8042prt - ok
23:02:13.0031 3944  [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
23:02:13.0047 3944  iaStorV - ok
23:02:13.0109 3944  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:02:13.0156 3944  idsvc - ok
23:02:13.0171 3944  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:02:13.0171 3944  iirsp - ok
23:02:13.0218 3944  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:02:13.0281 3944  IKEEXT - ok
23:02:13.0296 3944  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
23:02:13.0296 3944  intelide - ok
23:02:13.0312 3944  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:02:13.0327 3944  intelppm - ok
23:02:13.0343 3944  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:02:13.0374 3944  IPBusEnum - ok
23:02:13.0405 3944  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:02:13.0421 3944  IpFilterDriver - ok
23:02:13.0452 3944  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:02:13.0546 3944  iphlpsvc - ok
23:02:13.0561 3944  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:02:13.0561 3944  IPMIDRV - ok
23:02:13.0561 3944  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:02:13.0593 3944  IPNAT - ok
23:02:13.0655 3944  [ 49918803B661367023BF325CF602AFDC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:02:13.0702 3944  iPod Service - ok
23:02:13.0717 3944  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:02:13.0749 3944  IRENUM - ok
23:02:13.0780 3944  [ DD4C1A21ABD0C41184D3F529421E4650 ] IRRemoteFlt     C:\Windows\system32\DRIVERS\IRFilter.sys
23:02:13.0811 3944  IRRemoteFlt - ok
23:02:13.0842 3944  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
23:02:13.0858 3944  isapnp - ok
23:02:13.0889 3944  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:02:13.0905 3944  iScsiPrt - ok
23:02:13.0920 3944  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:02:13.0936 3944  kbdclass - ok
23:02:13.0967 3944  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:02:13.0983 3944  kbdhid - ok
23:02:14.0014 3944  [ B2030675753DDCC51994A37563EF7C12 ] KeyAgent        C:\Windows\system32\drivers\KeyAgent.sys
23:02:14.0029 3944  KeyAgent - ok
23:02:14.0045 3944  [ F42309C4191C506B71DB5D1126D26318 ] KeyIso          C:\Windows\system32\lsass.exe
23:02:14.0076 3944  KeyIso - ok
23:02:14.0107 3944  [ 298D7B6B8B7985C272A7E7158119A416 ] KeyMagic        C:\Windows\system32\DRIVERS\KeyMagic.sys
23:02:14.0154 3944  KeyMagic - ok
23:02:14.0170 3944  [ E36A061EC11B373826905B21BE10948F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:02:14.0185 3944  KSecDD - ok
23:02:14.0217 3944  [ 365C6154BBBC5377173F1CA7BFB6CC59 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:02:14.0232 3944  KSecPkg - ok
23:02:14.0263 3944  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:02:14.0310 3944  KtmRm - ok
23:02:14.0357 3944  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:02:14.0419 3944  LanmanServer - ok
23:02:14.0451 3944  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:02:14.0497 3944  LanmanWorkstation - ok
23:02:14.0575 3944  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:02:14.0638 3944  lltdio - ok
23:02:14.0700 3944  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:02:14.0763 3944  lltdsvc - ok
23:02:14.0763 3944  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:02:14.0809 3944  lmhosts - ok
23:02:14.0950 3944  [ 926EBA26A8B49D1597751CED06B50862 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:02:14.0965 3944  LMS - ok
23:02:15.0059 3944  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:02:15.0075 3944  LSI_FC - ok
23:02:15.0106 3944  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:02:15.0121 3944  LSI_SAS - ok
23:02:15.0168 3944  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:02:15.0184 3944  LSI_SAS2 - ok
23:02:15.0199 3944  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:02:15.0215 3944  LSI_SCSI - ok
23:02:15.0231 3944  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
23:02:15.0293 3944  luafv - ok
23:02:15.0324 3944  [ 054053F2F8E4DFF6C97C4CEF04FD2BE0 ] MacHALDriver    C:\Windows\system32\drivers\MacHALDriver.sys
23:02:15.0324 3944  MacHALDriver ( UnsignedFile.Multi.Generic ) - warning
23:02:15.0324 3944  MacHALDriver - detected UnsignedFile.Multi.Generic (1)
23:02:15.0355 3944  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:02:15.0402 3944  Mcx2Svc - ok
23:02:15.0418 3944  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:02:15.0418 3944  megasas - ok
23:02:15.0433 3944  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:02:15.0433 3944  MegaSR - ok
23:02:15.0465 3944  [ CFCB18986426A2D8E66F1992636221D0 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
23:02:15.0496 3944  MEI - ok
23:02:15.0527 3944  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
23:02:15.0589 3944  MMCSS - ok
23:02:15.0605 3944  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
23:02:15.0636 3944  Modem - ok
23:02:15.0652 3944  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:02:15.0667 3944  monitor - ok
23:02:15.0699 3944  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:02:15.0714 3944  mouclass - ok
23:02:15.0745 3944  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:02:15.0761 3944  mouhid - ok
23:02:15.0792 3944  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:02:15.0792 3944  mountmgr - ok
23:02:15.0870 3944  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:02:15.0886 3944  MozillaMaintenance - ok
23:02:15.0901 3944  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
23:02:15.0933 3944  mpio - ok
23:02:15.0948 3944  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:02:15.0995 3944  mpsdrv - ok
23:02:16.0026 3944  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:02:16.0089 3944  MpsSvc - ok
23:02:16.0104 3944  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:02:16.0120 3944  MRxDAV - ok
23:02:16.0151 3944  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:02:16.0198 3944  mrxsmb - ok
23:02:16.0229 3944  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:02:16.0245 3944  mrxsmb10 - ok
23:02:16.0260 3944  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:02:16.0291 3944  mrxsmb20 - ok
23:02:16.0307 3944  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
23:02:16.0323 3944  msahci - ok
23:02:16.0338 3944  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
23:02:16.0354 3944  msdsm - ok
23:02:16.0369 3944  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
23:02:16.0401 3944  MSDTC - ok
23:02:16.0401 3944  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:02:16.0447 3944  Msfs - ok
23:02:16.0463 3944  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:02:16.0494 3944  mshidkmdf - ok
23:02:16.0494 3944  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
23:02:16.0510 3944  msisadrv - ok
23:02:16.0525 3944  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:02:16.0541 3944  MSiSCSI - ok
23:02:16.0557 3944  msiserver - ok
23:02:16.0572 3944  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:02:16.0603 3944  MSKSSRV - ok
23:02:16.0619 3944  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:02:16.0650 3944  MSPCLOCK - ok
23:02:16.0650 3944  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:02:16.0666 3944  MSPQM - ok
23:02:16.0681 3944  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:02:16.0681 3944  MsRPC - ok
23:02:16.0697 3944  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:02:16.0697 3944  mssmbios - ok
23:02:16.0697 3944  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:02:16.0728 3944  MSTEE - ok
23:02:16.0728 3944  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:02:16.0744 3944  MTConfig - ok
23:02:16.0759 3944  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:02:16.0759 3944  Mup - ok
23:02:16.0806 3944  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
23:02:16.0837 3944  napagent - ok
23:02:16.0900 3944  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:02:16.0947 3944  NativeWifiP - ok
23:02:16.0978 3944  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:02:16.0993 3944  NDIS - ok
23:02:17.0009 3944  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:02:17.0056 3944  NdisCap - ok
23:02:17.0056 3944  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:02:17.0087 3944  NdisTapi - ok
23:02:17.0103 3944  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:02:17.0118 3944  Ndisuio - ok
23:02:17.0149 3944  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:02:17.0165 3944  NdisWan - ok
23:02:17.0181 3944  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:02:17.0243 3944  NDProxy - ok
23:02:17.0274 3944  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:02:17.0337 3944  NetBIOS - ok
23:02:17.0368 3944  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:02:17.0446 3944  NetBT - ok
23:02:17.0446 3944  [ F42309C4191C506B71DB5D1126D26318 ] Netlogon        C:\Windows\system32\lsass.exe
23:02:17.0461 3944  Netlogon - ok
23:02:17.0555 3944  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
23:02:17.0633 3944  Netman - ok
23:02:17.0664 3944  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
23:02:17.0711 3944  netprofm - ok
23:02:17.0742 3944  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:02:17.0758 3944  NetTcpPortSharing - ok
23:02:17.0789 3944  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:02:17.0805 3944  nfrd960 - ok
23:02:17.0820 3944  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:02:17.0867 3944  NlaSvc - ok
23:02:17.0883 3944  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:02:17.0898 3944  Npfs - ok
23:02:17.0898 3944  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
23:02:17.0914 3944  nsi - ok
23:02:17.0929 3944  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:02:17.0945 3944  nsiproxy - ok
23:02:17.0992 3944  [ 3795DCD21F740EE799FB7223234215AF ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:02:18.0007 3944  Ntfs - ok
23:02:18.0023 3944  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
23:02:18.0054 3944  Null - ok
23:02:18.0070 3944  [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
23:02:18.0070 3944  nvraid - ok
23:02:18.0101 3944  [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
23:02:18.0101 3944  nvstor - ok
23:02:18.0132 3944  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
23:02:18.0148 3944  nv_agp - ok
23:02:18.0163 3944  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:02:18.0163 3944  ohci1394 - ok
23:02:18.0195 3944  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:02:18.0226 3944  p2pimsvc - ok
23:02:18.0241 3944  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:02:18.0257 3944  p2psvc - ok
23:02:18.0273 3944  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:02:18.0288 3944  Parport - ok
23:02:18.0304 3944  [ FF4218952B51DE44FE910953A3E686B9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:02:18.0304 3944  partmgr - ok
23:02:18.0319 3944  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
23:02:18.0335 3944  Parvdm - ok
23:02:18.0366 3944  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:02:18.0366 3944  PcaSvc - ok
23:02:18.0397 3944  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
23:02:18.0397 3944  pci - ok
23:02:18.0413 3944  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
23:02:18.0429 3944  pciide - ok
23:02:18.0444 3944  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:02:18.0444 3944  pcmcia - ok
23:02:18.0460 3944  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
23:02:18.0475 3944  pcw - ok
23:02:18.0491 3944  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:02:18.0522 3944  PEAUTH - ok
23:02:18.0569 3944  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:02:18.0616 3944  PeerDistSvc - ok
23:02:18.0834 3944  [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart  C:\ComboFix\pev.3XE
23:02:18.0850 3944  PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
23:02:18.0850 3944  PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
23:02:18.0912 3944  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
23:02:18.0975 3944  pla - ok
23:02:18.0990 3944  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:02:19.0037 3944  PlugPlay - ok
23:02:19.0053 3944  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:02:19.0068 3944  PNRPAutoReg - ok
23:02:19.0084 3944  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:02:19.0099 3944  PNRPsvc - ok
23:02:19.0115 3944  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:02:19.0146 3944  PolicyAgent - ok
23:02:19.0177 3944  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
23:02:19.0224 3944  Power - ok
23:02:19.0255 3944  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:02:19.0271 3944  PptpMiniport - ok
23:02:19.0287 3944  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:02:19.0318 3944  Processor - ok
23:02:19.0349 3944  [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc         C:\Windows\system32\profsvc.dll
23:02:19.0396 3944  ProfSvc - ok
23:02:19.0411 3944  [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:02:19.0427 3944  ProtectedStorage - ok
23:02:19.0443 3944  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:02:19.0474 3944  Psched - ok
23:02:19.0521 3944  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:02:19.0567 3944  ql2300 - ok
23:02:19.0614 3944  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:02:19.0645 3944  ql40xx - ok
23:02:19.0708 3944  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
23:02:19.0755 3944  QWAVE - ok
23:02:19.0770 3944  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:02:19.0801 3944  QWAVEdrv - ok
23:02:19.0817 3944  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:02:19.0911 3944  RasAcd - ok
23:02:19.0942 3944  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:02:20.0004 3944  RasAgileVpn - ok
23:02:20.0051 3944  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
23:02:20.0082 3944  RasAuto - ok
23:02:20.0145 3944  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:02:20.0191 3944  Rasl2tp - ok
23:02:20.0223 3944  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
23:02:20.0254 3944  RasMan - ok
23:02:20.0269 3944  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:02:20.0301 3944  RasPppoe - ok
23:02:20.0316 3944  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:02:20.0332 3944  RasSstp - ok
23:02:20.0347 3944  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:02:20.0363 3944  rdbss - ok
23:02:20.0379 3944  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:02:20.0379 3944  rdpbus - ok
23:02:20.0410 3944  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:02:20.0425 3944  RDPCDD - ok
23:02:20.0457 3944  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:02:20.0488 3944  RDPDR - ok
23:02:20.0519 3944  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:02:20.0566 3944  RDPENCDD - ok
23:02:20.0566 3944  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:02:20.0581 3944  RDPREFMP - ok
23:02:20.0597 3944  [ 801371BA9782282892D00AADB08EE367 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:02:20.0628 3944  RDPWD - ok
23:02:20.0644 3944  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:02:20.0659 3944  rdyboost - ok
23:02:20.0691 3944  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:02:20.0722 3944  RemoteAccess - ok
23:02:20.0737 3944  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:02:20.0769 3944  RemoteRegistry - ok
23:02:20.0800 3944  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:02:20.0831 3944  RFCOMM - ok
23:02:20.0878 3944  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:02:20.0925 3944  RpcEptMapper - ok
23:02:20.0925 3944  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
23:02:20.0956 3944  RpcLocator - ok
23:02:20.0971 3944  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
23:02:20.0987 3944  RpcSs - ok
23:02:21.0018 3944  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:02:21.0034 3944  rspndr - ok
23:02:21.0065 3944  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
23:02:21.0096 3944  s3cap - ok
23:02:21.0112 3944  [ F42309C4191C506B71DB5D1126D26318 ] SamSs           C:\Windows\system32\lsass.exe
23:02:21.0143 3944  SamSs - ok
23:02:21.0159 3944  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
23:02:21.0174 3944  sbp2port - ok
23:02:21.0205 3944  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:02:21.0252 3944  SCardSvr - ok
23:02:21.0268 3944  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:02:21.0283 3944  scfilter - ok
23:02:21.0330 3944  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
23:02:21.0377 3944  Schedule - ok
23:02:21.0377 3944  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:02:21.0393 3944  SCPolicySvc - ok
23:02:21.0424 3944  [ 7B48CFF3A475FE849DEA65EC4D35C425 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:02:21.0455 3944  sdbus - ok
23:02:21.0486 3944  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:02:21.0517 3944  SDRSVC - ok
23:02:21.0549 3944  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:02:21.0595 3944  secdrv - ok
23:02:21.0611 3944  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
23:02:21.0642 3944  seclogon - ok
23:02:21.0658 3944  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
23:02:21.0689 3944  SENS - ok
23:02:21.0705 3944  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:02:21.0720 3944  SensrSvc - ok
23:02:21.0736 3944  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:02:21.0736 3944  Serenum - ok
23:02:21.0751 3944  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:02:21.0767 3944  Serial - ok
23:02:21.0783 3944  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:02:21.0798 3944  sermouse - ok
23:02:21.0814 3944  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
23:02:21.0845 3944  SessionEnv - ok
23:02:21.0845 3944  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:02:21.0845 3944  sffdisk - ok
23:02:21.0861 3944  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:02:21.0892 3944  sffp_mmc - ok
23:02:21.0907 3944  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:02:21.0923 3944  sffp_sd - ok
23:02:21.0923 3944  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:02:21.0939 3944  sfloppy - ok
23:02:21.0970 3944  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:02:22.0001 3944  SharedAccess - ok
23:02:22.0017 3944  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:02:22.0017 3944  ShellHWDetection - ok
23:02:22.0048 3944  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
23:02:22.0048 3944  sisagp - ok
23:02:22.0079 3944  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:02:22.0095 3944  SiSRaid2 - ok
23:02:22.0110 3944  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:02:22.0110 3944  SiSRaid4 - ok
23:02:22.0126 3944  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:02:22.0141 3944  Smb - ok
23:02:22.0173 3944  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:02:22.0188 3944  SNMPTRAP - ok
23:02:22.0204 3944  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:02:22.0204 3944  spldr - ok
23:02:22.0282 3944  [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler         C:\Windows\System32\spoolsv.exe
23:02:22.0360 3944  Spooler - ok
23:02:22.0656 3944  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
23:02:22.0797 3944  sppsvc - ok
23:02:22.0843 3944  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:02:22.0890 3944  sppuinotify - ok
23:02:22.0921 3944  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:02:22.0953 3944  srv - ok
23:02:22.0968 3944  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:02:23.0015 3944  srv2 - ok
23:02:23.0046 3944  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:02:23.0077 3944  srvnet - ok
23:02:23.0109 3944  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:02:23.0155 3944  SSDPSRV - ok
23:02:23.0155 3944  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:02:23.0187 3944  SstpSvc - ok
23:02:23.0218 3944  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:02:23.0218 3944  stexstor - ok
23:02:23.0249 3944  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
23:02:23.0280 3944  StiSvc - ok
23:02:23.0296 3944  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
23:02:23.0311 3944  storflt - ok
23:02:23.0311 3944  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
23:02:23.0327 3944  storvsc - ok
23:02:23.0343 3944  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:02:23.0343 3944  swenum - ok
23:02:23.0358 3944  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
23:02:23.0389 3944  swprv - ok
23:02:23.0421 3944  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
23:02:23.0436 3944  SysMain - ok
23:02:23.0467 3944  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:02:23.0499 3944  TabletInputService - ok
23:02:23.0530 3944  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:02:23.0577 3944  TapiSrv - ok
23:02:23.0592 3944  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
23:02:23.0623 3944  TBS - ok
23:02:23.0686 3944  [ C2DAAEB48F3A47C410B041A0D2382EE1 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:02:23.0717 3944  Tcpip - ok
23:02:23.0733 3944  [ C2DAAEB48F3A47C410B041A0D2382EE1 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:02:23.0764 3944  TCPIP6 - ok
23:02:23.0779 3944  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:02:23.0795 3944  tcpipreg - ok
23:02:23.0811 3944  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:02:23.0842 3944  TDPIPE - ok
23:02:23.0842 3944  [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:02:23.0873 3944  TDTCP - ok
23:02:23.0873 3944  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:02:23.0904 3944  tdx - ok
23:02:23.0904 3944  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:02:23.0920 3944  TermDD - ok
23:02:23.0951 3944  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
23:02:23.0967 3944  TermService - ok
23:02:23.0982 3944  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
23:02:23.0998 3944  Themes - ok
23:02:24.0013 3944  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:02:24.0029 3944  THREADORDER - ok
23:02:24.0045 3944  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
23:02:24.0076 3944  TrkWks - ok
23:02:24.0107 3944  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:02:24.0123 3944  TrustedInstaller - ok
23:02:24.0138 3944  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:02:24.0169 3944  tssecsrv - ok
23:02:24.0185 3944  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:02:24.0232 3944  tunnel - ok
23:02:24.0263 3944  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:02:24.0279 3944  uagp35 - ok
23:02:24.0279 3944  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:02:24.0325 3944  udfs - ok
23:02:24.0357 3944  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:02:24.0372 3944  UI0Detect - ok
23:02:24.0388 3944  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
23:02:24.0388 3944  uliagpkx - ok
23:02:24.0419 3944  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:02:24.0435 3944  umbus - ok
23:02:24.0450 3944  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:02:24.0481 3944  UmPass - ok
23:02:24.0528 3944  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:02:24.0559 3944  UmRdpService - ok
23:02:24.0653 3944  [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:02:24.0715 3944  UNS - ok
23:02:24.0747 3944  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
23:02:24.0778 3944  upnphost - ok
23:02:24.0825 3944  [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:02:24.0856 3944  usbaudio - ok
23:02:24.0887 3944  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:02:24.0918 3944  usbccgp - ok
23:02:24.0934 3944  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
23:02:24.0965 3944  usbcir - ok
23:02:24.0996 3944  [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:02:25.0043 3944  usbehci - ok
23:02:25.0074 3944  [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:02:25.0121 3944  usbhub - ok
23:02:25.0137 3944  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:02:25.0168 3944  usbohci - ok
23:02:25.0215 3944  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:02:25.0246 3944  usbprint - ok
23:02:25.0261 3944  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:02:25.0293 3944  USBSTOR - ok
23:02:25.0308 3944  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:02:25.0324 3944  usbuhci - ok
23:02:25.0355 3944  [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:02:25.0371 3944  usbvideo - ok
23:02:25.0402 3944  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
23:02:25.0449 3944  UxSms - ok
23:02:25.0449 3944  [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc        C:\Windows\system32\lsass.exe
23:02:25.0464 3944  VaultSvc - ok
23:02:25.0480 3944  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
23:02:25.0495 3944  vdrvroot - ok
23:02:25.0511 3944  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
23:02:25.0542 3944  vds - ok
23:02:25.0558 3944  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:02:25.0605 3944  vga - ok
23:02:25.0620 3944  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:02:25.0651 3944  VgaSave - ok
23:02:25.0651 3944  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
23:02:25.0667 3944  vhdmp - ok
23:02:25.0683 3944  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
23:02:25.0683 3944  viaagp - ok
23:02:25.0683 3944  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
23:02:25.0698 3944  ViaC7 - ok
23:02:25.0714 3944  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
23:02:25.0729 3944  viaide - ok
23:02:25.0761 3944  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
23:02:25.0776 3944  vmbus - ok
23:02:25.0792 3944  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
23:02:25.0792 3944  VMBusHID - ok
23:02:25.0823 3944  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
23:02:25.0823 3944  volmgr - ok
23:02:25.0839 3944  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:02:25.0854 3944  volmgrx - ok
23:02:25.0854 3944  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
23:02:25.0870 3944  volsnap - ok
23:02:25.0901 3944  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:02:25.0901 3944  vsmraid - ok
23:02:25.0948 3944  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
23:02:26.0010 3944  VSS - ok
23:02:26.0026 3944  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:02:26.0041 3944  vwifibus - ok
23:02:26.0057 3944  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:02:26.0073 3944  vwififlt - ok
23:02:26.0104 3944  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:02:26.0135 3944  vwifimp - ok
23:02:26.0166 3944  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
23:02:26.0213 3944  W32Time - ok
23:02:26.0229 3944  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:02:26.0244 3944  WacomPen - ok
23:02:26.0275 3944  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:02:26.0307 3944  WANARP - ok
23:02:26.0307 3944  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:02:26.0322 3944  Wanarpv6 - ok
23:02:26.0385 3944  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
23:02:26.0447 3944  wbengine - ok
23:02:26.0463 3944  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:02:26.0494 3944  WbioSrvc - ok
23:02:26.0509 3944  [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:02:26.0525 3944  wcncsvc - ok
23:02:26.0541 3944  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:02:26.0572 3944  WcsPlugInService - ok
23:02:26.0587 3944  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:02:26.0587 3944  Wd - ok
23:02:26.0603 3944  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:02:26.0619 3944  Wdf01000 - ok
23:02:26.0634 3944  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:02:26.0650 3944  WdiServiceHost - ok
23:02:26.0650 3944  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:02:26.0665 3944  WdiSystemHost - ok
23:02:26.0681 3944  [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient       C:\Windows\System32\webclnt.dll
23:02:26.0712 3944  WebClient - ok
23:02:26.0728 3944  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:02:26.0743 3944  Wecsvc - ok
23:02:26.0759 3944  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:02:26.0790 3944  wercplsupport - ok
23:02:26.0806 3944  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:02:26.0837 3944  WerSvc - ok
23:02:26.0853 3944  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:02:26.0899 3944  WfpLwf - ok
23:02:26.0899 3944  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:02:26.0915 3944  WIMMount - ok
23:02:26.0962 3944  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:02:27.0009 3944  WinDefend - ok
23:02:27.0009 3944  WinHttpAutoProxySvc - ok
23:02:27.0055 3944  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:02:27.0102 3944  Winmgmt - ok
23:02:27.0149 3944  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:02:27.0196 3944  WinRM - ok
23:02:27.0243 3944  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:02:27.0289 3944  Wlansvc - ok
23:02:27.0523 3944  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:02:27.0633 3944  wlidsvc - ok
23:02:27.0648 3944  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:02:27.0711 3944  WmiAcpi - ok
23:02:27.0757 3944  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:02:27.0789 3944  wmiApSrv - ok
23:02:27.0945 3944  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:02:28.0023 3944  WMPNetworkSvc - ok
23:02:28.0054 3944  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:02:28.0085 3944  WPCSvc - ok
23:02:28.0101 3944  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:02:28.0132 3944  WPDBusEnum - ok
23:02:28.0147 3944  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:02:28.0210 3944  ws2ifsl - ok
23:02:28.0225 3944  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
23:02:28.0257 3944  wscsvc - ok
23:02:28.0257 3944  WSearch - ok
23:02:28.0335 3944  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
23:02:28.0381 3944  wuauserv - ok
23:02:28.0397 3944  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:02:28.0428 3944  WudfPf - ok
23:02:28.0444 3944  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:02:28.0459 3944  WUDFRd - ok
23:02:28.0491 3944  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:02:28.0522 3944  wudfsvc - ok
23:02:28.0537 3944  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:02:28.0553 3944  WwanSvc - ok
23:02:28.0569 3944  ================ Scan global ===============================
23:02:28.0600 3944  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
23:02:28.0631 3944  [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
23:02:28.0647 3944  [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
23:02:28.0662 3944  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:02:28.0693 3944  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:02:28.0709 3944  [Global] - ok
23:02:28.0709 3944  ================ Scan MBR ==================================
23:02:28.0725 3944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:02:29.0130 3944  \Device\Harddisk0\DR0 - ok
23:02:29.0130 3944  ================ Scan VBR ==================================
23:02:29.0146 3944  [ 9E5709ABF0A699B2ECEF2E6F9A90333F ] \Device\Harddisk0\DR0\Partition1
23:02:29.0146 3944  \Device\Harddisk0\DR0\Partition1 - ok
23:02:29.0146 3944  [ 569FD703636652C54B3B5A0DF6ED6517 ] \Device\Harddisk0\DR0\Partition2
23:02:29.0146 3944  \Device\Harddisk0\DR0\Partition2 - ok
23:02:29.0161 3944  [ 25A57922AB10E7BCEFA4DCDEC1ED54B2 ] \Device\Harddisk0\DR0\Partition3
23:02:29.0161 3944  \Device\Harddisk0\DR0\Partition3 - ok
23:02:29.0161 3944  [ 25A57922AB10E7BCEFA4DCDEC1ED54B2 ] \Device\Harddisk0\DR0\Partition4
23:02:29.0161 3944  \Device\Harddisk0\DR0\Partition4 - ok
23:02:29.0161 3944  ============================================================
23:02:29.0161 3944  Scan finished
23:02:29.0161 3944  ============================================================
23:02:29.0177 3056  Detected object count: 3
23:02:29.0177 3056  Actual detected object count: 3
23:03:48.0659 3056  catchme ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:48.0659 3056  catchme ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:03:48.0659 3056  MacHALDriver ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:48.0659 3056  MacHALDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:03:48.0659 3056  PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:48.0659 3056  PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 26.09.2012, 22:08   #11
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 23:43   #12
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Nach anderthalb Stunden Scan und nachdem die meisten Dateien durchgescannt waren auf einmal Bluescreen :S

Alt 26.09.2012, 23:45   #13
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


welche fehlermeldung gabs, mit nur bluescreen kann ich nicht viel anfangen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.09.2012, 23:57   #14
extradat
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


Ich kenn mich da nicht so aus,

es gab halt "A problem has been detected and windows has been shut down..etc"

ich hab mal bei computerverwaltung/system/ereignisanzeige/administrative ereignisse geguckt.

da hab ich das gefunde, das müsste es sein:

Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000008e (0xc0000005, 0x82a75e45, 0x9f5379a0, 0x00000000). Ein volles Abbild wurde gespeichert in: C:\Windows\MEMORY.DMP. Berichts-ID: 092712-17862-01.


Edit:

der suchlauf durch C: ist gerade ohne bluescreen fertig geworden. Log:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.26.13

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Herr Bergmann :: HERRBERGMANN-PC [Administrator]

27.09.2012 00:43:42
mbam-log-2012-09-27 (00-43-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 308671
Laufzeit: 30 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Der Bluescreen kam, also Malwares Partition E: untersucht hat, die meine Mac Partition ist?!

Ich lasse gerade nur durch C: laufen?
Geändert von extradat (27.09.2012 um 00:15 Uhr)

Alt 27.09.2012, 12:50   #15
markusg
/// Malware-holic
 
Diese Webseite kann nicht angezeigt werden - Trojaner - Standard

Diese Webseite kann nicht angezeigt werden - Trojaner


hattest du schon mal probleme mit blue screens?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort
Seite 1 von 2 1 2

Themen zu Diese Webseite kann nicht angezeigt werden - Trojaner
adobe, autorun, avg, bho, bonjour, defender, error, firefox, format, helper, installation, logfile, mozilla, nvidia, plug-in, problem, registry, required, rundll, scan, software, tablet, taskmanager, teamspeak, temp, trojaner, windows, windows xp


« BKA-Trojaner 1.13 windows 7 | Multibler Befall durch Trojaner »

Ähnliche Themen: Diese Webseite kann nicht angezeigt werden - Trojaner


  1. Diese Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (51)
  2. IE Die Webseite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (19)
  3. Google Webseite (YouTube, Blogspot, etc.) Kann Nicht Angezeigt Werden
    Log-Analyse und Auswertung - 01.12.2013 (2)
  4. Diese Website kann nicht angezeigt werden-Virus?
    Log-Analyse und Auswertung - 19.12.2012 (2)
  5. "Diese Webseite kann nicht angezeigt werden" - Windows Vista 32 bit
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (4)
  6. Virus auf PC "Diese Webseite kann nicht angezeigt werden" - BKA?
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (24)
  7. Trojaner Ransom-D / Weißer Bildschirm: "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (39)
  8. weißer bildschirm und diese website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 16.10.2012 (16)
  9. Die Webseite kann nicht angezeigt werden Virus
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (1)
  10. Diese webseite kann nicht angezeigt werden
    Log-Analyse und Auswertung - 27.09.2012 (2)
  11. Trojaner - "Diese Seite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (8)
  12. Webseite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (32)
  13. "Diese Webseite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (9)
  14. "Diese Webseite kann nicht angezeigt werden" - Virus
    Plagegeister aller Art und deren Bekämpfung - 10.09.2012 (9)
  15. Diese Webseite kann nicht angezeigt werden / Desktop gesperrt
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (10)
  16. fehlermeldung "diese webseite kann nicht angezeigt werden" bildschirm ist blockiert
    Log-Analyse und Auswertung - 14.08.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Diese Webseite kann nicht angezeigt werden - Trojaner - Hallo liebe Community, ich habe auch das Problem, dass sobald ich meinen Laptop mit Windows 7 Ultimate starte, ein weißer Vollbildscreen kommt, auf dem steht "Diese Webseite kann nicht angezeigt - Diese Webseite kann nicht angezeigt werden - Trojaner...
Archiv
Du betrachtest: Diese Webseite kann nicht angezeigt werden - Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129