Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Captcha Problem - Datenverkehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.12.2012, 14:33   #1
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Hallo, wie auch einige andere User habe auch ich bei mir seit ca. 1 Woche das Problem, dass Google unregelmäßig eine Captchaabfrage macht, wenn ich eine Suchanfrage starte.

Ich habe mich nun durch einige Threads hier gelesen und da es ja meistens gleich beginnt mit der Analyse, habe ich schon einmal vorgearbeitet und die folgenden Logs erstellt. Ich hoffe das ist in Ordnung so.

Vielen Dank schon mal für eure Hilfe.

Da die Logs die maximale Zeichenanzahl überschreitet, habe ich Sie als Archiv angehangen.

LG Basti

Geändert von s.weise (30.12.2012 um 14:41 Uhr)

Alt 30.12.2012, 17:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Zitat:
Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 30.12.2012, 17:42   #3
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Wie bereits erwähnt waren die Logs zu lang zum Posten in Code-Tags. Das Forensystem selbst hat mich dazu aufgefordert ein Archiv zu erstellen und es anzuhängen. Besonders das TDSSkiller Log ist sehr lang. Aber ich versuche es mal auseinander zu stückeln in 1-2 posts.

Defogger Log:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:36 on 30/12/2012 (Basti)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
aswMBR Log

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-30 14:48:25
-----------------------------
14:48:25.513    OS Version: Windows x64 6.1.7601 Service Pack 1
14:48:25.514    Number of processors: 4 586 0x2A07
14:48:25.516    ComputerName: BASTI-PC  UserName: Basti
14:48:26.278    Initialize success
14:48:38.072    AVAST engine defs: 12123000
14:48:48.712    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:48:48.717    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:48:48.729    Disk 0 MBR read successfully
14:48:48.736    Disk 0 MBR scan
14:48:48.747    Disk 0 Windows 7 default MBR code
14:48:48.762    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
14:48:48.828    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        98212 MB offset 206848
14:48:48.871    Disk 0 Partition - 00     0F Extended LBA            206931 MB offset 201345024
14:48:48.894    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       206930 MB offset 201347072
14:48:48.993    Disk 0 scanning C:\Windows\system32\drivers
14:49:13.708    Service scanning
14:49:56.786    Modules scanning
14:49:56.806    Disk 0 trace - called modules:
14:49:57.171    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
14:49:57.183    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050f8060]
14:49:57.196    3 CLASSPNP.SYS[fffff88001ac143f] -> nt!IofCallDriver -> [0xfffffa8004acbe40]
14:49:57.207    5 ACPI.sys[fffff88000ec87a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aca050]
14:49:57.832    AVAST engine scan C:\Windows
14:50:00.799    AVAST engine scan C:\Windows\system32
14:56:27.438    AVAST engine scan C:\Windows\system32\drivers
14:56:52.404    AVAST engine scan C:\Users\Basti
15:01:36.199    AVAST engine scan C:\ProgramData
15:04:45.959    Scan finished successfully
15:05:40.777    Disk 0 MBR has been saved successfully to "C:\Users\Basti\Desktop\MBR.dat"
15:05:40.785    The log file has been saved successfully to "C:\Users\Basti\Desktop\2aswMBR.txt"
         
dds log

DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 1.6.0_31
Run by Basti at 15:12:01 on 2012-12-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4008.2325 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\BlueStacks\HD-Service.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files (x86)\BlueStacks\HD-Network.exe
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [My Movies Tray] "C:\Program Files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Free YouTube to MP3 Converter - C:\Users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{85CB6ED5-0C1A-4857-ACC8-F5A0A5E03324} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}\5416379724F687D2246423430393 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}\64259445A51224F687025494 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}\64259445A524F6870264F6E60275C414E402731373030223 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}\75C414E4D2030313344314433344837333 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E79780CE-854E-4E88-AEE1-27AB5BFAE142} : DHCPNameServer = 192.168.42.129
Handler: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Handler: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll
FF - plugin: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - ExtSQL: 2012-12-16 20:26; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-8-6 28992]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-12-11 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-10-25 393080]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-10-25 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-10-25 384888]
R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-1-16 343032]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-9-11 9216]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-12-10 138024]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-10 317440]
R3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-11 333928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-6 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-2 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-5-10 36328]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-7-12 99384]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-7-7 132608]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2012-7-1 13352]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-5-2 24176]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-12-11 290920]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-5-10 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-5-10 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-5-10 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2012-5-10 146920]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-7-12 203320]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-12 59392]
.
=============== Created Last 30 ================
.
2012-12-30 13:28:08	9125352	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F3E855A-B6EC-4B7A-8D44-76A542816230}\mpengine.dll
2012-12-29 17:38:34	--------	d-----w-	C:\Program Files (x86)\Binnerup Consult
2012-12-29 17:34:23	--------	d-----w-	C:\Program Files\Microsoft SQL Server
2012-12-29 17:34:21	--------	d-----w-	C:\Program Files (x86)\Microsoft SQL Server
2012-12-29 17:31:12	--------	d-----w-	C:\ProgramData\My Movies
2012-12-29 10:37:57	9125352	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-28 12:43:10	--------	d-----w-	C:\Program Files (x86)\ESET
2012-12-28 10:43:26	--------	d-----w-	C:\Users\Basti\AppData\Local\Programs
2012-12-23 12:25:54	46080	----a-w-	C:\Windows\System32\atmlib.dll
2012-12-23 12:25:54	34304	----a-w-	C:\Windows\SysWow64\atmlib.dll
2012-12-23 12:25:51	367616	----a-w-	C:\Windows\System32\atmfd.dll
2012-12-23 12:25:36	295424	----a-w-	C:\Windows\SysWow64\atmfd.dll
2012-12-18 15:58:08	--------	d-----w-	C:\Program Files (x86)\BlueStacks
2012-12-18 15:57:39	--------	d-----w-	C:\ProgramData\BlueStacksSetup
2012-12-18 15:57:38	--------	d-----w-	C:\ProgramData\BlueStacks
2012-12-16 19:56:15	1	----a-w-	C:\Windows\SysWow64\SI.bin
2012-12-16 19:56:09	77824	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-16 19:56:09	32768	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-12-16 19:56:09	225280	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-16 19:56:09	176128	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-16 19:56:08	614532	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-16 19:27:49	--------	d-----w-	C:\Users\Basti\dwhelper
2012-12-13 16:12:59	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2012-12-13 16:10:48	3149824	----a-w-	C:\Windows\System32\win32k.sys
2012-12-13 16:10:47	478208	----a-w-	C:\Windows\System32\dpnet.dll
2012-12-13 16:10:46	376832	----a-w-	C:\Windows\SysWow64\dpnet.dll
2012-12-01 11:35:41	--------	d-----w-	C:\Program Files\iPod
2012-12-01 11:35:40	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-01 11:35:40	--------	d-----w-	C:\Program Files\iTunes
2012-12-01 11:35:40	--------	d-----w-	C:\Program Files (x86)\iTunes
.
==================== Find3M  ====================
.
2012-12-14 15:49:28	24176	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-12-11 21:34:12	73656	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 21:34:12	697272	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-14 06:11:44	2312704	----a-w-	C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11	1392128	----a-w-	C:\Windows\System32\wininet.dll
2012-11-14 06:02:49	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46	599040	----a-w-	C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09	2048	----a-w-	C:\Windows\System32\tzres.dll
2012-10-04 17:46:16	362496	----a-w-	C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15	243200	----a-w-	C:\Windows\System32\wow64.dll
2012-10-04 17:46:15	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55	215040	----a-w-	C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16	424960	----a-w-	C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55	338432	----a-w-	C:\Windows\System32\conhost.exe
2012-10-04 14:46:46	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43	2048	----a-w-	C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 15:12:24,93 ===============
         
--- --- ---

--- --- ---


dds attach

Code:
ATTFilter
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11.12.2011 14:51:26
System Uptime: 30.12.2012 14:37:19 (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. |  | K53SJ
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU 1 | 1386/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 96 GiB total, 24,364 GiB free.
D: is FIXED (NTFS) - 202 GiB total, 154,073 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: iPodDrv
Device ID: ROOT\LEGACY_IPODDRV\0000
Manufacturer: 
Name: iPodDrv
PNP Device ID: ROOT\LEGACY_IPODDRV\0000
Service: iPodDrv
.
==== System Restore Points ===================
.
RP195: 23.12.2012 13:24:33 - Windows Update
RP196: 26.12.2012 20:37:08 - Windows Update
RP197: 29.12.2012 18:31:31 - Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
RP198: 29.12.2012 18:32:13 - Microsoft Visual C++ 2005 Redistributable wird installiert
RP199: 29.12.2012 18:38:26 - Installed My Movies Collection Management
RP200: 30.12.2012 14:27:43 - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Amazon MP3-Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio Elements 10.0.9
Ashampoo Undeleter v.1.10
ASUS FancyStart
ASUS Power4Gear Hybrid
ATK Package
Audible Download Manager
AudibleManager
BlueStacks App Player
Bonjour
Brother MFL-Pro Suite DCP-357C
Bullzip PDF Printer 7.2.0.1304
CCleaner
Cinergy T USB XXS V2.03.03.29
Diablo III
Diablo III Public Test
DivX-Setup
Dropbox
Easy Phone Tunes
ElsterFormular
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.5.0_WHQL
Fast Boot
ffdshow [rev 2527] [2008-12-19]
Free FLV Converter V 7.4.0
Free YouTube to MP3 Converter version 3.11.34.1015
Google Chrome
Google Update Helper
GPL Ghostscript Lite 9.04
Heroes of Might & Magic V: Hammers of Fate
Heroes of Might and Magic V
Heroes of Might and Magic V - Tribes of the East
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Intel(R) Control Center
Intel(R) Processor Graphics
iTunes
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 1 (64-bit)
JDownloader 0.9
Malwarebytes Anti-Malware Version 1.70.0.1100
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared 64-bit MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MYMOVIES)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 12.0 (x86 de)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
My Movies Collection Management
MyPhoneExplorer
Nitro PDF Reader 2
Notification Center
NVIDIA Grafiktreiber 301.42
NVIDIA Install Application
NVIDIA Optimus 1.8.15
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.12.0213
NVIDIA Systemsteuerung 301.42
NVIDIA Update 1.8.15
NVIDIA Update Components
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
Pando Media Booster
Pinnacle TVCenter Pro
ProgDVB
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Skype Click to Call
Skype™ 6.0
Sonic Focus
SopCast 3.4.8
swMSM
TeamSpeak 3 Client
Torchlight 2
Unlocker 1.9.1-x64
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
Veetle TV
Videoload Manager 2.0.2220
VirtualCloneDrive
VLC media player 1.1.11
Vodafone Mobile Connect Lite
Windows Media Player Firefox Plugin
.
==== End Of File ===========================
         
TDDS Logfile Teil 1

Code:
ATTFilter
15:06:54.0418 4632  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:06:54.0638 4632  ============================================================
15:06:54.0638 4632  Current date / time: 2012/12/30 15:06:54.0638
15:06:54.0638 4632  SystemInfo:
15:06:54.0638 4632  
15:06:54.0638 4632  OS Version: 6.1.7601 ServicePack: 1.0
15:06:54.0638 4632  Product type: Workstation
15:06:54.0639 4632  ComputerName: BASTI-PC
15:06:54.0639 4632  UserName: Basti
15:06:54.0639 4632  Windows directory: C:\Windows
15:06:54.0639 4632  System windows directory: C:\Windows
15:06:54.0639 4632  Running under WOW64
15:06:54.0639 4632  Processor architecture: Intel x64
15:06:54.0639 4632  Number of processors: 4
15:06:54.0639 4632  Page size: 0x1000
15:06:54.0639 4632  Boot type: Normal boot
15:06:54.0639 4632  ============================================================
15:06:55.0613 4632  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:06:55.0619 4632  ============================================================
15:06:55.0619 4632  \Device\Harddisk0\DR0:
15:06:55.0619 4632  MBR partitions:
15:06:55.0619 4632  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:06:55.0619 4632  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xBFD2000
15:06:55.0632 4632  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC005000, BlocksNum 0x19429000
15:06:55.0632 4632  ============================================================
15:06:55.0692 4632  C: <-> \Device\Harddisk0\DR0\Partition2
15:06:55.0742 4632  D: <-> \Device\Harddisk0\DR0\Partition3
15:06:55.0743 4632  ============================================================
15:06:55.0743 4632  Initialize success
15:06:55.0743 4632  ============================================================
15:07:26.0826 2068  ============================================================
15:07:26.0826 2068  Scan started
15:07:26.0826 2068  Mode: Manual; TDLFS; 
15:07:26.0826 2068  ============================================================
15:07:27.0112 2068  ================ Scan system memory ========================
15:07:27.0112 2068  System memory - ok
15:07:27.0113 2068  ================ Scan services =============================
15:07:27.0297 2068  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:07:27.0302 2068  1394ohci - ok
15:07:27.0360 2068  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:07:27.0366 2068  ACPI - ok
15:07:27.0396 2068  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:07:27.0396 2068  AcpiPmi - ok
15:07:27.0550 2068  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:07:27.0555 2068  AdobeFlashPlayerUpdateSvc - ok
15:07:27.0599 2068  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:07:27.0606 2068  adp94xx - ok
15:07:27.0635 2068  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:07:27.0641 2068  adpahci - ok
15:07:27.0656 2068  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:07:27.0659 2068  adpu320 - ok
15:07:27.0692 2068  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:07:27.0693 2068  AeLookupSvc - ok
15:07:27.0739 2068  [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:07:27.0746 2068  AFBAgent - ok
15:07:27.0799 2068  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:07:27.0807 2068  AFD - ok
15:07:27.0870 2068  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:07:27.0872 2068  agp440 - ok
15:07:27.0896 2068  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:07:27.0898 2068  ALG - ok
15:07:27.0919 2068  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:07:27.0919 2068  aliide - ok
15:07:27.0942 2068  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:07:27.0942 2068  amdide - ok
15:07:27.0956 2068  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:07:27.0957 2068  AmdK8 - ok
15:07:27.0963 2068  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:07:27.0965 2068  AmdPPM - ok
15:07:27.0984 2068  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:07:27.0986 2068  amdsata - ok
15:07:28.0000 2068  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:07:28.0004 2068  amdsbs - ok
15:07:28.0021 2068  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:07:28.0022 2068  amdxata - ok
15:07:28.0060 2068  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
15:07:28.0061 2068  androidusb - ok
15:07:28.0089 2068  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:07:28.0090 2068  AppID - ok
15:07:28.0121 2068  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:07:28.0122 2068  AppIDSvc - ok
15:07:28.0168 2068  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:07:28.0169 2068  Appinfo - ok
15:07:28.0286 2068  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:07:28.0290 2068  Apple Mobile Device - ok
15:07:28.0313 2068  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:07:28.0315 2068  arc - ok
15:07:28.0331 2068  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:07:28.0333 2068  arcsas - ok
15:07:28.0391 2068  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:07:28.0394 2068  ASLDRService - ok
15:07:28.0425 2068  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:07:28.0425 2068  ASMMAP64 - ok
15:07:28.0575 2068  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:07:28.0597 2068  aspnet_state - ok
15:07:28.0612 2068  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:07:28.0613 2068  AsyncMac - ok
15:07:28.0647 2068  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:07:28.0647 2068  atapi - ok
15:07:28.0748 2068  [ A5E770426D18F8EF332A593F3289DA91 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:07:28.0818 2068  athr - ok
15:07:28.0833 2068  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:07:28.0836 2068  ATKGFNEXSrv - ok
15:07:28.0902 2068  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:07:28.0906 2068  atksgt - ok
15:07:28.0918 2068  [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:07:28.0919 2068  ATKWMIACPIIO - ok
15:07:28.0969 2068  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:07:28.0978 2068  AudioEndpointBuilder - ok
15:07:28.0992 2068  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:07:28.0998 2068  AudioSrv - ok
15:07:29.0034 2068  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:07:29.0035 2068  AxInstSV - ok
15:07:29.0067 2068  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:07:29.0075 2068  b06bdrv - ok
15:07:29.0095 2068  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:07:29.0099 2068  b57nd60a - ok
15:07:29.0129 2068  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:07:29.0131 2068  BDESVC - ok
15:07:29.0143 2068  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:07:29.0143 2068  Beep - ok
15:07:29.0192 2068  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:07:29.0206 2068  BFE - ok
15:07:29.0266 2068  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:07:29.0297 2068  BITS - ok
15:07:29.0328 2068  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:07:29.0328 2068  blbdrive - ok
15:07:29.0390 2068  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:07:29.0398 2068  Bonjour Service - ok
15:07:29.0431 2068  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:07:29.0433 2068  bowser - ok
15:07:29.0438 2068  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:07:29.0439 2068  BrFiltLo - ok
15:07:29.0443 2068  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:07:29.0444 2068  BrFiltUp - ok
15:07:29.0490 2068  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:07:29.0492 2068  Browser - ok
15:07:29.0505 2068  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:07:29.0509 2068  Brserid - ok
15:07:29.0517 2068  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:07:29.0519 2068  BrSerWdm - ok
15:07:29.0525 2068  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:07:29.0526 2068  BrUsbMdm - ok
15:07:29.0534 2068  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:07:29.0535 2068  BrUsbSer - ok
15:07:29.0627 2068  [ A9C4AEE6AC10D41BB815468D2E734045 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
15:07:29.0634 2068  BstHdAndroidSvc - ok
15:07:29.0717 2068  [ EAE75499461AE856330EBDB3489DB1E9 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
15:07:29.0718 2068  BstHdDrv - ok
15:07:29.0758 2068  [ CD96992A52B454CDBB77E56F9F7FA151 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:07:29.0764 2068  BstHdLogRotatorSvc - ok
15:07:29.0820 2068  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:07:29.0821 2068  BTHMODEM - ok
15:07:29.0895 2068  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:07:29.0896 2068  bthserv - ok
15:07:29.0921 2068  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:07:29.0923 2068  cdfs - ok
15:07:29.0970 2068  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:07:29.0973 2068  cdrom - ok
15:07:30.0008 2068  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:07:30.0010 2068  CertPropSvc - ok
15:07:30.0025 2068  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:07:30.0026 2068  circlass - ok
15:07:30.0049 2068  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:07:30.0055 2068  CLFS - ok
15:07:30.0123 2068  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:07:30.0125 2068  clr_optimization_v2.0.50727_32 - ok
15:07:30.0159 2068  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:07:30.0162 2068  clr_optimization_v2.0.50727_64 - ok
15:07:30.0239 2068  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:07:30.0243 2068  clr_optimization_v4.0.30319_32 - ok
15:07:30.0266 2068  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:07:30.0269 2068  clr_optimization_v4.0.30319_64 - ok
15:07:30.0293 2068  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:07:30.0294 2068  CmBatt - ok
15:07:30.0324 2068  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:07:30.0325 2068  cmdide - ok
15:07:30.0369 2068  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:07:30.0376 2068  CNG - ok
15:07:30.0388 2068  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:07:30.0389 2068  Compbatt - ok
15:07:30.0421 2068  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:07:30.0422 2068  CompositeBus - ok
15:07:30.0426 2068  COMSysApp - ok
15:07:30.0538 2068  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:07:30.0544 2068  cphs - ok
15:07:30.0563 2068  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:07:30.0564 2068  crcdisk - ok
15:07:30.0612 2068  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:07:30.0617 2068  CryptSvc - ok
15:07:30.0670 2068  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:07:30.0680 2068  DcomLaunch - ok
15:07:30.0710 2068  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:07:30.0714 2068  defragsvc - ok
15:07:30.0749 2068  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:07:30.0751 2068  DfsC - ok
15:07:30.0788 2068  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:07:30.0789 2068  dg_ssudbus - ok
15:07:30.0834 2068  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:07:30.0839 2068  Dhcp - ok
15:07:30.0882 2068  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:07:30.0883 2068  discache - ok
15:07:30.0901 2068  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:07:30.0902 2068  Disk - ok
15:07:30.0933 2068  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:07:30.0936 2068  Dnscache - ok
15:07:30.0970 2068  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:07:30.0974 2068  dot3svc - ok
15:07:31.0019 2068  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:07:31.0022 2068  DPS - ok
15:07:31.0042 2068  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:07:31.0043 2068  drmkaud - ok
15:07:31.0116 2068  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:07:31.0126 2068  DXGKrnl - ok
15:07:31.0154 2068  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:07:31.0156 2068  EapHost - ok
15:07:31.0244 2068  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:07:31.0369 2068  ebdrv - ok
15:07:31.0402 2068  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:07:31.0404 2068  EFS - ok
15:07:31.0454 2068  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:07:31.0469 2068  ehRecvr - ok
15:07:31.0508 2068  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:07:31.0511 2068  ehSched - ok
15:07:31.0573 2068  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
15:07:31.0574 2068  ElbyCDIO - ok
15:07:31.0606 2068  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:07:31.0613 2068  elxstor - ok
15:07:31.0683 2068  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:07:31.0684 2068  ErrDev - ok
15:07:31.0729 2068  [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:07:31.0730 2068  ETD - ok
15:07:31.0772 2068  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:07:31.0778 2068  EventSystem - ok
15:07:31.0857 2068  [ 251AF86E0A4DDF3A6B181ED5103B06B1 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
15:07:31.0860 2068  ewusbnet - ok
15:07:31.0868 2068  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:07:31.0871 2068  exfat - ok
15:07:31.0910 2068  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:07:31.0912 2068  fastfat - ok
15:07:31.0965 2068  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:07:31.0976 2068  Fax - ok
15:07:31.0981 2068  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:07:31.0981 2068  fdc - ok
15:07:31.0996 2068  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:07:31.0997 2068  fdPHost - ok
15:07:32.0010 2068  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:07:32.0011 2068  FDResPub - ok
15:07:32.0045 2068  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:07:32.0047 2068  FileInfo - ok
15:07:32.0063 2068  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:07:32.0064 2068  Filetrace - ok
15:07:32.0069 2068  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:07:32.0070 2068  flpydisk - ok
15:07:32.0104 2068  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:07:32.0108 2068  FltMgr - ok
15:07:32.0165 2068  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
15:07:32.0198 2068  FontCache - ok
15:07:32.0232 2068  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:07:32.0234 2068  FontCache3.0.0.0 - ok
15:07:32.0250 2068  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:07:32.0251 2068  FsDepends - ok
15:07:32.0280 2068  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:07:32.0280 2068  Fs_Rec - ok
15:07:32.0310 2068  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:07:32.0314 2068  fvevol - ok
15:07:32.0332 2068  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:07:32.0333 2068  gagp30kx - ok
15:07:32.0376 2068  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:07:32.0377 2068  GEARAspiWDM - ok
15:07:32.0417 2068  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
15:07:32.0418 2068  ggflt - ok
15:07:32.0466 2068  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
15:07:32.0467 2068  ggsemc - ok
15:07:32.0518 2068  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:07:32.0533 2068  gpsvc - ok
15:07:32.0616 2068  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:07:32.0619 2068  gupdate - ok
15:07:32.0636 2068  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:07:32.0637 2068  gupdatem - ok
15:07:32.0650 2068  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:07:32.0651 2068  hcw85cir - ok
15:07:32.0694 2068  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:07:32.0700 2068  HdAudAddService - ok
15:07:32.0722 2068  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:07:32.0724 2068  HDAudBus - ok
15:07:32.0729 2068  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:07:32.0730 2068  HidBatt - ok
15:07:32.0746 2068  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:07:32.0748 2068  HidBth - ok
15:07:32.0754 2068  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:07:32.0754 2068  HidIr - ok
15:07:32.0766 2068  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:07:32.0767 2068  hidserv - ok
15:07:32.0781 2068  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:07:32.0781 2068  HidUsb - ok
15:07:32.0815 2068  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:07:32.0819 2068  hkmsvc - ok
15:07:32.0860 2068  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:07:32.0865 2068  HomeGroupListener - ok
15:07:32.0879 2068  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:07:32.0883 2068  HomeGroupProvider - ok
15:07:32.0899 2068  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:07:32.0900 2068  HpSAMD - ok
15:07:32.0953 2068  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:07:32.0964 2068  HTTP - ok
15:07:33.0008 2068  [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:07:33.0009 2068  hwdatacard - ok
15:07:33.0042 2068  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:07:33.0042 2068  hwpolicy - ok
15:07:33.0078 2068  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:07:33.0079 2068  i8042prt - ok
15:07:33.0123 2068  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:07:33.0127 2068  iaStor - ok
15:07:33.0164 2068  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:07:33.0170 2068  iaStorV - ok
15:07:33.0228 2068  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:07:33.0247 2068  idsvc - ok
15:07:33.0591 2068  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:07:33.0921 2068  igfx - ok
15:07:33.0946 2068  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:07:33.0947 2068  iirsp - ok
15:07:33.0989 2068  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:07:34.0001 2068  IKEEXT - ok
15:07:34.0072 2068  [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:07:34.0097 2068  IntcAzAudAddService - ok
15:07:34.0132 2068  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:07:34.0137 2068  IntcDAud - ok
15:07:34.0157 2068  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:07:34.0158 2068  intelide - ok
15:07:34.0183 2068  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:07:34.0184 2068  intelppm - ok
15:07:34.0220 2068  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:07:34.0222 2068  IPBusEnum - ok
15:07:34.0251 2068  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:07:34.0252 2068  IpFilterDriver - ok
15:07:34.0320 2068  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:07:34.0331 2068  iphlpsvc - ok
15:07:34.0369 2068  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:07:34.0371 2068  IPMIDRV - ok
15:07:34.0395 2068  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:07:34.0397 2068  IPNAT - ok
15:07:34.0488 2068  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:07:34.0498 2068  iPod Service - ok
15:07:34.0515 2068  iPodDrv - ok
15:07:34.0527 2068  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:07:34.0528 2068  IRENUM - ok
15:07:34.0542 2068  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:07:34.0542 2068  isapnp - ok
15:07:34.0586 2068  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:07:34.0591 2068  iScsiPrt - ok
15:07:34.0622 2068  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:07:34.0623 2068  kbdclass - ok
15:07:34.0657 2068  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:07:34.0658 2068  kbdhid - ok
15:07:34.0686 2068  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:07:34.0687 2068  kbfiltr - ok
15:07:34.0702 2068  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:07:34.0703 2068  KeyIso - ok
15:07:34.0738 2068  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:07:34.0740 2068  KSecDD - ok
15:07:34.0781 2068  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:07:34.0784 2068  KSecPkg - ok
15:07:34.0814 2068  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:07:34.0815 2068  ksthunk - ok
15:07:34.0845 2068  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:07:34.0852 2068  KtmRm - ok
15:07:34.0883 2068  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:07:34.0889 2068  LanmanServer - ok
15:07:34.0931 2068  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:07:34.0936 2068  LanmanWorkstation - ok
15:07:34.0984 2068  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:07:34.0985 2068  lirsgt - ok
15:07:34.0999 2068  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:07:35.0000 2068  lltdio - ok
15:07:35.0023 2068  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:07:35.0029 2068  lltdsvc - ok
15:07:35.0050 2068  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:07:35.0052 2068  lmhosts - ok
15:07:35.0069 2068  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:07:35.0071 2068  LSI_FC - ok
15:07:35.0091 2068  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:07:35.0092 2068  LSI_SAS - ok
15:07:35.0103 2068  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:07:35.0104 2068  LSI_SAS2 - ok
15:07:35.0117 2068  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:07:35.0118 2068  LSI_SCSI - ok
15:07:35.0142 2068  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:07:35.0145 2068  luafv - ok
15:07:35.0208 2068  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:07:35.0209 2068  MBAMProtector - ok
15:07:35.0311 2068  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:07:35.0318 2068  MBAMScheduler - ok
15:07:35.0362 2068  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:07:35.0371 2068  MBAMService - ok
15:07:35.0414 2068  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:07:35.0418 2068  Mcx2Svc - ok
15:07:35.0433 2068  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:07:35.0434 2068  megasas - ok
15:07:35.0460 2068  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:07:35.0465 2068  MegaSR - ok
15:07:35.0517 2068  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:07:35.0518 2068  MEIx64 - ok
15:07:35.0527 2068  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:07:35.0529 2068  MMCSS - ok
15:07:35.0600 2068  [ 6D4236D8B7BD6557B77FBF2AB001CAD4 ] mod7700         C:\Windows\system32\DRIVERS\dvb7700all.sys
15:07:35.0618 2068  mod7700 - ok
15:07:35.0648 2068  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:07:35.0649 2068  Modem - ok
15:07:35.0665 2068  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:07:35.0666 2068  monitor - ok
15:07:35.0678 2068  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:07:35.0679 2068  mouclass - ok
15:07:35.0694 2068  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:07:35.0695 2068  mouhid - ok
15:07:35.0737 2068  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:07:35.0739 2068  mountmgr - ok
15:07:35.0781 2068  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:07:35.0784 2068  MozillaMaintenance - ok
15:07:35.0849 2068  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:07:35.0853 2068  MpFilter - ok
15:07:35.0893 2068  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:07:35.0896 2068  mpio - ok
15:07:35.0922 2068  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:07:35.0923 2068  mpsdrv - ok
15:07:35.0973 2068  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:07:35.0989 2068  MpsSvc - ok
15:07:36.0028 2068  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:07:36.0031 2068  MRxDAV - ok
15:07:36.0070 2068  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:07:36.0074 2068  mrxsmb - ok
15:07:36.0092 2068  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:07:36.0096 2068  mrxsmb10 - ok
15:07:36.0137 2068  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:07:36.0139 2068  mrxsmb20 - ok
15:07:36.0168 2068  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:07:36.0169 2068  msahci - ok
15:07:36.0201 2068  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:07:36.0203 2068  msdsm - ok
15:07:36.0224 2068  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:07:36.0227 2068  MSDTC - ok
15:07:36.0243 2068  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:07:36.0244 2068  Msfs - ok
15:07:36.0257 2068  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:07:36.0258 2068  mshidkmdf - ok
15:07:36.0269 2068  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:07:36.0270 2068  msisadrv - ok
15:07:36.0302 2068  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:07:36.0306 2068  MSiSCSI - ok
15:07:36.0311 2068  msiserver - ok
15:07:36.0323 2068  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:07:36.0324 2068  MSKSSRV - ok
15:07:36.0412 2068  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:07:36.0413 2068  MsMpSvc - ok
15:07:36.0429 2068  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:07:36.0430 2068  MSPCLOCK - ok
15:07:36.0451 2068  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:07:36.0452 2068  MSPQM - ok
15:07:36.0493 2068  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:07:36.0499 2068  MsRPC - ok
15:07:36.0535 2068  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:07:36.0536 2068  mssmbios - ok
15:07:36.0637 2068  MSSQL$MYMOVIES - ok
15:07:36.0689 2068  [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:07:36.0690 2068  MSSQLServerADHelper - ok
15:07:36.0708 2068  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:07:36.0709 2068  MSTEE - ok
15:07:36.0722 2068  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:07:36.0724 2068  MTConfig - ok
15:07:36.0738 2068  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:07:36.0739 2068  Mup - ok
15:07:36.0788 2068  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:07:36.0796 2068  napagent - ok
15:07:36.0845 2068  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:07:36.0849 2068  NativeWifiP - ok
15:07:36.0904 2068  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:07:36.0934 2068  NDIS - ok
15:07:36.0950 2068  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:07:36.0951 2068  NdisCap - ok
15:07:36.0967 2068  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:07:36.0969 2068  NdisTapi - ok
15:07:37.0003 2068  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:07:37.0005 2068  Ndisuio - ok
15:07:37.0047 2068  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:07:37.0050 2068  NdisWan - ok
15:07:37.0082 2068  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:07:37.0084 2068  NDProxy - ok
15:07:37.0103 2068  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:07:37.0104 2068  NetBIOS - ok
15:07:37.0145 2068  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:07:37.0149 2068  NetBT - ok
15:07:37.0157 2068  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:07:37.0159 2068  Netlogon - ok
15:07:37.0186 2068  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:07:37.0193 2068  Netman - ok
15:07:37.0287 2068  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:07:37.0291 2068  NetMsmqActivator - ok
15:07:37.0298 2068  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:07:37.0300 2068  NetPipeActivator - ok
15:07:37.0338 2068  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:07:37.0346 2068  netprofm - ok
15:07:37.0352 2068  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:07:37.0354 2068  NetTcpActivator - ok
15:07:37.0359 2068  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:07:37.0361 2068  NetTcpPortSharing - ok
15:07:37.0384 2068  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:07:37.0386 2068  nfrd960 - ok
15:07:37.0453 2068  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:07:37.0455 2068  NisDrv - ok
15:07:37.0499 2068  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:07:37.0506 2068  NisSrv - ok
15:07:37.0594 2068  [ 0526356C6FABC0F0CE3BFB3039338BBE ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
15:07:37.0598 2068  NitroReaderDriverReadSpool2 - ok
15:07:37.0635 2068  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:07:37.0641 2068  NlaSvc - ok
15:07:37.0656 2068  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:07:37.0657 2068  Npfs - ok
15:07:37.0684 2068  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:07:37.0686 2068  nsi - ok
15:07:37.0691 2068  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:07:37.0693 2068  nsiproxy - ok
15:07:37.0768 2068  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:07:37.0812 2068  Ntfs - ok
15:07:37.0845 2068  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:07:37.0846 2068  Null - ok
15:07:38.0168 2068  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:07:38.0292 2068  nvlddmkm - ok
15:07:38.0366 2068  [ 715D45ED30003FC70CFA0D9C6DD0B538 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:07:38.0367 2068  nvpciflt - ok
15:07:38.0384 2068  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:07:38.0386 2068  nvraid - ok
15:07:38.0430 2068  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:07:38.0432 2068  nvstor - ok
15:07:38.0482 2068  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] NVSvc           C:\Windows\system32\nvvsvc.exe
15:07:38.0512 2068  NVSvc - ok
15:07:38.0628 2068  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:07:38.0658 2068  nvUpdatusService - ok
15:07:38.0694 2068  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:07:38.0697 2068  nv_agp - ok
15:07:38.0809 2068  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:07:38.0816 2068  odserv - ok
15:07:38.0853 2068  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:07:38.0855 2068  ohci1394 - ok
15:07:38.0882 2068  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:07:38.0885 2068  ose - ok
15:07:38.0915 2068  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:07:38.0921 2068  p2pimsvc - ok
15:07:38.0947 2068  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:07:38.0954 2068  p2psvc - ok
15:07:38.0974 2068  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:07:38.0977 2068  Parport - ok
15:07:39.0005 2068  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:07:39.0006 2068  partmgr - ok
15:07:39.0021 2068  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:07:39.0025 2068  PcaSvc - ok
15:07:39.0042 2068  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:07:39.0045 2068  pci - ok
15:07:39.0066 2068  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:07:39.0067 2068  pciide - ok
15:07:39.0100 2068  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:07:39.0104 2068  pcmcia - ok
15:07:39.0124 2068  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:07:39.0125 2068  pcw - ok
15:07:39.0156 2068  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:07:39.0166 2068  PEAUTH - ok
15:07:39.0258 2068  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:07:39.0260 2068  PerfHost - ok
15:07:39.0337 2068  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:07:39.0370 2068  pla - ok
15:07:39.0425 2068  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:07:39.0433 2068  PlugPlay - ok
15:07:39.0444 2068  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:07:39.0446 2068  PNRPAutoReg - ok
15:07:39.0471 2068  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:07:39.0476 2068  PNRPsvc - ok
15:07:39.0510 2068  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:07:39.0519 2068  PolicyAgent - ok
15:07:39.0556 2068  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:07:39.0561 2068  Power - ok
15:07:39.0622 2068  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:07:39.0623 2068  PptpMiniport - ok
15:07:39.0643 2068  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:07:39.0645 2068  Processor - ok
15:07:39.0685 2068  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:07:39.0690 2068  ProfSvc - ok
15:07:39.0701 2068  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:07:39.0703 2068  ProtectedStorage - ok
15:07:39.0746 2068  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:07:39.0749 2068  Psched - ok
15:07:39.0803 2068  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:07:39.0848 2068  ql2300 - ok
15:07:39.0868 2068  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:07:39.0869 2068  ql40xx - ok
15:07:39.0892 2068  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:07:39.0898 2068  QWAVE - ok
15:07:39.0916 2068  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:07:39.0917 2068  QWAVEdrv - ok
15:07:39.0929 2068  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:07:39.0930 2068  RasAcd - ok
15:07:39.0963 2068  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:07:39.0964 2068  RasAgileVpn - ok
15:07:39.0975 2068  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:07:39.0978 2068  RasAuto - ok
15:07:40.0018 2068  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:07:40.0021 2068  Rasl2tp - ok
15:07:40.0054 2068  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:07:40.0061 2068  RasMan - ok
15:07:40.0077 2068  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:07:40.0080 2068  RasPppoe - ok
15:07:40.0095 2068  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:07:40.0096 2068  RasSstp - ok
15:07:40.0112 2068  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:07:40.0117 2068  rdbss - ok
15:07:40.0130 2068  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:07:40.0131 2068  rdpbus - ok
15:07:40.0153 2068  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:07:40.0154 2068  RDPCDD - ok
15:07:40.0171 2068  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:07:40.0171 2068  RDPENCDD - ok
15:07:40.0188 2068  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:07:40.0189 2068  RDPREFMP - ok
15:07:40.0238 2068  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:07:40.0241 2068  RDPWD - ok
15:07:40.0278 2068  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:07:40.0282 2068  rdyboost - ok
15:07:40.0305 2068  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:07:40.0309 2068  RemoteAccess - ok
15:07:40.0335 2068  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:07:40.0340 2068  RemoteRegistry - ok
15:07:40.0353 2068  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:07:40.0356 2068  RpcEptMapper - ok
15:07:40.0380 2068  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:07:40.0382 2068  RpcLocator - ok
15:07:40.0426 2068  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:07:40.0434 2068  RpcSs - ok
15:07:40.0440 2068  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:07:40.0441 2068  rspndr - ok
15:07:40.0486 2068  [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
15:07:40.0491 2068  RSUSBVSTOR - ok
15:07:40.0550 2068  [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:07:40.0554 2068  RTL8167 - ok
15:07:40.0568 2068  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:07:40.0570 2068  SamSs - ok
15:07:40.0601 2068  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:07:40.0603 2068  sbp2port - ok
15:07:40.0625 2068  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:07:40.0630 2068  SCardSvr - ok
15:07:40.0655 2068  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:07:40.0656 2068  scfilter - ok
15:07:40.0711 2068  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:07:40.0747 2068  Schedule - ok
15:07:40.0785 2068  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:07:40.0787 2068  SCPolicySvc - ok
15:07:40.0818 2068  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:07:40.0822 2068  SDRSVC - ok
15:07:40.0854 2068  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:07:40.0855 2068  secdrv - ok
15:07:40.0884 2068  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:07:40.0887 2068  seclogon - ok
15:07:40.0904 2068  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:07:40.0908 2068  SENS - ok
15:07:40.0934 2068  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:07:40.0936 2068  SensrSvc - ok
15:07:40.0956 2068  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:07:40.0958 2068  Serenum - ok
15:07:40.0975 2068  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:07:40.0976 2068  Serial - ok
15:07:41.0012 2068  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:07:41.0013 2068  sermouse - ok
15:07:41.0051 2068  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:07:41.0054 2068  SessionEnv - ok
15:07:41.0088 2068  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:07:41.0089 2068  sffdisk - ok
15:07:41.0099 2068  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:07:41.0100 2068  sffp_mmc - ok
15:07:41.0117 2068  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:07:41.0117 2068  sffp_sd - ok
15:07:41.0125 2068  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:41.0125 2068  sfloppy - ok
15:07:41.0177 2068  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:07:41.0184 2068  SharedAccess - ok
15:07:41.0238 2068  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:41.0246 2068  ShellHWDetection - ok
15:07:41.0274 2068  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:41.0276 2068  SiSRaid2 - ok
15:07:41.0292 2068  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:41.0294 2068  SiSRaid4 - ok
15:07:41.0371 2068  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:07:41.0374 2068  SkypeUpdate - ok
15:07:41.0400 2068  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:07:41.0403 2068  Smb - ok
15:07:41.0427 2068  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:07:41.0430 2068  SNMPTRAP - ok
15:07:41.0438 2068  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:07:41.0440 2068  spldr - ok
15:07:41.0481 2068  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:07:41.0492 2068  Spooler - ok
15:07:41.0592 2068  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:07:41.0698 2068  sppsvc - ok
15:07:41.0724 2068  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:07:41.0727 2068  sppuinotify - ok
15:07:41.0748 2068  sptd - ok
15:07:41.0846 2068  [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:07:41.0851 2068  SQLBrowser - ok
15:07:41.0910 2068  [ D63FC56C7C3F9B576BC25F617E3F7963 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:07:41.0914 2068  SQLWriter - ok
15:07:41.0953 2068  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:07:41.0960 2068  srv - ok
15:07:42.0007 2068  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:07:42.0013 2068  srv2 - ok
15:07:42.0053 2068  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:07:42.0056 2068  srvnet - ok
15:07:42.0095 2068  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
15:07:42.0098 2068  ssadbus - ok
15:07:42.0126 2068  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:07:42.0127 2068  ssadmdfl - ok
15:07:42.0145 2068  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
15:07:42.0147 2068  ssadmdm - ok
15:07:42.0168 2068  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
15:07:42.0171 2068  ssadserd - ok
15:07:42.0217 2068  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:07:42.0222 2068  SSDPSRV - ok
15:07:42.0240 2068  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:07:42.0243 2068  SstpSvc - ok
15:07:42.0288 2068  [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:07:42.0292 2068  ssudmdm - ok
15:07:42.0326 2068  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:07:42.0327 2068  stexstor - ok
15:07:42.0371 2068  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:07:42.0381 2068  stisvc - ok
15:07:42.0416 2068  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:07:42.0417 2068  swenum - ok
15:07:42.0439 2068  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:07:42.0448 2068  swprv - ok
15:07:42.0523 2068  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:07:42.0569 2068  SysMain - ok
15:07:42.0611 2068  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:42.0615 2068  TabletInputService - ok
15:07:42.0652 2068  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:07:42.0659 2068  TapiSrv - ok
15:07:42.0676 2068  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:07:42.0679 2068  TBS - ok
15:07:42.0753 2068  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:07:42.0798 2068  Tcpip - ok
15:07:42.0840 2068  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:07:42.0857 2068  TCPIP6 - ok
15:07:42.0898 2068  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:07:42.0900 2068  tcpipreg - ok
15:07:42.0933 2068  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:07:42.0934 2068  TDPIPE - ok
15:07:42.0970 2068  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:07:42.0971 2068  TDTCP - ok
15:07:43.0027 2068  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:07:43.0029 2068  tdx - ok
15:07:43.0065 2068  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:07:43.0066 2068  TermDD - ok
15:07:43.0114 2068  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:07:43.0131 2068  TermService - ok
15:07:43.0153 2068  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:07:43.0155 2068  Themes - ok
15:07:43.0182 2068  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:07:43.0184 2068  THREADORDER - ok
15:07:43.0221 2068  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:07:43.0226 2068  TrkWks - ok
15:07:43.0295 2068  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:43.0299 2068  TrustedInstaller - ok
15:07:43.0339 2068  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:43.0341 2068  tssecsrv - ok
15:07:43.0397 2068  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:07:43.0399 2068  TsUsbFlt - ok
15:07:43.0432 2068  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:07:43.0435 2068  tunnel - ok
15:07:43.0455 2068  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:07:43.0456 2068  uagp35 - ok
15:07:43.0505 2068  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:07:43.0511 2068  udfs - ok
15:07:43.0535 2068  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:07:43.0538 2068  UI0Detect - ok
15:07:43.0558 2068  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:07:43.0560 2068  uliagpkx - ok
15:07:43.0594 2068  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:07:43.0596 2068  umbus - ok
15:07:43.0610 2068  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:07:43.0611 2068  UmPass - ok
15:07:43.0698 2068  [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:07:43.0699 2068  UnlockerDriver5 - ok
15:07:43.0727 2068  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:07:43.0735 2068  upnphost - ok
15:07:43.0783 2068  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:07:43.0785 2068  usbccgp - ok
15:07:43.0819 2068  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:07:43.0820 2068  usbcir - ok
15:07:43.0857 2068  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:07:43.0858 2068  usbehci - ok
15:07:43.0882 2068  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:07:43.0887 2068  usbhub - ok
15:07:43.0905 2068  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:07:43.0906 2068  usbohci - ok
15:07:43.0929 2068  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:07:43.0931 2068  usbprint - ok
15:07:43.0979 2068  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:07:43.0980 2068  usbscan - ok
15:07:44.0003 2068  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:07:44.0006 2068  USBSTOR - ok
15:07:44.0021 2068  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:07:44.0022 2068  usbuhci - ok
15:07:44.0060 2068  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:07:44.0063 2068  usbvideo - ok
15:07:44.0118 2068  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
15:07:44.0119 2068  usb_rndisx - ok
15:07:44.0140 2068  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:07:44.0143 2068  UxSms - ok
15:07:44.0156 2068  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:07:44.0158 2068  VaultSvc - ok
15:07:44.0178 2068  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
15:07:44.0179 2068  VClone - ok
15:07:44.0189 2068  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:07:44.0190 2068  vdrvroot - ok
15:07:44.0230 2068  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:07:44.0240 2068  vds - ok
15:07:44.0254 2068  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:44.0255 2068  vga - ok
15:07:44.0273 2068  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:07:44.0274 2068  VgaSave - ok
15:07:44.0298 2068  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:07:44.0302 2068  vhdmp - ok
15:07:44.0335 2068  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:07:44.0336 2068  viaide - ok
15:07:44.0452 2068  [ 1B0D441D8AB264D39C2B09130CC28045 ] VMCService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
15:07:44.0453 2068  VMCService - ok
15:07:44.0467 2068  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:07:44.0469 2068  volmgr - ok
15:07:44.0508 2068  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:07:44.0515 2068  volmgrx - ok
15:07:44.0534 2068  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:07:44.0539 2068  volsnap - ok
15:07:44.0558 2068  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:07:44.0561 2068  vsmraid - ok
15:07:44.0623 2068  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:07:44.0669 2068  VSS - ok
15:07:44.0685 2068  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:07:44.0686 2068  vwifibus - ok
15:07:44.0707 2068  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:07:44.0709 2068  vwififlt - ok
15:07:44.0733 2068  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:07:44.0741 2068  W32Time - ok
15:07:44.0764 2068  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:07:44.0766 2068  WacomPen - ok
15:07:44.0786 2068  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:07:44.0787 2068  WANARP - ok
15:07:44.0792 2068  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:07:44.0793 2068  Wanarpv6 - ok
15:07:44.0866 2068  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:07:44.0913 2068  wbengine - ok
15:07:44.0933 2068  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:07:44.0938 2068  WbioSrvc - ok
15:07:44.0987 2068  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:07:44.0995 2068  wcncsvc - ok
15:07:45.0005 2068  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:45.0008 2068  WcsPlugInService - ok
15:07:45.0021 2068  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:07:45.0022 2068  Wd - ok
15:07:45.0051 2068  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:07:45.0061 2068  Wdf01000 - ok
15:07:45.0073 2068  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:07:45.0077 2068  WdiServiceHost - ok
15:07:45.0082 2068  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:07:45.0085 2068  WdiSystemHost - ok
15:07:45.0116 2068  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:07:45.0122 2068  WebClient - ok
15:07:45.0138 2068  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:07:45.0144 2068  Wecsvc - ok
15:07:45.0155 2068  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:07:45.0159 2068  wercplsupport - ok
15:07:45.0170 2068  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:07:45.0174 2068  WerSvc - ok
15:07:45.0184 2068  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:07:45.0185 2068  WfpLwf - ok
15:07:45.0199 2068  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:07:45.0200 2068  WIMMount - ok
15:07:45.0218 2068  WinDefend - ok
15:07:45.0227 2068  WinHttpAutoProxySvc - ok
15:07:45.0283 2068  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:07:45.0289 2068  Winmgmt - ok
15:07:45.0369 2068  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:07:45.0425 2068  WinRM - ok
15:07:45.0482 2068  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:07:45.0484 2068  WinUsb - ok
15:07:45.0516 2068  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:07:45.0535 2068  Wlansvc - ok
15:07:45.0575 2068  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:07:45.0576 2068  WmiAcpi - ok
15:07:45.0596 2068  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:07:45.0600 2068  wmiApSrv - ok
15:07:45.0636 2068  WMPNetworkSvc - ok
15:07:45.0661 2068  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:07:45.0664 2068  WPCSvc - ok
15:07:45.0706 2068  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:07:45.0711 2068  WPDBusEnum - ok
15:07:45.0740 2068  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:07:45.0741 2068  ws2ifsl - ok
15:07:45.0756 2068  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:07:45.0761 2068  wscsvc - ok
15:07:45.0765 2068  WSearch - ok
15:07:45.0879 2068  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:07:45.0936 2068  wuauserv - ok
15:07:45.0978 2068  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:07:45.0980 2068  WudfPf - ok
15:07:46.0006 2068  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:07:46.0009 2068  WUDFRd - ok
15:07:46.0039 2068  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:07:46.0043 2068  wudfsvc - ok
15:07:46.0060 2068  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:07:46.0066 2068  WwanSvc - ok
15:07:46.0112 2068  X6va005 - ok
         
__________________

Geändert von s.weise (30.12.2012 um 17:48 Uhr)

Alt 30.12.2012, 17:46   #4
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



TDDS Logfile Teil 2

Code:
ATTFilter
15:07:46.0151 2068  ================ Scan global ===============================
15:07:46.0180 2068  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:07:46.0216 2068  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:07:46.0227 2068  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:07:46.0256 2068  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:07:46.0286 2068  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:07:46.0292 2068  [Global] - ok
15:07:46.0293 2068  ================ Scan MBR ==================================
15:07:46.0301 2068  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:07:46.0730 2068  \Device\Harddisk0\DR0 - ok
15:07:46.0731 2068  ================ Scan VBR ==================================
15:07:46.0735 2068  [ 669E4ACF63B456240AAE401BE97A9391 ] \Device\Harddisk0\DR0\Partition1
15:07:46.0738 2068  \Device\Harddisk0\DR0\Partition1 - ok
15:07:46.0769 2068  [ 3BE40802CD69F79E8EDF3404B4C23A37 ] \Device\Harddisk0\DR0\Partition2
15:07:46.0771 2068  \Device\Harddisk0\DR0\Partition2 - ok
15:07:46.0790 2068  [ 865533E12A2D3B1974908D8398EB680C ] \Device\Harddisk0\DR0\Partition3
15:07:46.0792 2068  \Device\Harddisk0\DR0\Partition3 - ok
15:07:46.0793 2068  ============================================================
15:07:46.0793 2068  Scan finished
15:07:46.0793 2068  ============================================================
15:07:46.0807 4132  Detected object count: 0
15:07:46.0807 4132  Actual detected object count: 0
15:08:32.0462 4116  ============================================================
15:08:32.0462 4116  Scan started
15:08:32.0462 4116  Mode: Manual; TDLFS; 
15:08:32.0462 4116  ============================================================
15:08:32.0826 4116  ================ Scan system memory ========================
15:08:32.0826 4116  System memory - ok
15:08:32.0827 4116  ================ Scan services =============================
15:08:33.0030 4116  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:08:33.0034 4116  1394ohci - ok
15:08:33.0071 4116  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:08:33.0074 4116  ACPI - ok
15:08:33.0106 4116  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:08:33.0107 4116  AcpiPmi - ok
15:08:33.0261 4116  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:08:33.0264 4116  AdobeFlashPlayerUpdateSvc - ok
15:08:33.0298 4116  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:08:33.0303 4116  adp94xx - ok
15:08:33.0323 4116  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:08:33.0326 4116  adpahci - ok
15:08:33.0344 4116  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:08:33.0346 4116  adpu320 - ok
15:08:33.0380 4116  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:08:33.0381 4116  AeLookupSvc - ok
15:08:33.0427 4116  [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:08:33.0431 4116  AFBAgent - ok
15:08:33.0476 4116  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:08:33.0481 4116  AFD - ok
15:08:33.0514 4116  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:08:33.0515 4116  agp440 - ok
15:08:33.0540 4116  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:08:33.0541 4116  ALG - ok
15:08:33.0562 4116  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:08:33.0563 4116  aliide - ok
15:08:33.0585 4116  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:08:33.0586 4116  amdide - ok
15:08:33.0600 4116  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:08:33.0601 4116  AmdK8 - ok
15:08:33.0606 4116  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:08:33.0607 4116  AmdPPM - ok
15:08:33.0628 4116  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:08:33.0629 4116  amdsata - ok
15:08:33.0644 4116  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:08:33.0646 4116  amdsbs - ok
15:08:33.0665 4116  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:08:33.0666 4116  amdxata - ok
15:08:33.0693 4116  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
15:08:33.0694 4116  androidusb - ok
15:08:33.0733 4116  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:08:33.0734 4116  AppID - ok
15:08:33.0754 4116  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:08:33.0755 4116  AppIDSvc - ok
15:08:33.0789 4116  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:08:33.0791 4116  Appinfo - ok
15:08:33.0896 4116  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:08:33.0898 4116  Apple Mobile Device - ok
15:08:33.0924 4116  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:08:33.0925 4116  arc - ok
15:08:33.0942 4116  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:08:33.0943 4116  arcsas - ok
15:08:33.0990 4116  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:08:33.0992 4116  ASLDRService - ok
15:08:34.0002 4116  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:08:34.0003 4116  ASMMAP64 - ok
15:08:34.0129 4116  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:08:34.0131 4116  aspnet_state - ok
15:08:34.0144 4116  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:08:34.0145 4116  AsyncMac - ok
15:08:34.0156 4116  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:08:34.0157 4116  atapi - ok
15:08:34.0257 4116  [ A5E770426D18F8EF332A593F3289DA91 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:08:34.0282 4116  athr - ok
15:08:34.0309 4116  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:08:34.0311 4116  ATKGFNEXSrv - ok
15:08:34.0355 4116  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:08:34.0359 4116  atksgt - ok
15:08:34.0372 4116  [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:08:34.0373 4116  ATKWMIACPIIO - ok
15:08:34.0423 4116  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:08:34.0430 4116  AudioEndpointBuilder - ok
15:08:34.0456 4116  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:08:34.0462 4116  AudioSrv - ok
15:08:34.0499 4116  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:08:34.0500 4116  AxInstSV - ok
15:08:34.0521 4116  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:08:34.0525 4116  b06bdrv - ok
15:08:34.0549 4116  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:08:34.0552 4116  b57nd60a - ok
15:08:34.0583 4116  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:08:34.0585 4116  BDESVC - ok
15:08:34.0597 4116  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:08:34.0597 4116  Beep - ok
15:08:34.0646 4116  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:08:34.0653 4116  BFE - ok
15:08:34.0708 4116  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:08:34.0718 4116  BITS - ok
15:08:34.0737 4116  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:08:34.0738 4116  blbdrive - ok
15:08:34.0777 4116  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:08:34.0781 4116  Bonjour Service - ok
15:08:34.0818 4116  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:08:34.0820 4116  bowser - ok
15:08:34.0825 4116  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:08:34.0826 4116  BrFiltLo - ok
15:08:34.0831 4116  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:08:34.0832 4116  BrFiltUp - ok
15:08:34.0866 4116  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:08:34.0868 4116  Browser - ok
15:08:34.0876 4116  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:08:34.0879 4116  Brserid - ok
15:08:34.0884 4116  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:08:34.0885 4116  BrSerWdm - ok
15:08:34.0890 4116  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:08:34.0890 4116  BrUsbMdm - ok
15:08:34.0896 4116  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:08:34.0897 4116  BrUsbSer - ok
15:08:34.0970 4116  [ A9C4AEE6AC10D41BB815468D2E734045 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
15:08:34.0975 4116  BstHdAndroidSvc - ok
15:08:35.0004 4116  [ EAE75499461AE856330EBDB3489DB1E9 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
15:08:35.0005 4116  BstHdDrv - ok
15:08:35.0034 4116  [ CD96992A52B454CDBB77E56F9F7FA151 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:08:35.0038 4116  BstHdLogRotatorSvc - ok
15:08:35.0052 4116  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:08:35.0053 4116  BTHMODEM - ok
15:08:35.0070 4116  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:08:35.0072 4116  bthserv - ok
15:08:35.0086 4116  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:08:35.0087 4116  cdfs - ok
15:08:35.0124 4116  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:08:35.0126 4116  cdrom - ok
15:08:35.0162 4116  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:08:35.0164 4116  CertPropSvc - ok
15:08:35.0169 4116  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:08:35.0170 4116  circlass - ok
15:08:35.0191 4116  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:08:35.0195 4116  CLFS - ok
15:08:35.0244 4116  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:08:35.0245 4116  clr_optimization_v2.0.50727_32 - ok
15:08:35.0280 4116  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:08:35.0281 4116  clr_optimization_v2.0.50727_64 - ok
15:08:35.0360 4116  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:08:35.0362 4116  clr_optimization_v4.0.30319_32 - ok
15:08:35.0387 4116  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:08:35.0389 4116  clr_optimization_v4.0.30319_64 - ok
15:08:35.0403 4116  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:08:35.0403 4116  CmBatt - ok
15:08:35.0433 4116  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:08:35.0434 4116  cmdide - ok
15:08:35.0478 4116  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:08:35.0483 4116  CNG - ok
15:08:35.0498 4116  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:08:35.0498 4116  Compbatt - ok
15:08:35.0531 4116  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:08:35.0532 4116  CompositeBus - ok
15:08:35.0536 4116  COMSysApp - ok
15:08:35.0659 4116  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:08:35.0663 4116  cphs - ok
15:08:35.0683 4116  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:08:35.0684 4116  crcdisk - ok
15:08:35.0732 4116  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:08:35.0735 4116  CryptSvc - ok
15:08:35.0792 4116  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:08:35.0799 4116  DcomLaunch - ok
15:08:35.0830 4116  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:08:35.0833 4116  defragsvc - ok
15:08:35.0870 4116  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:08:35.0871 4116  DfsC - ok
15:08:35.0897 4116  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:08:35.0899 4116  dg_ssudbus - ok
15:08:35.0932 4116  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:08:35.0936 4116  Dhcp - ok
15:08:35.0947 4116  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:08:35.0948 4116  discache - ok
15:08:35.0966 4116  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:08:35.0967 4116  Disk - ok
15:08:35.0998 4116  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:08:36.0001 4116  Dnscache - ok
15:08:36.0046 4116  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:08:36.0050 4116  dot3svc - ok
15:08:36.0083 4116  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:08:36.0086 4116  DPS - ok
15:08:36.0108 4116  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:08:36.0108 4116  drmkaud - ok
15:08:36.0160 4116  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:08:36.0169 4116  DXGKrnl - ok
15:08:36.0185 4116  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:08:36.0187 4116  EapHost - ok
15:08:36.0277 4116  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:08:36.0306 4116  ebdrv - ok
15:08:36.0333 4116  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:08:36.0335 4116  EFS - ok
15:08:36.0398 4116  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:08:36.0404 4116  ehRecvr - ok
15:08:36.0429 4116  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:08:36.0430 4116  ehSched - ok
15:08:36.0460 4116  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
15:08:36.0461 4116  ElbyCDIO - ok
15:08:36.0493 4116  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:08:36.0498 4116  elxstor - ok
15:08:36.0537 4116  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:08:36.0538 4116  ErrDev - ok
15:08:36.0583 4116  [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:08:36.0584 4116  ETD - ok
15:08:36.0615 4116  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:08:36.0619 4116  EventSystem - ok
15:08:36.0655 4116  [ 251AF86E0A4DDF3A6B181ED5103B06B1 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
15:08:36.0657 4116  ewusbnet - ok
15:08:36.0665 4116  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:08:36.0667 4116  exfat - ok
15:08:36.0686 4116  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:08:36.0688 4116  fastfat - ok
15:08:36.0741 4116  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:08:36.0748 4116  Fax - ok
15:08:36.0753 4116  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:08:36.0754 4116  fdc - ok
15:08:36.0772 4116  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:08:36.0773 4116  fdPHost - ok
15:08:36.0786 4116  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:08:36.0787 4116  FDResPub - ok
15:08:36.0799 4116  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:08:36.0800 4116  FileInfo - ok
15:08:36.0817 4116  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:08:36.0818 4116  Filetrace - ok
15:08:36.0822 4116  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:08:36.0823 4116  flpydisk - ok
15:08:36.0858 4116  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:08:36.0861 4116  FltMgr - ok
15:08:36.0908 4116  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
15:08:36.0919 4116  FontCache - ok
15:08:36.0964 4116  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:08:36.0965 4116  FontCache3.0.0.0 - ok
15:08:36.0982 4116  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:08:36.0982 4116  FsDepends - ok
15:08:37.0011 4116  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:08:37.0012 4116  Fs_Rec - ok
15:08:37.0041 4116  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:08:37.0044 4116  fvevol - ok
15:08:37.0064 4116  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:08:37.0065 4116  gagp30kx - ok
15:08:37.0096 4116  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:08:37.0097 4116  GEARAspiWDM - ok
15:08:37.0127 4116  [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
15:08:37.0127 4116  ggflt - ok
15:08:37.0164 4116  [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
15:08:37.0165 4116  ggsemc - ok
15:08:37.0216 4116  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:08:37.0224 4116  gpsvc - ok
15:08:37.0303 4116  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:08:37.0306 4116  gupdate - ok
15:08:37.0313 4116  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:08:37.0315 4116  gupdatem - ok
15:08:37.0326 4116  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:08:37.0327 4116  hcw85cir - ok
15:08:37.0370 4116  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:08:37.0374 4116  HdAudAddService - ok
15:08:37.0398 4116  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:08:37.0400 4116  HDAudBus - ok
15:08:37.0404 4116  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:08:37.0405 4116  HidBatt - ok
15:08:37.0423 4116  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:08:37.0424 4116  HidBth - ok
15:08:37.0431 4116  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:08:37.0432 4116  HidIr - ok
15:08:37.0466 4116  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:08:37.0468 4116  hidserv - ok
15:08:37.0479 4116  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:08:37.0480 4116  HidUsb - ok
15:08:37.0514 4116  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:08:37.0516 4116  hkmsvc - ok
15:08:37.0558 4116  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:08:37.0562 4116  HomeGroupListener - ok
15:08:37.0577 4116  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:08:37.0580 4116  HomeGroupProvider - ok
15:08:37.0597 4116  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:08:37.0598 4116  HpSAMD - ok
15:08:37.0652 4116  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:08:37.0660 4116  HTTP - ok
15:08:37.0695 4116  [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:08:37.0696 4116  hwdatacard - ok
15:08:37.0729 4116  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:08:37.0730 4116  hwpolicy - ok
15:08:37.0765 4116  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:08:37.0767 4116  i8042prt - ok
15:08:37.0811 4116  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:08:37.0816 4116  iaStor - ok
15:08:37.0862 4116  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:08:37.0866 4116  iaStorV - ok
15:08:37.0915 4116  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:08:37.0923 4116  idsvc - ok
15:08:38.0268 4116  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:08:38.0396 4116  igfx - ok
15:08:38.0423 4116  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:08:38.0424 4116  iirsp - ok
15:08:38.0467 4116  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:08:38.0476 4116  IKEEXT - ok
15:08:38.0549 4116  [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:08:38.0573 4116  IntcAzAudAddService - ok
15:08:38.0609 4116  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:08:38.0613 4116  IntcDAud - ok
15:08:38.0634 4116  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:08:38.0635 4116  intelide - ok
15:08:38.0649 4116  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:08:38.0650 4116  intelppm - ok
15:08:38.0686 4116  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:08:38.0688 4116  IPBusEnum - ok
15:08:38.0717 4116  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:08:38.0718 4116  IpFilterDriver - ok
15:08:38.0764 4116  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:08:38.0771 4116  iphlpsvc - ok
15:08:38.0791 4116  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:08:38.0792 4116  IPMIDRV - ok
15:08:38.0817 4116  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:08:38.0818 4116  IPNAT - ok
15:08:38.0898 4116  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:08:38.0905 4116  iPod Service - ok
15:08:38.0910 4116  iPodDrv - ok
15:08:38.0949 4116  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:08:38.0950 4116  IRENUM - ok
15:08:38.0963 4116  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:08:38.0964 4116  isapnp - ok
15:08:38.0985 4116  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:08:38.0988 4116  iScsiPrt - ok
15:08:39.0022 4116  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:08:39.0023 4116  kbdclass - ok
15:08:39.0045 4116  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:08:39.0046 4116  kbdhid - ok
15:08:39.0074 4116  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:08:39.0075 4116  kbfiltr - ok
15:08:39.0090 4116  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:08:39.0092 4116  KeyIso - ok
15:08:39.0127 4116  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:08:39.0128 4116  KSecDD - ok
15:08:39.0169 4116  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:08:39.0171 4116  KSecPkg - ok
15:08:39.0202 4116  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:08:39.0203 4116  ksthunk - ok
15:08:39.0233 4116  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:08:39.0238 4116  KtmRm - ok
15:08:39.0260 4116  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:08:39.0265 4116  LanmanServer - ok
15:08:39.0308 4116  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:08:39.0312 4116  LanmanWorkstation - ok
15:08:39.0350 4116  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:08:39.0351 4116  lirsgt - ok
15:08:39.0365 4116  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:08:39.0366 4116  lltdio - ok
15:08:39.0389 4116  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:08:39.0393 4116  lltdsvc - ok
15:08:39.0416 4116  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:08:39.0418 4116  lmhosts - ok
15:08:39.0435 4116  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:08:39.0437 4116  LSI_FC - ok
15:08:39.0457 4116  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:08:39.0458 4116  LSI_SAS - ok
15:08:39.0469 4116  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:08:39.0470 4116  LSI_SAS2 - ok
15:08:39.0483 4116  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:08:39.0485 4116  LSI_SCSI - ok
15:08:39.0508 4116  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:08:39.0510 4116  luafv - ok
15:08:39.0541 4116  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:08:39.0542 4116  MBAMProtector - ok
15:08:39.0609 4116  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:08:39.0613 4116  MBAMScheduler - ok
15:08:39.0662 4116  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:08:39.0670 4116  MBAMService - ok
15:08:39.0691 4116  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:08:39.0694 4116  Mcx2Svc - ok
15:08:39.0710 4116  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:08:39.0711 4116  megasas - ok
15:08:39.0737 4116  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:08:39.0740 4116  MegaSR - ok
15:08:39.0772 4116  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:08:39.0773 4116  MEIx64 - ok
15:08:39.0815 4116  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:08:39.0817 4116  MMCSS - ok
15:08:39.0865 4116  [ 6D4236D8B7BD6557B77FBF2AB001CAD4 ] mod7700         C:\Windows\system32\DRIVERS\dvb7700all.sys
15:08:39.0872 4116  mod7700 - ok
15:08:39.0892 4116  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:08:39.0893 4116  Modem - ok
15:08:39.0909 4116  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:08:39.0910 4116  monitor - ok
15:08:39.0922 4116  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:08:39.0923 4116  mouclass - ok
15:08:39.0937 4116  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:08:39.0938 4116  mouhid - ok
15:08:39.0981 4116  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:08:39.0982 4116  mountmgr - ok
15:08:40.0013 4116  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:08:40.0015 4116  MozillaMaintenance - ok
15:08:40.0048 4116  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:08:40.0051 4116  MpFilter - ok
15:08:40.0093 4116  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:08:40.0095 4116  mpio - ok
15:08:40.0110 4116  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:08:40.0111 4116  mpsdrv - ok
15:08:40.0162 4116  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:08:40.0171 4116  MpsSvc - ok
15:08:40.0217 4116  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:08:40.0219 4116  MRxDAV - ok
15:08:40.0258 4116  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:08:40.0260 4116  mrxsmb - ok
15:08:40.0281 4116  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:08:40.0284 4116  mrxsmb10 - ok
15:08:40.0325 4116  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:08:40.0327 4116  mrxsmb20 - ok
15:08:40.0357 4116  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:08:40.0358 4116  msahci - ok
15:08:40.0389 4116  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:08:40.0391 4116  msdsm - ok
15:08:40.0412 4116  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:08:40.0415 4116  MSDTC - ok
15:08:40.0431 4116  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:08:40.0432 4116  Msfs - ok
15:08:40.0446 4116  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:08:40.0446 4116  mshidkmdf - ok
15:08:40.0457 4116  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:08:40.0458 4116  msisadrv - ok
15:08:40.0490 4116  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:08:40.0493 4116  MSiSCSI - ok
15:08:40.0497 4116  msiserver - ok
15:08:40.0512 4116  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:08:40.0512 4116  MSKSSRV - ok
15:08:40.0578 4116  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:08:40.0579 4116  MsMpSvc - ok
15:08:40.0595 4116  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:08:40.0596 4116  MSPCLOCK - ok
15:08:40.0618 4116  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:08:40.0618 4116  MSPQM - ok
15:08:40.0659 4116  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:08:40.0662 4116  MsRPC - ok
15:08:40.0701 4116  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:08:40.0702 4116  mssmbios - ok
15:08:40.0792 4116  MSSQL$MYMOVIES - ok
15:08:40.0844 4116  [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:08:40.0845 4116  MSSQLServerADHelper - ok
15:08:40.0863 4116  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:08:40.0864 4116  MSTEE - ok
15:08:40.0877 4116  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:08:40.0878 4116  MTConfig - ok
15:08:40.0893 4116  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:08:40.0894 4116  Mup - ok
15:08:40.0943 4116  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:08:40.0949 4116  napagent - ok
15:08:40.0967 4116  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:08:40.0970 4116  NativeWifiP - ok
15:08:41.0025 4116  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:08:41.0033 4116  NDIS - ok
15:08:41.0049 4116  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:08:41.0050 4116  NdisCap - ok
15:08:41.0067 4116  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:08:41.0068 4116  NdisTapi - ok
15:08:41.0102 4116  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:08:41.0103 4116  Ndisuio - ok
15:08:41.0146 4116  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:08:41.0149 4116  NdisWan - ok
15:08:41.0182 4116  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:08:41.0183 4116  NDProxy - ok
15:08:41.0202 4116  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:08:41.0203 4116  NetBIOS - ok
15:08:41.0244 4116  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:08:41.0247 4116  NetBT - ok
15:08:41.0257 4116  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:08:41.0258 4116  Netlogon - ok
15:08:41.0286 4116  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:08:41.0291 4116  Netman - ok
15:08:41.0375 4116  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:08:41.0378 4116  NetMsmqActivator - ok
15:08:41.0384 4116  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:08:41.0387 4116  NetPipeActivator - ok
15:08:41.0415 4116  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:08:41.0421 4116  netprofm - ok
15:08:41.0426 4116  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:08:41.0428 4116  NetTcpActivator - ok
15:08:41.0433 4116  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:08:41.0435 4116  NetTcpPortSharing - ok
15:08:41.0450 4116  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:08:41.0451 4116  nfrd960 - ok
15:08:41.0497 4116  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:08:41.0498 4116  NisDrv - ok
15:08:41.0532 4116  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:08:41.0536 4116  NisSrv - ok
15:08:41.0639 4116  [ 0526356C6FABC0F0CE3BFB3039338BBE ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
15:08:41.0643 4116  NitroReaderDriverReadSpool2 - ok
15:08:41.0678 4116  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:08:41.0683 4116  NlaSvc - ok
15:08:41.0700 4116  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:08:41.0701 4116  Npfs - ok
15:08:41.0728 4116  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:08:41.0731 4116  nsi - ok
15:08:41.0736 4116  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:08:41.0736 4116  nsiproxy - ok
15:08:41.0810 4116  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:08:41.0824 4116  Ntfs - ok
15:08:41.0867 4116  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:08:41.0867 4116  Null - ok
15:08:42.0189 4116  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:08:42.0310 4116  nvlddmkm - ok
15:08:42.0388 4116  [ 715D45ED30003FC70CFA0D9C6DD0B538 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:08:42.0389 4116  nvpciflt - ok
15:08:42.0406 4116  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:08:42.0408 4116  nvraid - ok
15:08:42.0452 4116  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:08:42.0454 4116  nvstor - ok
15:08:42.0503 4116  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] NVSvc           C:\Windows\system32\nvvsvc.exe
15:08:42.0512 4116  NVSvc - ok
15:08:42.0618 4116  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:08:42.0630 4116  nvUpdatusService - ok
15:08:42.0649 4116  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:08:42.0651 4116  nv_agp - ok
15:08:42.0729 4116  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:08:42.0734 4116  odserv - ok
15:08:42.0764 4116  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:08:42.0765 4116  ohci1394 - ok
15:08:42.0792 4116  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:08:42.0794 4116  ose - ok
15:08:42.0837 4116  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:08:42.0843 4116  p2pimsvc - ok
15:08:42.0869 4116  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:08:42.0874 4116  p2psvc - ok
15:08:42.0907 4116  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:08:42.0909 4116  Parport - ok
15:08:42.0938 4116  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:08:42.0939 4116  partmgr - ok
15:08:42.0953 4116  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:08:42.0957 4116  PcaSvc - ok
15:08:42.0997 4116  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:08:42.0999 4116  pci - ok
15:08:43.0032 4116  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:08:43.0033 4116  pciide - ok
15:08:43.0055 4116  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:08:43.0057 4116  pcmcia - ok
15:08:43.0079 4116  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:08:43.0080 4116  pcw - ok
15:08:43.0111 4116  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:08:43.0117 4116  PEAUTH - ok
15:08:43.0201 4116  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:08:43.0204 4116  PerfHost - ok
15:08:43.0268 4116  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:08:43.0281 4116  pla - ok
15:08:43.0335 4116  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:08:43.0341 4116  PlugPlay - ok
15:08:43.0355 4116  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:08:43.0357 4116  PNRPAutoReg - ok
15:08:43.0382 4116  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:08:43.0386 4116  PNRPsvc - ok
15:08:43.0421 4116  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:08:43.0426 4116  PolicyAgent - ok
15:08:43.0467 4116  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:08:43.0471 4116  Power - ok
15:08:43.0510 4116  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:08:43.0511 4116  PptpMiniport - ok
15:08:43.0532 4116  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:08:43.0533 4116  Processor - ok
15:08:43.0572 4116  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:08:43.0576 4116  ProfSvc - ok
15:08:43.0590 4116  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:08:43.0592 4116  ProtectedStorage - ok
15:08:43.0623 4116  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:08:43.0625 4116  Psched - ok
15:08:43.0678 4116  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:08:43.0691 4116  ql2300 - ok
15:08:43.0722 4116  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:08:43.0724 4116  ql40xx - ok
15:08:43.0747 4116  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:08:43.0751 4116  QWAVE - ok
15:08:43.0771 4116  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:08:43.0772 4116  QWAVEdrv - ok
15:08:43.0784 4116  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:08:43.0785 4116  RasAcd - ok
15:08:43.0818 4116  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:08:43.0819 4116  RasAgileVpn - ok
15:08:43.0829 4116  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:08:43.0832 4116  RasAuto - ok
15:08:43.0873 4116  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:08:43.0875 4116  Rasl2tp - ok
15:08:43.0909 4116  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:08:43.0914 4116  RasMan - ok
15:08:43.0932 4116  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:08:43.0934 4116  RasPppoe - ok
15:08:43.0950 4116  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:08:43.0951 4116  RasSstp - ok
15:08:43.0989 4116  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:08:43.0992 4116  rdbss - ok
15:08:44.0007 4116  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:08:44.0008 4116  rdpbus - ok
15:08:44.0030 4116  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:08:44.0031 4116  RDPCDD - ok
15:08:44.0048 4116  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:08:44.0048 4116  RDPENCDD - ok
15:08:44.0066 4116  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:08:44.0066 4116  RDPREFMP - ok
15:08:44.0115 4116  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:08:44.0117 4116  RDPWD - ok
15:08:44.0155 4116  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:08:44.0158 4116  rdyboost - ok
15:08:44.0183 4116  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:08:44.0185 4116  RemoteAccess - ok
15:08:44.0212 4116  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:08:44.0216 4116  RemoteRegistry - ok
15:08:44.0230 4116  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:08:44.0233 4116  RpcEptMapper - ok
15:08:44.0257 4116  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:08:44.0259 4116  RpcLocator - ok
15:08:44.0313 4116  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:08:44.0320 4116  RpcSs - ok
15:08:44.0325 4116  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:08:44.0326 4116  rspndr - ok
15:08:44.0374 4116  [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
15:08:44.0376 4116  RSUSBVSTOR - ok
15:08:44.0416 4116  [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:08:44.0420 4116  RTL8167 - ok
15:08:44.0434 4116  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:08:44.0436 4116  SamSs - ok
15:08:44.0467 4116  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:08:44.0469 4116  sbp2port - ok
15:08:44.0491 4116  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:08:44.0494 4116  SCardSvr - ok
15:08:44.0521 4116  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:08:44.0522 4116  scfilter - ok
15:08:44.0577 4116  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:08:44.0589 4116  Schedule - ok
15:08:44.0651 4116  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:08:44.0653 4116  SCPolicySvc - ok
15:08:44.0684 4116  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:08:44.0688 4116  SDRSVC - ok
15:08:44.0709 4116  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:08:44.0710 4116  secdrv - ok
15:08:44.0739 4116  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:08:44.0742 4116  seclogon - ok
15:08:44.0770 4116  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:08:44.0773 4116  SENS - ok
15:08:44.0789 4116  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:08:44.0791 4116  SensrSvc - ok
15:08:44.0811 4116  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:08:44.0812 4116  Serenum - ok
15:08:44.0830 4116  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:08:44.0831 4116  Serial - ok
15:08:44.0867 4116  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:08:44.0868 4116  sermouse - ok
15:08:44.0906 4116  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:08:44.0909 4116  SessionEnv - ok
15:08:44.0943 4116  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:08:44.0944 4116  sffdisk - ok
15:08:44.0954 4116  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:08:44.0955 4116  sffp_mmc - ok
15:08:44.0972 4116  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:08:44.0972 4116  sffp_sd - ok
15:08:44.0977 4116  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:08:44.0978 4116  sfloppy - ok
15:08:45.0021 4116  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:08:45.0026 4116  SharedAccess - ok
15:08:45.0059 4116  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:08:45.0065 4116  ShellHWDetection - ok
15:08:45.0084 4116  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:08:45.0085 4116  SiSRaid2 - ok
15:08:45.0103 4116  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:08:45.0104 4116  SiSRaid4 - ok
15:08:45.0137 4116  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:08:45.0139 4116  SkypeUpdate - ok
15:08:45.0155 4116  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:08:45.0157 4116  Smb - ok
15:08:45.0182 4116  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:08:45.0184 4116  SNMPTRAP - ok
15:08:45.0194 4116  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:08:45.0194 4116  spldr - ok
15:08:45.0236 4116  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:08:45.0244 4116  Spooler - ok
15:08:45.0346 4116  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:08:45.0378 4116  sppsvc - ok
15:08:45.0402 4116  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:08:45.0405 4116  sppuinotify - ok
15:08:45.0408 4116  sptd - ok
15:08:45.0500 4116  [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:08:45.0504 4116  SQLBrowser - ok
15:08:45.0543 4116  [ D63FC56C7C3F9B576BC25F617E3F7963 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:08:45.0545 4116  SQLWriter - ok
15:08:45.0598 4116  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:08:45.0603 4116  srv - ok
15:08:45.0651 4116  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:08:45.0655 4116  srv2 - ok
15:08:45.0697 4116  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:08:45.0699 4116  srvnet - ok
15:08:45.0727 4116  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
15:08:45.0729 4116  ssadbus - ok
15:08:45.0759 4116  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:08:45.0760 4116  ssadmdfl - ok
15:08:45.0800 4116  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
15:08:45.0802 4116  ssadmdm - ok
15:08:45.0824 4116  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
15:08:45.0825 4116  ssadserd - ok
15:08:45.0850 4116  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:08:45.0854 4116  SSDPSRV - ok
15:08:45.0873 4116  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:08:45.0876 4116  SstpSvc - ok
15:08:45.0910 4116  [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:08:45.0912 4116  ssudmdm - ok
15:08:45.0926 4116  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:08:45.0927 4116  stexstor - ok
15:08:45.0970 4116  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:08:45.0978 4116  stisvc - ok
15:08:46.0016 4116  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:08:46.0017 4116  swenum - ok
15:08:46.0039 4116  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:08:46.0045 4116  swprv - ok
15:08:46.0123 4116  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:08:46.0140 4116  SysMain - ok
15:08:46.0178 4116  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:08:46.0181 4116  TabletInputService - ok
15:08:46.0219 4116  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:08:46.0224 4116  TapiSrv - ok
15:08:46.0242 4116  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:08:46.0245 4116  TBS - ok
15:08:46.0321 4116  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:08:46.0337 4116  Tcpip - ok
15:08:46.0398 4116  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:08:46.0414 4116  TCPIP6 - ok
15:08:46.0453 4116  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:08:46.0454 4116  tcpipreg - ok
15:08:46.0477 4116  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:08:46.0478 4116  TDPIPE - ok
15:08:46.0514 4116  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:08:46.0515 4116  TDTCP - ok
15:08:46.0560 4116  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:08:46.0561 4116  tdx - ok
15:08:46.0575 4116  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:08:46.0576 4116  TermDD - ok
15:08:46.0623 4116  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:08:46.0632 4116  TermService - ok
15:08:46.0652 4116  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:08:46.0655 4116  Themes - ok
15:08:46.0681 4116  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:08:46.0683 4116  THREADORDER - ok
15:08:46.0698 4116  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:08:46.0702 4116  TrkWks - ok
15:08:46.0760 4116  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:08:46.0762 4116  TrustedInstaller - ok
15:08:46.0794 4116  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:08:46.0795 4116  tssecsrv - ok
15:08:46.0819 4116  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:08:46.0820 4116  TsUsbFlt - ok
15:08:46.0854 4116  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:08:46.0856 4116  tunnel - ok
15:08:46.0876 4116  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:08:46.0877 4116  uagp35 - ok
15:08:46.0916 4116  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:08:46.0920 4116  udfs - ok
15:08:46.0945 4116  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:08:46.0948 4116  UI0Detect - ok
15:08:46.0969 4116  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:08:46.0970 4116  uliagpkx - ok
15:08:47.0005 4116  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:08:47.0006 4116  umbus - ok
15:08:47.0021 4116  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:08:47.0021 4116  UmPass - ok
15:08:47.0087 4116  [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:08:47.0087 4116  UnlockerDriver5 - ok
15:08:47.0127 4116  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:08:47.0132 4116  upnphost - ok
15:08:47.0149 4116  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:08:47.0151 4116  usbccgp - ok
15:08:47.0185 4116  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:08:47.0186 4116  usbcir - ok
15:08:47.0223 4116  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:08:47.0224 4116  usbehci - ok
15:08:47.0248 4116  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:08:47.0252 4116  usbhub - ok
15:08:47.0271 4116  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:08:47.0272 4116  usbohci - ok
15:08:47.0295 4116  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:08:47.0296 4116  usbprint - ok
15:08:47.0334 4116  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:08:47.0335 4116  usbscan - ok
15:08:47.0358 4116  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:08:47.0359 4116  USBSTOR - ok
15:08:47.0376 4116  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:08:47.0377 4116  usbuhci - ok
15:08:47.0393 4116  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:08:47.0395 4116  usbvideo - ok
15:08:47.0429 4116  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
15:08:47.0430 4116  usb_rndisx - ok
15:08:47.0451 4116  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:08:47.0454 4116  UxSms - ok
15:08:47.0467 4116  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:08:47.0469 4116  VaultSvc - ok
15:08:47.0488 4116  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
15:08:47.0489 4116  VClone - ok
15:08:47.0500 4116  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:08:47.0500 4116  vdrvroot - ok
15:08:47.0553 4116  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:08:47.0569 4116  vds - ok
15:08:47.0609 4116  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:08:47.0610 4116  vga - ok
15:08:47.0628 4116  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:08:47.0629 4116  VgaSave - ok
15:08:47.0653 4116  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:08:47.0656 4116  vhdmp - ok
15:08:47.0690 4116  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:08:47.0691 4116  viaide - ok
15:08:47.0785 4116  [ 1B0D441D8AB264D39C2B09130CC28045 ] VMCService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
15:08:47.0785 4116  VMCService - ok
15:08:47.0800 4116  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:08:47.0801 4116  volmgr - ok
15:08:47.0841 4116  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:08:47.0845 4116  volmgrx - ok
15:08:47.0867 4116  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:08:47.0870 4116  volsnap - ok
15:08:47.0891 4116  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:08:47.0893 4116  vsmraid - ok
15:08:47.0956 4116  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:08:47.0972 4116  VSS - ok
15:08:48.0007 4116  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:08:48.0008 4116  vwifibus - ok
15:08:48.0018 4116  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:08:48.0019 4116  vwififlt - ok
15:08:48.0043 4116  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:08:48.0049 4116  W32Time - ok
15:08:48.0064 4116  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:08:48.0065 4116  WacomPen - ok
15:08:48.0085 4116  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:08:48.0087 4116  WANARP - ok
15:08:48.0091 4116  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:08:48.0093 4116  Wanarpv6 - ok
15:08:48.0169 4116  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:08:48.0185 4116  wbengine - ok
15:08:48.0199 4116  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:08:48.0203 4116  WbioSrvc - ok
15:08:48.0253 4116  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:08:48.0259 4116  wcncsvc - ok
15:08:48.0271 4116  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:08:48.0274 4116  WcsPlugInService - ok
15:08:48.0288 4116  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:08:48.0289 4116  Wd - ok
15:08:48.0317 4116  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:08:48.0323 4116  Wdf01000 - ok
15:08:48.0340 4116  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:08:48.0343 4116  WdiServiceHost - ok
15:08:48.0348 4116  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:08:48.0351 4116  WdiSystemHost - ok
15:08:48.0382 4116  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:08:48.0387 4116  WebClient - ok
15:08:48.0404 4116  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:08:48.0409 4116  Wecsvc - ok
15:08:48.0422 4116  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:08:48.0425 4116  wercplsupport - ok
15:08:48.0436 4116  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:08:48.0439 4116  WerSvc - ok
15:08:48.0450 4116  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:08:48.0451 4116  WfpLwf - ok
15:08:48.0466 4116  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:08:48.0466 4116  WIMMount - ok
15:08:48.0484 4116  WinDefend - ok
15:08:48.0493 4116  WinHttpAutoProxySvc - ok
15:08:48.0549 4116  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:08:48.0552 4116  Winmgmt - ok
15:08:48.0614 4116  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:08:48.0633 4116  WinRM - ok
15:08:48.0671 4116  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:08:48.0672 4116  WinUsb - ok
15:08:48.0705 4116  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:08:48.0715 4116  Wlansvc - ok
15:08:48.0741 4116  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:08:48.0742 4116  WmiAcpi - ok
15:08:48.0763 4116  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:08:48.0765 4116  wmiApSrv - ok
15:08:48.0780 4116  WMPNetworkSvc - ok
15:08:48.0794 4116  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:08:48.0796 4116  WPCSvc - ok
15:08:48.0803 4116  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:08:48.0806 4116  WPDBusEnum - ok
15:08:48.0818 4116  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:08:48.0819 4116  ws2ifsl - ok
15:08:48.0833 4116  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:08:48.0837 4116  wscsvc - ok
15:08:48.0841 4116  WSearch - ok
15:08:48.0922 4116  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:08:48.0946 4116  wuauserv - ok
15:08:48.0988 4116  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:08:48.0990 4116  WudfPf - ok
15:08:49.0016 4116  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:08:49.0018 4116  WUDFRd - ok
15:08:49.0048 4116  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:08:49.0052 4116  wudfsvc - ok
15:08:49.0069 4116  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:08:49.0074 4116  WwanSvc - ok
15:08:49.0122 4116  X6va005 - ok
15:08:49.0141 4116  ================ Scan global ===============================
15:08:49.0167 4116  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:08:49.0204 4116  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:08:49.0213 4116  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:08:49.0232 4116  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:08:49.0262 4116  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:08:49.0267 4116  [Global] - ok
15:08:49.0268 4116  ================ Scan MBR ==================================
15:08:49.0278 4116  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:08:49.0740 4116  \Device\Harddisk0\DR0 - ok
15:08:49.0741 4116  ================ Scan VBR ==================================
15:08:49.0745 4116  [ 669E4ACF63B456240AAE401BE97A9391 ] \Device\Harddisk0\DR0\Partition1
15:08:49.0748 4116  \Device\Harddisk0\DR0\Partition1 - ok
15:08:49.0778 4116  [ 3BE40802CD69F79E8EDF3404B4C23A37 ] \Device\Harddisk0\DR0\Partition2
15:08:49.0781 4116  \Device\Harddisk0\DR0\Partition2 - ok
15:08:49.0799 4116  [ 865533E12A2D3B1974908D8398EB680C ] \Device\Harddisk0\DR0\Partition3
15:08:49.0803 4116  \Device\Harddisk0\DR0\Partition3 - ok
15:08:49.0803 4116  ============================================================
15:08:49.0803 4116  Scan finished
15:08:49.0803 4116  ============================================================
15:08:49.0814 4256  Detected object count: 0
15:08:49.0814 4256  Actual detected object count: 0
15:09:05.0173 1132  Deinitialize success
         

Es sind keine anderen Logfiles vorhanden.

LG Basti

Alt 30.12.2012, 17:46   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Zitat:
Wie bereits erwähnt waren die Logs zu lang zum Posten in Code-Tags.
Aber nicht alle Logs
Was ist nun mit Logs von Virenscannern und von Malwarebytes, hast du da welche mit Funden schon oder nicht?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2012, 17:49   #6
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Zitat:
Zitat von cosinus Beitrag anzeigen
Aber nicht alle Logs
Was ist nun mit Logs von Virenscannern und von Malwarebytes, hast du da welche mit Funden schon oder nicht?
Nein, keine Logs mit Funden vorhanden

Alt 30.12.2012, 17:51   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Ja das seh ich jetzt auch, nachdem unsere letzten Antworten quasi zeitgleich reinkamen

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2012, 20:04   #8
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Ok, mbar sagt "No Maleware Found". Hier das Logfile:

Code:
ATTFilter
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2012.12.30.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Basti :: BASTI-PC [administrator]

30.12.2012 21:45:36
mbar-log-2012-12-30 (21-45-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30566
Time elapsed: 9 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Geändert von s.weise (30.12.2012 um 20:47 Uhr)

Alt 30.12.2012, 21:38   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2012, 21:59   #10
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Hier das LogFile von Combofix:

Code:
ATTFilter
ComboFix 12-12-30.01 - Basti 30.12.2012  22:48:33.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4008.2424 [GMT 1:00]
ausgeführt von:: c:\users\Basti\Desktop\6ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\windows\IsUn0407.exe
c:\windows\SysWow64\miccyhook.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-28 bis 2012-12-30  ))))))))))))))))))))))))))))))
.
.
2012-12-30 21:55 . 2012-12-30 21:55	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-12-30 21:55 . 2012-12-30 21:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-30 15:43 . 2012-12-30 15:43	--------	d-----w-	c:\program files (x86)\Microsoft
2012-12-30 15:40 . 2012-11-19 00:01	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{217E5031-DB23-46F5-9E40-30EBC7A3D33C}\mpengine.dll
2012-12-30 15:36 . 2012-12-30 15:36	289768	----a-w-	c:\windows\system32\javaws.exe
2012-12-30 15:36 . 2012-12-30 15:36	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-12-30 15:36 . 2012-12-30 15:36	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-30 15:36 . 2012-12-30 15:36	189416	----a-w-	c:\windows\system32\javaw.exe
2012-12-30 15:36 . 2012-12-30 15:36	188904	----a-w-	c:\windows\system32\java.exe
2012-12-30 15:29 . 2012-11-20 06:17	262112	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-12-30 15:29 . 2012-11-20 06:17	96224	----a-w-	c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-12-30 15:29 . 2012-11-20 06:17	157272	----a-w-	c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-12-30 15:29 . 2012-11-20 06:17	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-12-30 15:29 . 2012-11-20 06:17	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-12-30 15:29 . 2012-11-20 06:17	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-12-30 15:25 . 2012-10-30 22:51	370288	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-12-30 15:25 . 2012-10-30 22:51	25232	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-12-30 15:25 . 2012-10-15 16:59	54072	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-12-30 15:25 . 2012-10-30 22:51	59728	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-12-30 15:25 . 2012-10-30 22:51	984144	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-12-30 15:25 . 2012-10-30 22:51	71600	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-12-30 15:25 . 2012-10-30 22:50	285328	----a-w-	c:\windows\system32\aswBoot.exe
2012-12-30 15:24 . 2012-10-30 22:51	41224	----a-w-	c:\windows\avastSS.scr
2012-12-30 15:24 . 2012-10-30 22:50	227648	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-12-30 15:24 . 2012-12-30 15:24	--------	d-----w-	c:\programdata\AVAST Software
2012-12-30 15:24 . 2012-12-30 15:24	--------	d-----w-	c:\program files\AVAST Software
2012-12-30 15:18 . 2012-12-30 15:18	--------	d-----w-	c:\users\Basti\AppData\Local\Secunia PSI
2012-12-30 15:18 . 2012-12-30 15:18	--------	d-----w-	c:\program files (x86)\Secunia
2012-12-30 15:09 . 2012-12-30 15:09	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-12-30 15:09 . 2012-12-30 15:09	859072	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-12-30 15:09 . 2012-12-30 15:09	95184	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-29 17:38 . 2012-12-29 17:38	--------	d-----w-	c:\program files (x86)\Binnerup Consult
2012-12-29 17:34 . 2012-12-29 17:35	--------	d-----w-	c:\program files\Microsoft SQL Server
2012-12-29 17:34 . 2012-12-30 15:49	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server
2012-12-29 17:31 . 2012-12-29 17:47	--------	d-----w-	c:\programdata\My Movies
2012-12-28 12:43 . 2012-12-28 12:43	--------	d-----w-	c:\program files (x86)\ESET
2012-12-28 10:43 . 2012-12-28 10:43	--------	d-----w-	c:\users\Basti\AppData\Local\Programs
2012-12-23 12:25 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-23 12:25 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-23 12:25 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-23 12:25 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-18 15:58 . 2012-12-18 15:58	--------	d-----w-	c:\program files (x86)\BlueStacks
2012-12-18 15:57 . 2012-12-18 15:58	--------	d-----w-	c:\programdata\BlueStacks
2012-12-16 19:56 . 2012-12-16 20:01	--------	d-----w-	c:\program files (x86)\Ubisoft
2012-12-16 19:56 . 2012-12-16 19:56	1	----a-w-	c:\windows\SysWow64\SI.bin
2012-12-16 19:56 . 2001-09-05 05:18	77824	----a-w-	c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-16 19:56 . 2001-09-05 05:18	225280	----a-w-	c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-16 19:56 . 2001-09-05 05:14	176128	----a-w-	c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-16 19:56 . 2001-09-05 05:13	32768	----a-w-	c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-12-16 19:56 . 2007-09-21 11:14	614532	----a-w-	c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-16 19:27 . 2012-12-16 19:27	--------	d-----w-	c:\users\Basti\dwhelper
2012-12-13 16:12 . 2012-11-09 05:45	2048	----a-w-	c:\windows\system32\tzres.dll
2012-12-13 16:10 . 2012-11-22 03:26	3149824	----a-w-	c:\windows\system32\win32k.sys
2012-12-13 16:10 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-12-13 16:10 . 2012-11-02 05:11	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-12-10 17:48 . 2012-12-10 17:48	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-12-01 11:35 . 2012-12-01 11:35	--------	d-----w-	c:\program files\iPod
2012-12-01 11:35 . 2012-12-01 11:36	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-01 11:35 . 2012-12-01 11:36	--------	d-----w-	c:\program files\iTunes
2012-12-01 11:35 . 2012-12-01 11:36	--------	d-----w-	c:\program files (x86)\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-30 15:36 . 2011-12-11 20:47	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-30 15:09 . 2011-12-13 17:02	779704	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-12-16 09:00 . 2011-12-11 21:32	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-14 15:49 . 2012-05-02 10:38	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-11 21:34 . 2012-03-30 15:06	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:34 . 2011-12-11 20:45	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-04 16:40 . 2012-12-13 16:12	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-09 984400]
"My Movies Tray"="c:\program files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe" [2012-09-04 480888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-11-22 2127896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 132608]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-01 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2010-08-03 290920]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 X6va005;X6va005;c:\users\Basti\AppData\Local\Temp\005E939.tmp [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-11-22 166424]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-10-25 71032]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-10-25 384888]
S2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-01-16 343032]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-11 9216]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 333928]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWSNX
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:34]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 01:09]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-14 01:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50	133400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	97792	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	97792	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	97792	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	97792	----a-w-	c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-20 2188904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\
FF - ExtSQL: 2012-12-16 20:26; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-12-30 16:16; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: 2012-12-30 16:25; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-RunOnce-Z1 - c:\users\Basti\Desktop\mbar\mbar.exe
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\X6va005]
"ImagePath"="\??\c:\users\Basti\AppData\Local\Temp\005E939.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4251190316-340746890-89556036-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*i*n*i*—é“g\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-30  22:57:33
ComboFix-quarantined-files.txt  2012-12-30 21:57
.
Vor Suchlauf: 11 Verzeichnis(se), 23.528.550.400 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 23.365.001.216 Bytes frei
.
- - End Of File - - A6671DFF39CE481167574C303C29B18D
         

Alt 30.12.2012, 22:21   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2012, 22:27   #12
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



So, da ist auch schon das LogFile vom ADWcleaner.

Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 30/12/2012 um 23:25:18 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Basti - BASTI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Basti\Desktop\7adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Basti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gefunden : C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gefunden : C:\Users\Basti\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0 (en-US)

Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1873 octets] - [30/12/2012 23:25:18]

########## EOF - C:\AdwCleaner[R1].txt - [1933 octets] ##########
         
Ach und was ich noch sagen wollte; für die schnelle Hilfe.

Alt 30.12.2012, 22:30   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.12.2012, 22:39   #14
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Hier das LogFile nach dem Löschen mit ADWcleaner:

Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 30/12/2012 um 23:33:41 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Basti - BASTI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Basti\Desktop\7adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gelöscht : C:\Users\Basti\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0 (en-US)

Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\9udwczu1.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1875 octets] - [30/12/2012 23:33:41]

########## EOF - C:\AdwCleaner[S1].txt - [1935 octets] ##########
         
OTL lass ich jetzt laufen.

So, hier die OTL Logs:

Code:
ATTFilter
OTL logfile created on: 30.12.2012 23:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Basti\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,24% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,91 Gb Total Space | 21,74 Gb Free Space | 22,67% Space Free | Partition Type: NTFS
Drive D: | 202,08 Gb Total Space | 159,15 Gb Free Space | 78,76% Space Free | Partition Type: NTFS
 
Computer Name: BASTI-PC | User Name: Basti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Basti\Desktop\8OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe (Binnerup Consult)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\GAC_MSIL\MyMoviesCommon\4.0.4.104__4f079cf7f10a3651\MyMoviesCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MyMoviesBonjourInterop\1.0.0.0__d46a0f70086f4c31\MyMoviesBonjourInterop.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a30d7e65103254213dc62f238be50f97\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\dvb7700all.sys (DiBcom)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B C3 98 76 4E EE CC 01  [binary data]
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.01 14:26:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.30 16:24:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.30 16:29:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.30 16:09:27 | 000,000,000 | ---D | M]
 
[2011.12.12 14:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Extensions
[2011.12.12 14:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.12.16 20:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions
[2012.02.05 15:41:57 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.12.16 20:26:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.30 23:33:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.22 21:46:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.30 16:16:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.02.01 14:26:02 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.30 16:24:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.20 07:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.20 07:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 07:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.8_0\
CHR - Extension: ChromeAccess = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeoigbhkilbllfomkmmilbfochhlgdmh\1.6_0\
CHR - Extension: Angry Birds = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Brushed = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: SKiD Racer = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoaojooagiaaiidlnfhkkafjpbbnnno\0.0.0.37_0\
CHR - Extension: YouTube = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Poolbillard = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.0.4_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Google-Suche = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Counter Strike (Flash-Version) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbegflbljflchoahmigblmabofoinkh\1.0.1_0\
CHR - Extension: WGT Golf Challenge = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
CHR - Extension: Toss it = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\4.0.0_0\
CHR - Extension: Gmail offline = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Uhr = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.11_0\
CHR - Extension: IE Tab = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.10.10.1_0\
CHR - Extension: Flixster = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: avast! WebRep = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Lord of Ultima = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: Skyrama = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.2_0\
CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\
CHR - Extension: Fieldrunners = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: Google Maps = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Google Mail = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.12.30 22:55:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [My Movies Tray] C:\Program Files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe (Binnerup Consult)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.7.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85CB6ED5-0C1A-4857-ACC8-F5A0A5E03324}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E79780CE-854E-4E88-AEE1-27AB5BFAE142}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\fluxhttp - No CLSID value found
O18:64bit: - Protocol\Handler\fluxhttp\0x00000007 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.30 23:32:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Basti\Desktop\8OTL.exe
[2012.12.30 23:23:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.30 22:57:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.30 22:47:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.30 22:47:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.30 22:47:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.30 22:47:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.30 22:47:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.30 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\Basti\Desktop\5mbar
[2012.12.30 16:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2012.12.30 16:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012.12.30 16:36:31 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.12.30 16:36:31 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.30 16:36:25 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.30 16:36:25 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.30 16:36:25 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.12.30 16:25:04 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.12.30 16:25:04 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.12.30 16:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.12.30 16:25:01 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.12.30 16:25:00 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.12.30 16:25:00 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.12.30 16:25:00 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.12.30 16:25:00 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.12.30 16:24:43 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.12.30 16:24:43 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.12.30 16:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.12.30 16:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.12.30 16:18:22 | 000,000,000 | ---D | C] -- C:\Users\Basti\AppData\Local\Secunia PSI
[2012.12.30 16:18:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012.12.30 16:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.12.30 16:09:27 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.30 16:09:27 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.30 16:09:15 | 000,095,184 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.30 14:22:59 | 005,015,826 | R--- | C] (Swearware) -- C:\Users\Basti\Desktop\6ComboFix.exe
[2012.12.30 14:21:49 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Basti\Desktop\4dds.com
[2012.12.30 14:20:07 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Basti\Desktop\3tdsskiller.exe
[2012.12.30 14:19:34 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Basti\Desktop\2aswMBR.exe
[2012.12.29 18:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Movies
[2012.12.29 18:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Binnerup Consult
[2012.12.29 18:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2012.12.29 18:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2012.12.29 18:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2012.12.29 18:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\My Movies
[2012.12.28 13:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.12.28 12:40:55 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Basti\Desktop\esetonlinescanner.exe
[2012.12.28 12:24:27 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Basti\Desktop\TFC.exe
[2012.12.28 11:43:26 | 000,000,000 | ---D | C] -- C:\Users\Basti\AppData\Local\Programs
[2012.12.27 15:52:44 | 000,000,000 | ---D | C] -- D:\Dokumente\Wohngeld
[2012.12.23 13:25:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.23 13:25:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.23 13:25:51 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.23 13:25:36 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.18 16:58:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2012.12.18 16:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2012.12.18 16:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2012.12.18 16:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2012.12.16 20:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.12.16 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.12.16 20:27:49 | 000,000,000 | ---D | C] -- C:\Users\Basti\dwhelper
[2012.12.16 09:56:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.16 09:56:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.16 09:56:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.16 09:56:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.16 09:56:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.16 09:56:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.16 09:56:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.16 09:56:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.16 09:56:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.16 09:56:31 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.16 09:56:31 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.16 09:56:31 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.16 09:56:28 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.16 09:56:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.16 09:56:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.13 17:12:25 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.13 17:12:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.13 17:12:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.13 17:12:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.13 17:12:21 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.13 17:12:21 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.13 17:12:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.13 17:12:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.13 17:12:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.13 17:12:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.13 17:12:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.13 17:12:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.13 17:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 17:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 17:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 17:12:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 17:12:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 17:12:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 17:12:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 17:12:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 17:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 17:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 17:12:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.13 17:10:47 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.13 17:10:46 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.10 18:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.10 18:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.12.01 12:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.01 12:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.30 23:43:26 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 23:43:26 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 23:36:16 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.30 23:35:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.30 23:35:08 | 3151,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.30 23:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.30 23:32:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Basti\Desktop\8OTL.exe
[2012.12.30 23:23:44 | 000,551,997 | ---- | M] () -- C:\Users\Basti\Desktop\7adwcleaner.exe
[2012.12.30 23:10:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.30 22:55:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.30 20:47:33 | 000,002,036 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.12.30 20:47:33 | 000,001,337 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.12.30 16:46:18 | 001,680,142 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.30 16:46:18 | 000,758,436 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.30 16:46:18 | 000,711,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.30 16:46:18 | 000,172,310 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.30 16:46:18 | 000,144,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.30 16:36:21 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.12.30 16:36:20 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.12.30 16:36:20 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.30 16:36:20 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.30 16:36:20 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.30 16:36:20 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.30 16:25:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.12.30 16:23:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.12.30 16:09:08 | 000,095,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.30 16:09:05 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.30 16:09:05 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.12.30 16:09:05 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.12.30 16:09:04 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.30 16:09:04 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.12.30 15:05:40 | 000,000,512 | ---- | M] () -- C:\Users\Basti\Desktop\MBR.dat
[2012.12.30 14:36:07 | 000,000,020 | ---- | M] () -- C:\Users\Basti\defogger_reenable
[2012.12.30 14:23:35 | 005,015,826 | R--- | M] (Swearware) -- C:\Users\Basti\Desktop\6ComboFix.exe
[2012.12.30 14:21:55 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Basti\Desktop\4dds.com
[2012.12.30 14:20:32 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Basti\Desktop\2aswMBR.exe
[2012.12.30 14:20:14 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Basti\Desktop\3tdsskiller.exe
[2012.12.30 14:19:30 | 000,050,477 | ---- | M] () -- C:\Users\Basti\Desktop\1Defogger.exe
[2012.12.30 14:18:53 | 001,784,674 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.28 12:44:27 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Basti\Desktop\esetonlinescanner.exe
[2012.12.28 12:24:32 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Basti\Desktop\TFC.exe
[2012.12.23 13:32:09 | 000,438,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.16 20:56:15 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.11 22:34:12 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.11 22:34:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2012.12.30 23:23:39 | 000,551,997 | ---- | C] () -- C:\Users\Basti\Desktop\7adwcleaner.exe
[2012.12.30 22:47:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.30 22:47:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.30 22:47:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.30 22:47:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.30 22:47:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.30 16:25:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.12.30 16:18:07 | 000,001,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.12.30 15:05:40 | 000,000,512 | ---- | C] () -- C:\Users\Basti\Desktop\MBR.dat
[2012.12.30 14:36:07 | 000,000,020 | ---- | C] () -- C:\Users\Basti\defogger_reenable
[2012.12.30 14:19:29 | 000,050,477 | ---- | C] () -- C:\Users\Basti\Desktop\1Defogger.exe
[2012.12.16 20:56:15 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012.05.31 18:23:28 | 000,000,294 | ---- | C] () -- C:\Users\Basti\AppData\Roaming\Network Meter_Settings.ini
[2012.03.28 21:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.15 18:52:55 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.02.23 14:10:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.02.23 14:10:48 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.02.14 11:25:54 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.17 14:41:34 | 000,003,584 | ---- | C] () -- C:\Users\Basti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.28 16:00:00 | 000,000,093 | ---- | C] () -- C:\Users\Basti\AppData\Local\fusioncache.dat
[2011.12.11 21:26:55 | 001,680,142 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.10 23:29:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.10.31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.10.31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.10.31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009.06.16 12:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 3584 bytes -> D:\Dokumente\desktop.ini:gs5sys
@Alternate Data Stream - 3584 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Basti\Desktop\desktop.ini:gs5sys

< End of report >
         
OTL Extras

Code:
ATTFilter
OTL Extras logfile created on: 30.12.2012 23:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Basti\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,24% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,91 Gb Total Space | 21,74 Gb Free Space | 22,67% Space Free | Partition Type: NTFS
Drive D: | 202,08 Gb Total Space | 159,15 Gb Free Space | 78,76% Space Free | Partition Type: NTFS
 
Computer Name: BASTI-PC | User Name: Basti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00241CFA-C3E4-40EA-B5AA-78978AF2E68D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{03B885EF-DE75-4F2E-9F64-4A7206F697AB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{0BEC0A42-712D-4A28-AA0A-7F501AA52C3F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{17A55300-0459-424F-825F-E9D1760F1539}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19F9146B-ADCF-4791-8B5B-E602C18F2E21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3798E085-6FA3-482B-AC61-8B7AA7E1CD61}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{37AB4C78-8CE8-437B-8548-C8F32031D497}" = lport=445 | protocol=6 | dir=in | app=system | 
"{39332E57-DB45-4550-8FA8-0A0BBE0DFF64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3DA6D5A4-A592-4236-B914-AAF55BF3E88C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4549C952-C053-469F-B168-FD8B8D50531D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{6A7711F7-1C7D-4A71-94B7-9BDABFB00AFD}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7BA2D003-0CA2-4DE8-8336-C489ABEE97B1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BD7D71B-9DBD-4347-BE57-2F9800B25BD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A8E95D22-C32E-46F0-B6D9-8AE22C2FDFE8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B7421CEB-DD40-4DE8-A894-1F5A3A901554}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BDD3F421-AA56-44CE-8821-0CBD5DA4D032}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C182DE25-9149-4CEA-80E7-62B9119CDC24}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CBBAF541-7BF8-4FAD-AA28-9660EE45F7A2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D672F9B8-CA17-4308-AC14-54A786562259}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D98D0E4A-E46B-4B37-8E46-721CBE7DDB92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DB7F8E31-D034-40F0-83DB-C6C597E5AA2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{DE657BF5-666E-46A2-9927-3862AF32262C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{E5E0F2D1-95B7-49D2-A66C-783FF303FE9C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F80B6C86-C1D2-4C3D-9FB7-77BA3FD8AFCE}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031641F7-A8C1-4AD8-AE67-E93D3344F510}" = protocol=6 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\tl2.runic.launcher.exe | 
"{046C97C9-060A-46A6-81ED-C7EEB50F511B}" = protocol=17 | dir=in | app=c:\users\basti\appdata\local\temp\{c8ac0d7e-2da9-4890-b11a-3ea052d70eb2}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{067AED09-028E-4A80-84A2-B73DD47A5388}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{075DC1FD-25A1-41DD-9884-3EB7D92C0345}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{09E5788F-B505-4D91-93D8-856F8AF0846B}" = protocol=6 | dir=out | app=system | 
"{0A239CBF-DA11-4F81-8B70-3BEC9E7318C1}" = protocol=6 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\torchlight2.exe | 
"{15CD3C46-03FB-463E-B2A5-ECDE67683B2D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{17AF0E67-B336-48E5-8960-664242F9D8A5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{21529DFC-DC8D-4DEA-9D75-0DA7B9DC625E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27A31ACA-6842-4040-A228-68C38A32D595}" = protocol=6 | dir=in | app=c:\users\basti\appdata\local\temp\{c8ac0d7e-2da9-4890-b11a-3ea052d70eb2}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{339E9B51-3DF4-4ACD-8EE3-4B03448135A1}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe | 
"{38265B60-2424-47E0-93A2-F4DE28394EB7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3B4317AD-9852-4EA3-A4C8-81367F851AB0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3EDD52B2-3D94-4261-817C-DE2626529447}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3F3ACA0A-3329-4C4B-952B-D44E37D45945}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{3F415793-B03F-4EE4-B883-A41AC9592FF3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{40584CA2-EC7B-4E98-8B69-23644E005720}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{408278DD-3875-40EA-8221-E62EC5E0FE3F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{41ADCED0-131B-4C20-A818-4E0F1441D664}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{46BCB62A-0073-45C0-91AA-3B9541201108}" = protocol=17 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"{48A66033-553F-4BE4-8285-B71F397C2D9F}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{4C610B13-69AA-44F2-A8D0-84774B49252A}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{506E896B-2EC0-4CDF-A989-2830EC950F20}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{50D973C8-7DE3-4582-A792-086179A5CBF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{530CBF72-E549-4C4A-A1A5-696662CA3B2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{58525DF4-439C-4DB2-9AFF-B1D47D5A82A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5E2B04BD-C0EE-42D9-8EB9-AEB6E8ADE131}" = protocol=17 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\tl2.runic.launcher.exe | 
"{62AEA783-BF29-46EB-9D5E-8FE12A1C2F6C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6324FA39-5F3A-40BE-82FD-FB824A005525}" = protocol=6 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"{73BCC673-4788-4A1E-BC25-80CDBFF7EA9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{792C0919-C651-4D42-B853-70CDEAAC3788}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{796297D1-53C8-496D-B2CF-6CFDF4E13594}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{7CA38777-E847-40ED-993B-62A9EED9166F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{87DC8585-6F24-45B4-A54E-91650284FC61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9697D502-3DDC-4F30-B323-96E2305C7B99}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9ED9FFC6-FDB7-4C28-A0B8-9260C9EBAECD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A25B3D59-255E-497C-93C7-74FCAE0F054D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A4BE69F9-B40E-4713-92E5-7B5D59D9976A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A66E0FFF-8212-486A-B321-5804DCFF7435}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe | 
"{AA304033-2F45-44D5-919E-52C074915D0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B3244CEB-669E-466B-9ED6-D55A9C17C817}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B3296571-F2A9-46E0-A0E8-0BB7A27A9CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | 
"{B899470C-32F7-4169-95B1-8D1CD65E9DBD}" = protocol=17 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\torchlight2.exe | 
"{BDE1802A-F18D-400A-AB6E-BE5370DBF31E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{EBBA6292-809F-4381-84F6-30D794878201}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ECD5A201-055B-4CEB-AF58-B9501BF066F5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F1CAEB6D-DD74-4D19-94C1-83B17A7E75BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F2888D8A-07B3-40FE-A4E3-539ADB40F899}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F316A926-0A7D-4088-8BE0-082AB542A02E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F86AD037-EFF0-477E-B623-64F12FFAD700}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F97291C5-8A30-46F2-A8B8-4F30B327AF65}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{19DDA74C-C310-4D4F-919B-715A0D8C91D4}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | 
"TCP Query User{2D675A4A-DFE6-4381-8271-27E75CAFAC3F}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{2FA012AC-902D-4282-9AFD-F5DD36088B6F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{6F274332-0F18-4B38-8359-5203C6B2E35F}C:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{80E1001B-2C0E-4140-950E-060538586D3F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{8384EE3B-5516-4E89-99CE-872B68B2DD7F}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"TCP Query User{8B47F638-3258-4FDB-AC46-3A7DBE1C711F}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"TCP Query User{915814FB-3BD5-4385-95B4-C9770EE89803}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{A107E3C2-8DB6-4DF0-9A5E-6CF27C4B4E3E}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"TCP Query User{DAF6BB43-B0AA-46D8-8ADC-CDF6E7E14AC2}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{F52A3A3E-B7F1-48E1-A810-7D3236AEEA60}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{3C4408D6-482A-46D5-BDEF-98F306EF0385}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{47886196-E13B-49E4-AB65-E8ACE4744EBD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{4873D6A3-4D53-4ED8-A431-2694D27ADFA4}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"UDP Query User{52297547-C9B0-4956-AAF0-377EB40BFB6A}C:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{6FC82248-AB46-4205-8EE2-0BEEDF929E30}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{75E9D31C-7940-45A1-B698-5A471AAC63F1}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"UDP Query User{8C989BAD-4C56-4C38-AF18-71F18F636F3D}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | 
"UDP Query User{A113C520-B58A-4F69-82A3-69AB1D7F8557}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{AD809E98-F757-4B4C-BE1F-66B49E5C3E69}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{B62B8AA5-8457-43CF-8C89-FA0DD40A445E}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{E38D4DA1-BC53-43CE-843B-CEA313BFFE11}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{18E12084-AD08-4E7E-9C01-165CE2C8121B}" = Nitro PDF Reader 2
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Unlocker" = Unlocker 1.9.1-x64
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MYMOVIES)
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}" = Notification Center
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing-Desktop
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3239C8-0FD8-4994-BEED-E668B79AB520}" = My Movies Collection Management
"{A33447B6-F49A-41FC-AF0A-D27BDCAC2E23}" = Easy Phone Tunes
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-357C
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.10
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"BlueStacks App Player" = BlueStacks App Player
"Cinergy T USB XXS" = Cinergy T USB XXS V2.03.03.29
"Diablo III" = Diablo III
"Diablo III Public Test" = Diablo III Public Test
"DivX Setup" = DivX-Setup
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"Google Chrome" = Google Chrome
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 9.04
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 17.0 (x86 en-US)" = Mozilla Firefox 17.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"ProgDVB" = ProgDVB
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SopCast" = SopCast 3.4.8
"Veetle TV" = Veetle TV
"Videoload Manager" = Videoload Manager 2.0.2220
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}" = Torchlight 2
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 29.12.2012 15:14:11 | Computer Name = Basti-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2246
 
Error - 30.12.2012 09:24:19 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:19 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:23 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:59 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\7esetonlinescanner.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:38:00 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.12.2012 11:17:16 | Computer Name = Basti-PC | Source = MsiInstaller | ID = 11316
Description = 
 
Error - 30.12.2012 15:45:09 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.12.2012 15:52:07 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetonlinescanner.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 18:35:58 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 29.06.2012 14:47:37 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:40 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:40 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:41 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:41 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:44 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 08.07.2012 10:29:12 | Computer Name = Basti-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 08.07.2012 13:45:24 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 10.07.2012 04:02:14 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 11.07.2012 10:13:07 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
 
< End of report >
         

Alt 30.12.2012, 23:12   #15
s.weise
 
Google Captcha Problem - Datenverkehr - Standard

Google Captcha Problem - Datenverkehr



Hier die OTL Logs:

1:

Code:
ATTFilter
OTL logfile created on: 30.12.2012 23:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Basti\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,24% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,91 Gb Total Space | 21,74 Gb Free Space | 22,67% Space Free | Partition Type: NTFS
Drive D: | 202,08 Gb Total Space | 159,15 Gb Free Space | 78,76% Space Free | Partition Type: NTFS
 
Computer Name: BASTI-PC | User Name: Basti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Basti\Desktop\8OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe (Binnerup Consult)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\GAC_MSIL\MyMoviesCommon\4.0.4.104__4f079cf7f10a3651\MyMoviesCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MyMoviesBonjourInterop\1.0.0.0__d46a0f70086f4c31\MyMoviesBonjourInterop.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a30d7e65103254213dc62f238be50f97\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\dvb7700all.sys (DiBcom)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B C3 98 76 4E EE CC 01  [binary data]
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.01 14:26:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.30 16:24:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.30 16:29:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.30 16:09:27 | 000,000,000 | ---D | M]
 
[2011.12.12 14:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Extensions
[2011.12.12 14:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012.12.16 20:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions
[2012.02.05 15:41:57 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.12.16 20:26:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Basti\AppData\Roaming\mozilla\Firefox\Profiles\9udwczu1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.30 23:33:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.22 21:46:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.30 16:16:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.02.01 14:26:02 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.30 16:24:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.20 07:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.20 07:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 07:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.8_0\
CHR - Extension: ChromeAccess = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeoigbhkilbllfomkmmilbfochhlgdmh\1.6_0\
CHR - Extension: Angry Birds = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Brushed = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: SKiD Racer = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoaojooagiaaiidlnfhkkafjpbbnnno\0.0.0.37_0\
CHR - Extension: YouTube = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Poolbillard = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.0.4_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Google-Suche = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Counter Strike (Flash-Version) = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbegflbljflchoahmigblmabofoinkh\1.0.1_0\
CHR - Extension: WGT Golf Challenge = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
CHR - Extension: Toss it = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\4.0.0_0\
CHR - Extension: Gmail offline = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Uhr = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.11_0\
CHR - Extension: IE Tab = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.10.10.1_0\
CHR - Extension: Flixster = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: avast! WebRep = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Lord of Ultima = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: Skyrama = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.2_0\
CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\
CHR - Extension: Fieldrunners = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: Google Maps = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Google Mail = C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.12.30 22:55:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [My Movies Tray] C:\Program Files (x86)\Binnerup Consult\My Movies Collection Management\My Movies Tray.exe (Binnerup Consult)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.7.0_10)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85CB6ED5-0C1A-4857-ACC8-F5A0A5E03324}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B54A564F-EFD1-448B-B843-22466391D72A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E79780CE-854E-4E88-AEE1-27AB5BFAE142}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\fluxhttp - No CLSID value found
O18:64bit: - Protocol\Handler\fluxhttp\0x00000007 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.30 23:32:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Basti\Desktop\8OTL.exe
[2012.12.30 23:23:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.30 22:57:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.30 22:47:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.30 22:47:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.30 22:47:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.30 22:47:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.30 22:47:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.30 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\Basti\Desktop\5mbar
[2012.12.30 16:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2012.12.30 16:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012.12.30 16:36:31 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.12.30 16:36:31 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.30 16:36:25 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.30 16:36:25 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.30 16:36:25 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.12.30 16:25:04 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.12.30 16:25:04 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.12.30 16:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.12.30 16:25:01 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.12.30 16:25:00 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.12.30 16:25:00 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.12.30 16:25:00 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.12.30 16:25:00 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.12.30 16:24:43 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.12.30 16:24:43 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.12.30 16:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.12.30 16:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.12.30 16:18:22 | 000,000,000 | ---D | C] -- C:\Users\Basti\AppData\Local\Secunia PSI
[2012.12.30 16:18:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012.12.30 16:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.12.30 16:09:27 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.30 16:09:27 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.30 16:09:15 | 000,095,184 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.30 14:22:59 | 005,015,826 | R--- | C] (Swearware) -- C:\Users\Basti\Desktop\6ComboFix.exe
[2012.12.30 14:21:49 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Basti\Desktop\4dds.com
[2012.12.30 14:20:07 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Basti\Desktop\3tdsskiller.exe
[2012.12.30 14:19:34 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Basti\Desktop\2aswMBR.exe
[2012.12.29 18:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Movies
[2012.12.29 18:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Binnerup Consult
[2012.12.29 18:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2012.12.29 18:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2012.12.29 18:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2012.12.29 18:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\My Movies
[2012.12.28 13:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.12.28 12:40:55 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Basti\Desktop\esetonlinescanner.exe
[2012.12.28 12:24:27 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Basti\Desktop\TFC.exe
[2012.12.28 11:43:26 | 000,000,000 | ---D | C] -- C:\Users\Basti\AppData\Local\Programs
[2012.12.27 15:52:44 | 000,000,000 | ---D | C] -- D:\Dokumente\Wohngeld
[2012.12.23 13:25:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.23 13:25:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.23 13:25:51 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.23 13:25:36 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.18 16:58:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2012.12.18 16:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2012.12.18 16:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2012.12.18 16:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2012.12.16 20:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.12.16 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.12.16 20:27:49 | 000,000,000 | ---D | C] -- C:\Users\Basti\dwhelper
[2012.12.16 09:56:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.16 09:56:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.16 09:56:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.16 09:56:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.16 09:56:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.16 09:56:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.16 09:56:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.16 09:56:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.16 09:56:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.16 09:56:31 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.16 09:56:31 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.16 09:56:31 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.16 09:56:28 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.16 09:56:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.16 09:56:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.13 17:12:25 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.13 17:12:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.13 17:12:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.13 17:12:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.13 17:12:21 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.13 17:12:21 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.13 17:12:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.13 17:12:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.13 17:12:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.13 17:12:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.13 17:12:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.13 17:12:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.13 17:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 17:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 17:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 17:12:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 17:12:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 17:12:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 17:12:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 17:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 17:12:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 17:12:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 17:12:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 17:12:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 17:12:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 17:12:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 17:12:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 17:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 17:12:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 17:12:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.13 17:10:47 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.13 17:10:46 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.10 18:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.10 18:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.12.01 12:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.01 12:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.12.01 12:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.30 23:43:26 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 23:43:26 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.30 23:36:16 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.30 23:35:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.30 23:35:08 | 3151,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.30 23:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.30 23:32:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Basti\Desktop\8OTL.exe
[2012.12.30 23:23:44 | 000,551,997 | ---- | M] () -- C:\Users\Basti\Desktop\7adwcleaner.exe
[2012.12.30 23:10:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.30 22:55:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.30 20:47:33 | 000,002,036 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.12.30 20:47:33 | 000,001,337 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.12.30 16:46:18 | 001,680,142 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.30 16:46:18 | 000,758,436 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.30 16:46:18 | 000,711,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.30 16:46:18 | 000,172,310 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.30 16:46:18 | 000,144,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.30 16:36:21 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012.12.30 16:36:20 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.12.30 16:36:20 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.12.30 16:36:20 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.12.30 16:36:20 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.12.30 16:36:20 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.12.30 16:25:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.12.30 16:23:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.12.30 16:09:08 | 000,095,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.30 16:09:05 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.30 16:09:05 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.12.30 16:09:05 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.12.30 16:09:04 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.30 16:09:04 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.12.30 15:05:40 | 000,000,512 | ---- | M] () -- C:\Users\Basti\Desktop\MBR.dat
[2012.12.30 14:36:07 | 000,000,020 | ---- | M] () -- C:\Users\Basti\defogger_reenable
[2012.12.30 14:23:35 | 005,015,826 | R--- | M] (Swearware) -- C:\Users\Basti\Desktop\6ComboFix.exe
[2012.12.30 14:21:55 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Basti\Desktop\4dds.com
[2012.12.30 14:20:32 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Basti\Desktop\2aswMBR.exe
[2012.12.30 14:20:14 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Basti\Desktop\3tdsskiller.exe
[2012.12.30 14:19:30 | 000,050,477 | ---- | M] () -- C:\Users\Basti\Desktop\1Defogger.exe
[2012.12.30 14:18:53 | 001,784,674 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.28 12:44:27 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Basti\Desktop\esetonlinescanner.exe
[2012.12.28 12:24:32 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Basti\Desktop\TFC.exe
[2012.12.23 13:32:09 | 000,438,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.16 20:56:15 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.11 22:34:12 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.11 22:34:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2012.12.30 23:23:39 | 000,551,997 | ---- | C] () -- C:\Users\Basti\Desktop\7adwcleaner.exe
[2012.12.30 22:47:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.30 22:47:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.30 22:47:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.30 22:47:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.30 22:47:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.30 16:25:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.12.30 16:18:07 | 000,001,065 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.12.30 15:05:40 | 000,000,512 | ---- | C] () -- C:\Users\Basti\Desktop\MBR.dat
[2012.12.30 14:36:07 | 000,000,020 | ---- | C] () -- C:\Users\Basti\defogger_reenable
[2012.12.30 14:19:29 | 000,050,477 | ---- | C] () -- C:\Users\Basti\Desktop\1Defogger.exe
[2012.12.16 20:56:15 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012.05.31 18:23:28 | 000,000,294 | ---- | C] () -- C:\Users\Basti\AppData\Roaming\Network Meter_Settings.ini
[2012.03.28 21:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.15 18:52:55 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.02.23 14:10:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.02.23 14:10:48 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.02.14 11:25:54 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.17 14:41:34 | 000,003,584 | ---- | C] () -- C:\Users\Basti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.28 16:00:00 | 000,000,093 | ---- | C] () -- C:\Users\Basti\AppData\Local\fusioncache.dat
[2011.12.11 21:26:55 | 001,680,142 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.10 23:29:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.10.31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.10.31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.10.31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2009.06.16 12:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 3584 bytes -> D:\Dokumente\desktop.ini:gs5sys
@Alternate Data Stream - 3584 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Basti\Desktop\desktop.ini:gs5sys

< End of report >
         
2:

Code:
ATTFilter
OTL Extras logfile created on: 30.12.2012 23:41:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Basti\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 49,24% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 95,91 Gb Total Space | 21,74 Gb Free Space | 22,67% Space Free | Partition Type: NTFS
Drive D: | 202,08 Gb Total Space | 159,15 Gb Free Space | 78,76% Space Free | Partition Type: NTFS
 
Computer Name: BASTI-PC | User Name: Basti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00241CFA-C3E4-40EA-B5AA-78978AF2E68D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{03B885EF-DE75-4F2E-9F64-4A7206F697AB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{0BEC0A42-712D-4A28-AA0A-7F501AA52C3F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{17A55300-0459-424F-825F-E9D1760F1539}" = rport=137 | protocol=17 | dir=out | app=system | 
"{19F9146B-ADCF-4791-8B5B-E602C18F2E21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3798E085-6FA3-482B-AC61-8B7AA7E1CD61}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{37AB4C78-8CE8-437B-8548-C8F32031D497}" = lport=445 | protocol=6 | dir=in | app=system | 
"{39332E57-DB45-4550-8FA8-0A0BBE0DFF64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3DA6D5A4-A592-4236-B914-AAF55BF3E88C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4549C952-C053-469F-B168-FD8B8D50531D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{6A7711F7-1C7D-4A71-94B7-9BDABFB00AFD}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7BA2D003-0CA2-4DE8-8336-C489ABEE97B1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BD7D71B-9DBD-4347-BE57-2F9800B25BD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A8E95D22-C32E-46F0-B6D9-8AE22C2FDFE8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B7421CEB-DD40-4DE8-A894-1F5A3A901554}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BDD3F421-AA56-44CE-8821-0CBD5DA4D032}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C182DE25-9149-4CEA-80E7-62B9119CDC24}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CBBAF541-7BF8-4FAD-AA28-9660EE45F7A2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D672F9B8-CA17-4308-AC14-54A786562259}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D98D0E4A-E46B-4B37-8E46-721CBE7DDB92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DB7F8E31-D034-40F0-83DB-C6C597E5AA2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{DE657BF5-666E-46A2-9927-3862AF32262C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{E5E0F2D1-95B7-49D2-A66C-783FF303FE9C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F80B6C86-C1D2-4C3D-9FB7-77BA3FD8AFCE}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031641F7-A8C1-4AD8-AE67-E93D3344F510}" = protocol=6 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\tl2.runic.launcher.exe | 
"{046C97C9-060A-46A6-81ED-C7EEB50F511B}" = protocol=17 | dir=in | app=c:\users\basti\appdata\local\temp\{c8ac0d7e-2da9-4890-b11a-3ea052d70eb2}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{067AED09-028E-4A80-84A2-B73DD47A5388}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{075DC1FD-25A1-41DD-9884-3EB7D92C0345}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{09E5788F-B505-4D91-93D8-856F8AF0846B}" = protocol=6 | dir=out | app=system | 
"{0A239CBF-DA11-4F81-8B70-3BEC9E7318C1}" = protocol=6 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\torchlight2.exe | 
"{15CD3C46-03FB-463E-B2A5-ECDE67683B2D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{17AF0E67-B336-48E5-8960-664242F9D8A5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{21529DFC-DC8D-4DEA-9D75-0DA7B9DC625E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{27A31ACA-6842-4040-A228-68C38A32D595}" = protocol=6 | dir=in | app=c:\users\basti\appdata\local\temp\{c8ac0d7e-2da9-4890-b11a-3ea052d70eb2}\{63b9bab5-f36a-4a3b-9e5c-68a7f212bfb9}\insttool.exe | 
"{339E9B51-3DF4-4ACD-8EE3-4B03448135A1}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe | 
"{38265B60-2424-47E0-93A2-F4DE28394EB7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3B4317AD-9852-4EA3-A4C8-81367F851AB0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3EDD52B2-3D94-4261-817C-DE2626529447}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3F3ACA0A-3329-4C4B-952B-D44E37D45945}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{3F415793-B03F-4EE4-B883-A41AC9592FF3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{40584CA2-EC7B-4E98-8B69-23644E005720}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{408278DD-3875-40EA-8221-E62EC5E0FE3F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{41ADCED0-131B-4C20-A818-4E0F1441D664}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{46BCB62A-0073-45C0-91AA-3B9541201108}" = protocol=17 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"{48A66033-553F-4BE4-8285-B71F397C2D9F}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{4C610B13-69AA-44F2-A8D0-84774B49252A}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{506E896B-2EC0-4CDF-A989-2830EC950F20}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{50D973C8-7DE3-4582-A792-086179A5CBF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{530CBF72-E549-4C4A-A1A5-696662CA3B2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{58525DF4-439C-4DB2-9AFF-B1D47D5A82A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5E2B04BD-C0EE-42D9-8EB9-AEB6E8ADE131}" = protocol=17 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\tl2.runic.launcher.exe | 
"{62AEA783-BF29-46EB-9D5E-8FE12A1C2F6C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6324FA39-5F3A-40BE-82FD-FB824A005525}" = protocol=6 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"{73BCC673-4788-4A1E-BC25-80CDBFF7EA9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{792C0919-C651-4D42-B853-70CDEAAC3788}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{796297D1-53C8-496D-B2CF-6CFDF4E13594}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{7CA38777-E847-40ED-993B-62A9EED9166F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{87DC8585-6F24-45B4-A54E-91650284FC61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9697D502-3DDC-4F30-B323-96E2305C7B99}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9ED9FFC6-FDB7-4C28-A0B8-9260C9EBAECD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A25B3D59-255E-497C-93C7-74FCAE0F054D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A4BE69F9-B40E-4713-92E5-7B5D59D9976A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A66E0FFF-8212-486A-B321-5804DCFF7435}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe | 
"{AA304033-2F45-44D5-919E-52C074915D0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B3244CEB-669E-466B-9ED6-D55A9C17C817}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B3296571-F2A9-46E0-A0E8-0BB7A27A9CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | 
"{B899470C-32F7-4169-95B1-8D1CD65E9DBD}" = protocol=17 | dir=in | app=d:\dokumente\my games\runic games\torchlight 2\torchlight2.exe | 
"{BDE1802A-F18D-400A-AB6E-BE5370DBF31E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{EBBA6292-809F-4381-84F6-30D794878201}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ECD5A201-055B-4CEB-AF58-B9501BF066F5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F1CAEB6D-DD74-4D19-94C1-83B17A7E75BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F2888D8A-07B3-40FE-A4E3-539ADB40F899}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F316A926-0A7D-4088-8BE0-082AB542A02E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F86AD037-EFF0-477E-B623-64F12FFAD700}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F97291C5-8A30-46F2-A8B8-4F30B327AF65}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{19DDA74C-C310-4D4F-919B-715A0D8C91D4}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | 
"TCP Query User{2D675A4A-DFE6-4381-8271-27E75CAFAC3F}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{2FA012AC-902D-4282-9AFD-F5DD36088B6F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{6F274332-0F18-4B38-8359-5203C6B2E35F}C:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{80E1001B-2C0E-4140-950E-060538586D3F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{8384EE3B-5516-4E89-99CE-872B68B2DD7F}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"TCP Query User{8B47F638-3258-4FDB-AC46-3A7DBE1C711F}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"TCP Query User{915814FB-3BD5-4385-95B4-C9770EE89803}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{A107E3C2-8DB6-4DF0-9A5E-6CF27C4B4E3E}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"TCP Query User{DAF6BB43-B0AA-46D8-8ADC-CDF6E7E14AC2}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{F52A3A3E-B7F1-48E1-A810-7D3236AEEA60}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{3C4408D6-482A-46D5-BDEF-98F306EF0385}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{47886196-E13B-49E4-AB65-E8ACE4744EBD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{4873D6A3-4D53-4ED8-A431-2694D27ADFA4}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
"UDP Query User{52297547-C9B0-4956-AAF0-377EB40BFB6A}C:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\basti\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{6FC82248-AB46-4205-8EE2-0BEEDF929E30}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{75E9D31C-7940-45A1-B698-5A471AAC63F1}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"UDP Query User{8C989BAD-4C56-4C38-AF18-71F18F636F3D}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | 
"UDP Query User{A113C520-B58A-4F69-82A3-69AB1D7F8557}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{AD809E98-F757-4B4C-BE1F-66B49E5C3E69}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{B62B8AA5-8457-43CF-8C89-FA0DD40A445E}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{E38D4DA1-BC53-43CE-843B-CEA313BFFE11}C:\program files (x86)\progdvb\progdvbnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\progdvb\progdvbnet.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{18E12084-AD08-4E7E-9C01-165CE2C8121B}" = Nitro PDF Reader 2
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1304
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Unlocker" = Unlocker 1.9.1-x64
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MYMOVIES)
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}" = Notification Center
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing-Desktop
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3239C8-0FD8-4994-BEED-E668B79AB520}" = My Movies Collection Management
"{A33447B6-F49A-41FC-AF0A-D27BDCAC2E23}" = Easy Phone Tunes
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-357C
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.10
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"BlueStacks App Player" = BlueStacks App Player
"Cinergy T USB XXS" = Cinergy T USB XXS V2.03.03.29
"Diablo III" = Diablo III
"Diablo III Public Test" = Diablo III Public Test
"DivX Setup" = DivX-Setup
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"Google Chrome" = Google Chrome
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 9.04
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 17.0 (x86 en-US)" = Mozilla Firefox 17.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"ProgDVB" = ProgDVB
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"SopCast" = SopCast 3.4.8
"Veetle TV" = Veetle TV
"Videoload Manager" = Videoload Manager 2.0.2220
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4251190316-340746890-89556036-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}" = Torchlight 2
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 29.12.2012 15:14:11 | Computer Name = Basti-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2246
 
Error - 30.12.2012 09:24:19 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:19 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:23 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:24:59 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\7esetonlinescanner.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 09:38:00 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.12.2012 11:17:16 | Computer Name = Basti-PC | Source = MsiInstaller | ID = 11316
Description = 
 
Error - 30.12.2012 15:45:09 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.12.2012 15:52:07 | Computer Name = Basti-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Basti\Desktop\esetonlinescanner.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 30.12.2012 18:35:58 | Computer Name = Basti-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 29.06.2012 14:47:37 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:40 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:40 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:41 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:41 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 29.06.2012 14:47:44 | Computer Name = Basti-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 08.07.2012 10:29:12 | Computer Name = Basti-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 08.07.2012 13:45:24 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 10.07.2012 04:02:14 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 11.07.2012 10:13:07 | Computer Name = Basti-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
 
< End of report >
         

Antwort

Themen zu Google Captcha Problem - Datenverkehr
analyse, autostart, avast, c:\windows, code, computer, desktop, device, file, folge, folgende, google, harddisk, ide, log file, ntoskrnl.exe, problem, reboot, scanning, system, system32, version, windows, windows 7, woche



Ähnliche Themen: Google Captcha Problem - Datenverkehr


  1. Google - ungewöhlicher Datenverkehr entdeckt (regelmässig)
    Plagegeister aller Art und deren Bekämpfung - 28.05.2015 (5)
  2. WIN 7: Google meldet dubiose Aktivitäten und verlangt Captcha
    Log-Analyse und Auswertung - 12.05.2015 (31)
  3. Passwörter ausgepäht; Ständige Captcha Abfragen bei Google Suche; Bitcoin-Miner
    Log-Analyse und Auswertung - 27.04.2015 (7)
  4. Ständige Google-Captcha Abfrage
    Log-Analyse und Auswertung - 17.04.2015 (11)
  5. Windows 8.1 - Captcha-Abfrage bei Google
    Log-Analyse und Auswertung - 01.01.2015 (13)
  6. Windows 7: Google Redirect leitet auf Werbeseite mit Captcha
    Log-Analyse und Auswertung - 07.09.2014 (3)
  7. Bei Nutzung von Google Captcha Abfrage / Verdacht auf Mißbrauch meines Internetzugangs
    Plagegeister aller Art und deren Bekämpfung - 20.12.2013 (19)
  8. Google-Meldung ungewöhnlicher Datenverkehr
    Log-Analyse und Auswertung - 03.06.2013 (9)
  9. Google - Ungewöhnlicher Datenverkehr festgestellt. Malware?
    Log-Analyse und Auswertung - 25.03.2013 (11)
  10. Google Meldung: Ungewöhnlicher Datenverkehr aus dem W-LAN
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (3)
  11. Google sucht nicht und verlangt Captcha
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (13)
  12. Google: ungewöhnlichen Datenverkehr eingabe von CAPTCHAs
    Log-Analyse und Auswertung - 20.01.2013 (15)
  13. Google captcha abfrage & bundespolizeivirus
    Log-Analyse und Auswertung - 23.12.2012 (15)
  14. Google-Meldung Datenverkehr, zum fortfahren Captcha-Eingabe nötig
    Plagegeister aller Art und deren Bekämpfung - 15.12.2012 (31)
  15. captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk
    Log-Analyse und Auswertung - 10.10.2012 (3)
  16. Google fordert Captcha-Eingabe von Suchmaschinennutzern
    Nachrichten - 26.07.2012 (0)
  17. Ständiger Datenverkehr von und zu google IP?!
    Plagegeister aller Art und deren Bekämpfung - 04.05.2009 (1)

Zum Thema Google Captcha Problem - Datenverkehr - Hallo, wie auch einige andere User habe auch ich bei mir seit ca. 1 Woche das Problem, dass Google unregelmäßig eine Captchaabfrage macht, wenn ich eine Suchanfrage starte. Ich habe - Google Captcha Problem - Datenverkehr...
Archiv
Du betrachtest: Google Captcha Problem - Datenverkehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.