Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Seth.anzutracking öffnet Werbung im Firefoxbrowser

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.03.2013, 23:46   #1
DukeYGO
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



seth.anzutracking öffnet plötzlich auf der Seite yugioh.wikia.com (aus Hobbygründen) fremde Werbung. Dabei flimmert dann der Cursor auf.
Meines Wissens kann fremde Schadensoftware neue Schadware aufspielen. Darum will ich das loswerden, kann man da was machen um das los zuwerden?
Es gibt da ein paar Guides auf englisch, aber ob man den Vertrauen kann...weiß man auch nicht.
Solche Anleitungen z.B.:
hxxp://blog.yoocare.com/how-to-remove-seth-avazutracking-net-redirect-virus-manual-removal/
hxxp://blog.teesupport.com/how-to-get-rid-of-seth-avazutracking-net-completely-seth-avazutracking-net-donmain-hijacker-malware-remove-guide/

Anmerkung:
Avast hat dazu nichts gefunden.

Malware Byte Scan:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.10.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
xxx:: xxx-PC [Administrator]

10.03.2013 22:23:35
mbam-log-2013-03-10 (22-23-35).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 204200
Laufzeit: 6 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
OTL LOG File:
Code:
ATTFilter
OTL logfile created on: 3/10/2013 10:34:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.99 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.89% Memory free
5.98 Gb Paging File | 4.88 Gb Available in Paging File | 81.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 523.22 Gb Free Space | 94.26% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.60 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/03/06 14:16:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2013/02/28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/02/28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/07 13:31:22 | 001,223,704 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\PSIA.exe
PRC - [2013/02/07 13:31:18 | 000,575,000 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/08/13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/22 18:57:36 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2009/12/17 17:18:24 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/12/17 17:17:54 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/03/06 08:54:38 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/03/06 08:54:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/03/06 08:54:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/06 08:54:18 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/06 08:54:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/06 08:54:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/03/06 08:54:04 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/06 08:53:54 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/08/10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/08/10 16:50:56 | 000,170,496 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxslt.dll
MOD - [2010/11/13 00:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/08/24 12:13:16 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3638.29735__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:16 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3638.29705__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:16 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3638.29613__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:16 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:16 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3638.29672__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:16 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3638.29685__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:16 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3638.29622__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3638.29706__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3638.29666__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3638.29656__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3638.29628__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3638.29622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:16 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3638.29736__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:15 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3638.29731__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3638.29659__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3638.29634__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3638.29680__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:15 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:15 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3638.29664__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:15 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3638.29663__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:14 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:14 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3638.29653__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:14 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:14 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010/08/24 12:13:14 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/08/24 12:13:14 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/08/24 12:13:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3638.29657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/08/24 12:13:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/08/24 12:13:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3622.19962__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/08/24 12:13:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3622.19963__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/08/24 12:13:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3622.19993__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/08/24 12:13:14 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3622.19964__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3622.19965__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3622.19974__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3622.19966__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3622.19978__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3622.19975__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3622.19967__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3622.19974__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/08/24 12:13:14 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/08/24 12:13:13 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3638.29730__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010/08/24 12:13:13 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3638.29694__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/08/24 12:13:13 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3638.29627__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/08/24 12:13:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3638.29699__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/08/24 12:13:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3638.29698__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/08/24 12:13:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/08/24 12:13:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3638.29612__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/08/24 12:13:13 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3622.19977__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3622.19970__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/08/24 12:13:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3638.29710__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/08/24 12:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/08/24 12:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3622.19967__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/08/24 12:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3622.19972__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3622.19974__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/08/24 12:13:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3622.19964__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/08/24 12:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3622.19967__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/08/24 12:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3622.19967__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/08/24 12:13:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/08/24 12:13:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/08/24 12:13:12 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3638.29618__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/08/24 12:13:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3638.29609__90ba9c70f846762e\APM.Server.dll
MOD - [2010/08/24 12:13:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3638.29610__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/08/24 12:13:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/08/24 12:13:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/08/24 12:13:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/08/24 12:13:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3622.19968__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/08/24 12:13:12 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3638.29699__90ba9c70f846762e\CCC.Implementation.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/03/07 15:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/26 21:58:56 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/07 13:31:22 | 001,223,704 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/02/07 13:31:20 | 000,660,504 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/17 17:17:54 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013/02/28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/02/28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/02/28 09:36:37 | 000,163,784 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/02/28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/02/28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/02/28 09:36:36 | 000,060,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/02/28 09:36:36 | 000,049,320 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/02/28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/02/07 13:15:22 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/01/31 10:50:58 | 000,022,656 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/10/11 04:08:10 | 000,034,432 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/06/09 12:00:48 | 001,554,472 | ---- | M] (Trident Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TrdCap.sys -- (TrdCap)
DRV - [2010/05/24 14:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/12/17 17:52:18 | 005,145,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/09/30 08:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/05/13 20:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009/05/13 20:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{469CEF17-C4C5-41DB-B566-0B22FFC3D79A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ce2600fe-5456-4fea-af94-64535f2c33be&apn_sauid=26D66C6B-D6C0-433F-A56B-2F7C786F2F1D
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{CCB2728A-D514-4A42-959D-F237DF1932BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/05 17:20:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/08 05:52:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012/12/14 19:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2013/03/04 21:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\vivet5t1.default\extensions
[2013/03/08 05:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/03/07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/03/07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/03/07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013/03/07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/03/07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/03/07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.mozilla.org/de/plugincheck/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0\
CHR - Extension: Gmail = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/03/06 14:16:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16601466-C772-4CB6-A238-F2D88C533590}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/03/10 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Pc Überprüfung
[2013/03/08 06:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/03/06 21:36:31 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\DevPro
[2013/03/06 14:16:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/06 14:16:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013/03/06 06:41:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/05 17:56:31 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Secunia PSI
[2013/03/05 17:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013/03/05 17:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/03/05 17:21:14 | 000,368,248 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/05 17:21:14 | 000,029,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/05 17:21:12 | 000,060,728 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/03/05 17:21:11 | 000,765,808 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/05 17:21:11 | 000,062,448 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/05 17:21:07 | 000,228,600 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/03/05 17:21:07 | 000,066,408 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/05 17:20:41 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/05 17:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/05 17:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/03/05 16:38:20 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Yugioh
[2013/03/05 13:39:37 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2013/03/05 13:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/05 13:39:20 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/03/05 13:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/04 21:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/03/04 20:46:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/04 20:36:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/04 15:00:32 | 000,103,680 | ---- | C] (GMER) -- C:\uwldrkob.sys
[2013/03/04 14:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/04 04:51:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/03/04 04:49:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/03/03 21:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/03 21:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/28 11:39:45 | 000,034,432 | ---- | C] (ManyCam LLC) -- C:\Windows\System32\drivers\mcvidrv.sys
[2013/02/28 11:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
[2013/02/26 12:30:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Rinteln_Dateien
[2013/02/20 18:53:15 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/02/20 07:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/03/10 22:31:34 | 000,377,856 | ---- | M] () -- C:\Users\xxx\Desktop\gmer_2.1.19155.exe
[2013/03/10 21:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/10 21:54:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/10 20:52:04 | 000,030,991 | ---- | M] () -- C:\Users\xxx\Desktop\Unbenannt 1.odt
[2013/03/10 18:09:52 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/10 18:09:52 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/10 18:02:46 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/10 18:02:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/10 18:02:34 | 2406,924,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/08 05:52:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/06 21:35:39 | 321,848,743 | ---- | M] () -- C:\Users\xxx\Desktop\YGOPro DevPro 1.7.3.2.7z
[2013/03/06 14:16:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/03/06 14:16:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013/03/05 22:19:51 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/03/05 22:19:51 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/05 22:19:51 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/03/05 22:19:51 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/05 22:12:04 | 000,311,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/05 22:03:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/03/05 17:56:23 | 000,001,072 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/03/05 17:21:15 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/05 17:21:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/05 13:39:22 | 000,001,075 | ---- | M] () -- C:\Users\xxx\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/03/04 15:00:32 | 000,103,680 | ---- | M] (GMER) -- C:\uwldrkob.sys
[2013/03/04 06:13:10 | 000,000,000 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2013/03/03 21:18:18 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/02/28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/02/28 09:36:37 | 000,163,784 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/02/28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/02/28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/02/28 09:36:36 | 000,060,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/02/28 09:36:36 | 000,049,320 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/02/28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/02/28 09:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/02/28 09:35:59 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/02/25 18:26:55 | 000,005,120 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/03/10 22:31:32 | 000,377,856 | ---- | C] () -- C:\Users\xxx\Desktop\gmer_2.1.19155.exe
[2013/03/06 21:26:28 | 321,848,743 | ---- | C] () -- C:\Users\xxx\Desktop\YGOPro DevPro 1.7.3.2.7z
[2013/03/05 22:03:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/03/05 22:02:21 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/05 22:01:26 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/05 17:56:23 | 000,001,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/03/05 17:56:23 | 000,001,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013/03/05 17:21:15 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/05 17:21:11 | 000,163,784 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/05 17:21:10 | 000,049,320 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/05 13:39:22 | 000,001,075 | ---- | C] () -- C:\Users\xxx\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/03/04 06:13:10 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2013/02/21 23:48:40 | 000,030,991 | ---- | C] () -- C:\Users\xxx\Desktop\Unbenannt 1.odt
[2013/01/08 19:37:13 | 000,005,120 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/01/29 17:29:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Audacity
[2013/01/23 16:43:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Auslogics
[2013/01/15 17:48:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2013/03/06 07:13:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 

< End of report >
         
Extras Log:
Code:
ATTFilter
OTL Extras logfile created on: 3/10/2013 10:34:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.99 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.89% Memory free
5.98 Gb Paging File | 4.88 Gb Available in Paging File | 81.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 523.22 Gb Free Space | 94.26% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.60 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{BA33F67A-AF2B-4FB5-A1AA-14DBCD248E2E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C9F34EFE-1E5D-4068-BB14-27330F673971}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5034C34A-FE9D-407C-B509-C90B5F2054CB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{CD1056BA-4E75-4D29-898D-C68578ED5C47}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EB0D9957-F921-4F3D-8376-66138673B9AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05111291-C4F7-8292-01A2-C113286286A4}" = CCC Help Russian
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{071B5C15-8CD0-744E-B0BC-F5855F8DECB0}" = CCC Help Hungarian
"{0AAC425C-6B3E-CD6E-BFFB-5D751CC6753C}" = CCC Help Japanese
"{0DAAFBE9-86D2-BDF6-CC64-34DE56EF5960}" = CCC Help Spanish
"{14191227-D02E-B89F-9B98-95EBB3A547AD}" = Catalyst Control Center Localization All
"{1573631D-6883-DA31-9A46-9FB22B38F75F}" = CCC Help Italian
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 6.2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AD017B8-F7C4-D914-A38C-4756F2DD09F6}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{343F5BC0-7765-BE30-08AF-798781247903}" = ccc-core-static
"{3ABC3B58-0CAD-E52D-4F36-9379D25794FE}" = Catalyst Control Center Graphics Previews Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7F3C64-0CF2-71E6-25A2-C4093A1D50D5}" = ccc-utility
"{3D4A7623-61FE-BF12-C2A8-39C1D0E533CF}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{472B7916-CB4E-6F58-056E-804781DFEFF8}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FF5A6ED-9A89-3E3D-5ADB-60602DA8FB6D}" = CCC Help Greek
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5914674F-5E85-103E-AE01-C69177C320AF}" = CCC Help Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6FC9A3FA-61F5-0D3E-062D-D2C85DA71651}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80FE4054-30AD-A402-BD23-0D3580376EAF}" = CCC Help Dutch
"{838CFC61-FA8C-5AD2-7E86-1BA036D5479F}" = ATI Catalyst Install Manager
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{93C95468-5FFB-101B-FE4F-1B2460AD4791}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96534FAB-69B3-CB78-3312-5416A253792C}" = CCC Help Turkish
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A13AB951-00E5-F431-A1E4-E430F6DF0BD0}" = CCC Help Thai
"{A43A4D7C-8D09-E5AA-F10A-FA99C2D6B400}" = CCC Help Danish
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8832278-3937-6753-A07A-DF23FA6A569A}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA484486-87CC-91E3-C8C1-F505D06A9BEE}" = CCC Help German
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2934A24-C863-7ABE-B054-AD4E97BE48E4}" = CCC Help Finnish
"{B972E956-F6FB-FAD7-43BF-09F558DCFFE6}" = Catalyst Control Center Graphics Previews Common
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C05900D1-D58F-4E26-C60D-605E49583F7E}" = CCC Help Swedish
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3876972-1660-0FC0-5550-B903D161E4D8}" = Catalyst Control Center Graphics Light
"{DAB36FAD-35DE-486A-9F1A-7784AC1E78B5}" = Catalyst Control Center Core Implementation
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFC1FA94-6D9D-7093-A60D-BEFF1A083023}" = CCC Help Chinese Traditional
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EEE369FB-0F44-D01A-C953-2BFA81362638}" = CCC Help Czech
"{EF33D4A2-8A46-84FF-CFAA-7F90F8EE670F}" = Catalyst Control Center Graphics Full Existing
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3A6830D-689F-C34E-5F38-9D66D7D5B3C3}" = CCC Help Chinese Standard
"{F53F4595-BDF7-C392-1CD5-1D425EBAA1A9}" = CCC Help Polish
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Free Antivirus
"CamStudio" = CamStudio
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.94
"Secunia PSI" = Secunia PSI (3.0.0.6005)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 3/6/2013 4:10:03 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: d98    Startzeit: 
01ce1aa68dab337f    Endzeit: 8    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 d398cf6a-8699-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:10:33 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1378    Startzeit:
 01ce1aa6a031e771    Endzeit: 6    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 e53dd29e-8699-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:12:14 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f4    Startzeit: 01ce1aa6dc5aded3

Endzeit:
 10    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe    Berichts-ID: 2180e211-869a-11e2-916b-0022200b8836

 
Error - 3/6/2013 4:13:23 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1f94    Startzeit:
 01ce1aa706317977    Endzeit: 5    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 4a8f47c7-869a-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:15:21 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 848    Startzeit: 
01ce1aa7481cfb60    Endzeit: 9    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 910321ed-869a-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:18:55 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1140    Startzeit:
 01ce1aa7c6bf5ede    Endzeit: 7    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 0dc0b8c2-869b-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:19:14 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1744    Startzeit:
 01ce1aa7d486a434    Endzeit: 5    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 1b974091-869b-11e2-916b-0022200b8836  
 
Error - 3/6/2013 4:23:51 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 814    Startzeit: 
01ce1aa8727f63ff    Endzeit: 15    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 c07e8c28-869b-11e2-82ff-0022200b8836  
 
Error - 3/6/2013 4:24:57 PM | Computer Name = xxx-PC | Source = Application Hang | ID = 1002
Description = Programm DevPro.exe, Version 1.5.2.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1394    Startzeit:
 01ce1aa891c6229c    Endzeit: 8    Anwendungspfad: C:\Users\xxx\Desktop\YGOPro\DevPro.exe

Berichts-ID:
 e89fcf45-869b-11e2-82ff-0022200b8836  
 
Error - 3/8/2013 12:53:26 AM | Computer Name = xxx-PC | Source = VSS | ID = 8194
Description = 
 
[ System Events ]
Error - 3/6/2013 3:40:59 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 3:47:58 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 3:47:58 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 7:59:22 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 9:08:23 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 9:11:57 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 9:11:57 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 9:11:57 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/6/2013 9:12:00 AM | Computer Name = xxx-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 3/8/2013 2:21:57 AM | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst eventlog erreicht.
 
 
< End of report >
         
Gmer Log:
[CODE]
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-10 23:33:36
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD64 rev.01.0 596,17GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\xxx\AppData\Local\Temp\uwldrkob.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwAddBootEntry [0x90C2559C]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwAllocateVirtualMemory [0x91298388]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwAssignProcessToJobObject [0x90C2602E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateEvent [0x90C317F2]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateEventPair [0x90C3183E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateIoCompletion [0x90C319D8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateMutant [0x90C31760]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwCreateSection [0x91298720]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateSemaphore [0x90C317A8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateThread [0x90C2652C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateThreadEx [0x90C26748]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwCreateTimer [0x90C31992]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwDebugActiveProcess [0x90C26DE4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwDeleteBootEntry [0x90C25602]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwDuplicateObject [0x90C2A5C2]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwFreeVirtualMemory [0x91298450]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwLoadDriver [0x912969B4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwModifyBootEntry [0x90C25668]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwNotifyChangeKey [0x90C2A98C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwNotifyChangeMultipleKeys [0x90C27874]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenEvent [0x90C3181C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenEventPair [0x90C31860]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenIoCompletion [0x90C319FC]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenMutant [0x90C31786]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenProcess [0x90C29EA8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenSection [0x90C31910]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenSemaphore [0x90C317D0]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenThread [0x90C2A29A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwOpenTimer [0x90C319B6]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwProtectVirtualMemory [0x912985B0]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwQueryObject [0x90C27740]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwQueueApcThreadEx [0x90C2744E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSetBootEntryOrder [0x90C256CE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSetBootOptions [0x90C25734]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSetContextThread [0x90C26C5E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSetSystemInformation [0x90C25284]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSetSystemPowerState [0x90C2545A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwShutdownSystem [0x90C253E8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSuspendProcess [0x90C26FAE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSuspendThread [0x90C27110]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwSystemDebugControl [0x90C254E2]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwTerminateProcess [0x91298678]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwTerminateThread [0x90C26C3E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwUnloadDriver [0x912969E4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                 ZwVdmControl [0x90C2579A]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwWriteVirtualMemory [0x912984FC]

Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ZwCreateProcessEx [0x912B1BA0]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                 ObMakeTemporaryObject

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                              82C4A9E9 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                82C841C2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 10CB                                                                   82C8B1E0 4 Bytes  [9C, 55, C2, 90]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 10F3                                                                   82C8B208 4 Bytes  [88, 83, 29, 91]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1153                                                                   82C8B268 4 Bytes  [2E, 60, C2, 90]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11A7                                                                   82C8B2BC 8 Bytes  [F2, 17, C3, 90, 3E, 18, C3, ...] {POP SS; RET ; NOP ; SBB BL, AL; NOP }
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11B3                                                                   82C8B2C8 4 Bytes  [D8, 19, C3, 90] {FCOMP DWORD [ECX]; RET ; NOP }
.text           ...                                                                                                   
PAGE            ntkrnlpa.exe!ObMakeTemporaryObject                                                                    82E18C6B 5 Bytes  JMP 912AEA3A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ObInsertObject + 27                                                                      82E31280 5 Bytes  JMP 912B056C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108                                                           82E463C7 4 Bytes  CALL 90C27F37 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122                                                          82E601B0 4 Bytes  CALL 90C27F4D \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE            ntkrnlpa.exe!ZwCreateProcessEx                                                                        82EEA008 7 Bytes  JMP 912B1BA4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                                              section is writeable [0x91A1A000, 0x2CB832, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[424] kernel32.dll!GetBinaryTypeW + 70          757769F4 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[444] kernel32.dll!GetBinaryTypeW + 70                                 757769F4 1 Byte  [62]
.text           C:\Windows\system32\csrss.exe[496] kernel32.dll!GetBinaryTypeW + 70                                   757769F4 1 Byte  [62]
.text           C:\Windows\system32\wininit.exe[572] kernel32.dll!GetBinaryTypeW + 70                                 757769F4 1 Byte  [62]
.text           C:\Windows\system32\csrss.exe[580] kernel32.dll!GetBinaryTypeW + 70                                   757769F4 1 Byte  [62]
.text           ...                                                                                                   
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] ntdll.dll!LdrUnloadDll                               772FC86E 5 Bytes  JMP 000903FC 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] ntdll.dll!LdrLoadDll                                 7730223E 5 Bytes  JMP 000901F8 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] KERNEL32.dll!GetBinaryTypeW + 70                     757769F4 1 Byte  [62]
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] USER32.dll!UnhookWindowsHookEx                       75D4ADF9 5 Bytes  JMP 000B0A08 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] USER32.dll!UnhookWinEvent                            75D4B750 5 Bytes  JMP 000B03FC 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] USER32.dll!SetWindowsHookExW                         75D4E30C 5 Bytes  JMP 000B0804 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] USER32.dll!SetWinEventHook                           75D524DC 5 Bytes  JMP 000B01F8 
.text           C:\Windows\system32\SearchProtocolHost.exe[2452] USER32.dll!SetWindowsHookExA                         75D76D0C 5 Bytes  JMP 000B0600 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] ntdll.dll!LdrUnloadDll                          772FC86E 5 Bytes  JMP 001E03FC 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] ntdll.dll!LdrLoadDll                            7730223E 5 Bytes  JMP 001E01F8 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] KERNEL32.dll!GetBinaryTypeW + 70                757769F4 1 Byte  [62]
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] USER32.dll!UnhookWindowsHookEx                  75D4ADF9 5 Bytes  JMP 00200A08 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] USER32.dll!UnhookWinEvent                       75D4B750 5 Bytes  JMP 002003FC 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] USER32.dll!SetWindowsHookExW                    75D4E30C 5 Bytes  JMP 00200804 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] USER32.dll!SetWinEventHook                      75D524DC 5 Bytes  JMP 002001F8 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2656] USER32.dll!SetWindowsHookExA                    75D76D0C 5 Bytes  JMP 00200600 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] ntdll.dll!LdrUnloadDll            772FC86E 5 Bytes  JMP 000703FC 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] ntdll.dll!LdrLoadDll              7730223E 5 Bytes  JMP 000701F8 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] KERNEL32.dll!GetBinaryTypeW + 70  757769F4 1 Byte  [62]
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] USER32.dll!UnhookWindowsHookEx    75D4ADF9 5 Bytes  JMP 00320A08 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] USER32.dll!UnhookWinEvent         75D4B750 5 Bytes  JMP 003203FC 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] USER32.dll!SetWindowsHookExW      75D4E30C 5 Bytes  JMP 00320804 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] USER32.dll!SetWinEventHook        75D524DC 5 Bytes  JMP 003201F8 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2672] USER32.dll!SetWindowsHookExA      75D76D0C 5 Bytes  JMP 00320600 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] ntdll.dll!LdrUnloadDll                           772FC86E 5 Bytes  JMP 001E03FC 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] ntdll.dll!LdrLoadDll                             7730223E 5 Bytes  JMP 001E01F8 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] KERNEL32.dll!GetBinaryTypeW + 70                 757769F4 1 Byte  [62]
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] USER32.dll!UnhookWindowsHookEx                   75D4ADF9 5 Bytes  JMP 00200A08 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] USER32.dll!UnhookWinEvent                        75D4B750 5 Bytes  JMP 002003FC 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] USER32.dll!SetWindowsHookExW                     75D4E30C 5 Bytes  JMP 00200804 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] USER32.dll!SetWinEventHook                       75D524DC 5 Bytes  JMP 002001F8 
.text           C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2828] USER32.dll!SetWindowsHookExA                     75D76D0C 5 Bytes  JMP 00200600 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] ntdll.dll!LdrUnloadDll                                772FC86E 5 Bytes  JMP 000603FC 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] ntdll.dll!LdrLoadDll                                  7730223E 5 Bytes  JMP 000601F8 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] KERNEL32.dll!GetBinaryTypeW + 70                      757769F4 1 Byte  [62]
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] USER32.dll!UnhookWindowsHookEx                        75D4ADF9 5 Bytes  JMP 00080A08 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] USER32.dll!UnhookWinEvent                             75D4B750 5 Bytes  JMP 000803FC 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] USER32.dll!SetWindowsHookExW                          75D4E30C 5 Bytes  JMP 00080804 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] USER32.dll!SetWinEventHook                            75D524DC 5 Bytes  JMP 000801F8 
.text           C:\Windows\servicing\TrustedInstaller.exe[2924] USER32.dll!SetWindowsHookExA                          75D76D0C 5 Bytes  JMP 00080600 
.text           C:\Windows\system32\SearchIndexer.exe[3000] ntdll.dll!LdrUnloadDll                                    772FC86E 5 Bytes  JMP 002203FC 
.text           C:\Windows\system32\SearchIndexer.exe[3000] ntdll.dll!LdrLoadDll                                      7730223E 5 Bytes  JMP 002201F8 
.text           C:\Windows\system32\SearchIndexer.exe[3000] KERNEL32.dll!GetBinaryTypeW + 70                          757769F4 1 Byte  [62]
.text           C:\Windows\system32\SearchIndexer.exe[3000] USER32.dll!UnhookWindowsHookEx                            75D4ADF9 5 Bytes  JMP 00250A08 
.text           C:\Windows\system32\SearchIndexer.exe[3000] USER32.dll!UnhookWinEvent                                 75D4B750 5 Bytes  JMP 002503FC 
.text           C:\Windows\system32\SearchIndexer.exe[3000] USER32.dll!SetWindowsHookExW                              75D4E30C 5 Bytes  JMP 00250804 
.text           C:\Windows\system32\SearchIndexer.exe[3000] USER32.dll!SetWinEventHook                                75D524DC 5 Bytes  JMP 002501F8 
.text           C:\Windows\system32\SearchIndexer.exe[3000] USER32.dll!SetWindowsHookExA                              75D76D0C 5 Bytes  JMP 00250600 
.text           C:\Windows\system32\taskeng.exe[3128] ntdll.dll!LdrUnloadDll                                          772FC86E 5 Bytes  JMP 000E03FC 
.text           C:\Windows\system32\taskeng.exe[3128] ntdll.dll!LdrLoadDll                                            7730223E 5 Bytes  JMP 000E01F8 
.text           C:\Windows\system32\taskeng.exe[3128] KERNEL32.dll!GetBinaryTypeW + 70                                757769F4 1 Byte  [62]
.text           C:\Windows\system32\taskeng.exe[3128] USER32.dll!UnhookWindowsHookEx                                  75D4ADF9 5 Bytes  JMP 000F0A08 
.text           C:\Windows\system32\taskeng.exe[3128] USER32.dll!UnhookWinEvent                                       75D4B750 5 Bytes  JMP 000F03FC 
.text           C:\Windows\system32\taskeng.exe[3128] USER32.dll!SetWindowsHookExW                                    75D4E30C 5 Bytes  JMP 000F0804 
.text           C:\Windows\system32\taskeng.exe[3128] USER32.dll!SetWinEventHook                                      75D524DC 5 Bytes  JMP 000F01F8 
.text           C:\Windows\system32\taskeng.exe[3128] USER32.dll!SetWindowsHookExA                                    75D76D0C 5 Bytes  JMP 000F0600 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] ntdll.dll!LdrUnloadDll                            772FC86E 5 Bytes  JMP 001E03FC 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] ntdll.dll!LdrLoadDll                              7730223E 5 Bytes  JMP 001E01F8 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] KERNEL32.dll!GetBinaryTypeW + 70                  757769F4 1 Byte  [62]
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] USER32.dll!UnhookWindowsHookEx                    75D4ADF9 5 Bytes  JMP 001F0A08 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] USER32.dll!UnhookWinEvent                         75D4B750 5 Bytes  JMP 001F03FC 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] USER32.dll!SetWindowsHookExW                      75D4E30C 5 Bytes  JMP 001F0804 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] USER32.dll!SetWinEventHook                        75D524DC 5 Bytes  JMP 001F01F8 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3468] USER32.dll!SetWindowsHookExA                      75D76D0C 5 Bytes  JMP 001F0600 
.text           C:\Program Files\AVAST Software\Avast\AvastUI.exe[3496] kernel32.dll!GetBinaryTypeW + 70              757769F4 1 Byte  [62]
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] ntdll.dll!LdrUnloadDll            772FC86E 5 Bytes  JMP 000703FC 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] ntdll.dll!LdrLoadDll              7730223E 5 Bytes  JMP 000701F8 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] KERNEL32.dll!GetBinaryTypeW + 70  757769F4 1 Byte  [62]
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] USER32.dll!UnhookWindowsHookEx    75D4ADF9 5 Bytes  JMP 00190A08 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] USER32.dll!UnhookWinEvent         75D4B750 5 Bytes  JMP 001903FC 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] USER32.dll!SetWindowsHookExW      75D4E30C 5 Bytes  JMP 00190804 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] USER32.dll!SetWinEventHook        75D524DC 5 Bytes  JMP 001901F8 
.text           C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3668] USER32.dll!SetWindowsHookExA      75D76D0C 5 Bytes  JMP 00190600 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] ntdll.dll!LdrUnloadDll               772FC86E 5 Bytes  JMP 001803FC 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] ntdll.dll!LdrLoadDll                 7730223E 5 Bytes  JMP 001801F8 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] KERNEL32.dll!GetBinaryTypeW + 70     757769F4 1 Byte  [62]
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] USER32.dll!UnhookWindowsHookEx       75D4ADF9 5 Bytes  JMP 001A0A08 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] USER32.dll!UnhookWinEvent            75D4B750 5 Bytes  JMP 001A03FC 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] USER32.dll!SetWindowsHookExW         75D4E30C 5 Bytes  JMP 001A0804 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] USER32.dll!SetWinEventHook           75D524DC 5 Bytes  JMP 001A01F8 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3732] USER32.dll!SetWindowsHookExA         75D76D0C 5 Bytes  JMP 001A0600 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] ntdll.dll!LdrUnloadDll                             772FC86E 5 Bytes  JMP 000E03FC 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] ntdll.dll!LdrLoadDll                               7730223E 5 Bytes  JMP 000E01F8 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] KERNEL32.dll!GetBinaryTypeW + 70                   757769F4 1 Byte  [62]
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] USER32.dll!UnhookWindowsHookEx                     75D4ADF9 5 Bytes  JMP 00100A08 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] USER32.dll!UnhookWinEvent                          75D4B750 5 Bytes  JMP 001003FC 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] USER32.dll!SetWindowsHookExW                       75D4E30C 5 Bytes  JMP 00100804 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] USER32.dll!SetWinEventHook                         75D524DC 5 Bytes  JMP 001001F8 
.text           C:\Program Files\Windows Sidebar\sidebar.exe[3740] USER32.dll!SetWindowsHookExA                       75D76D0C 5 Bytes  JMP 00100600 
.text           C:\Users\xxx\Desktop\gmer_2.1.19155.exe[3768] kernel32.dll!GetBinaryTypeW + 70                   757769F4 1 Byte  [62]

---- Devices - GMER 2.1 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                               Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                               aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\tdx \Device\Udp                                                                               aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b4f859                           
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b4f859 (not active ControlSet)       

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                 unknown MBR code

---- EOF - GMER 2.1 ----
         
--- --- ---

Geändert von DukeYGO (10.03.2013 um 23:53 Uhr)

Alt 11.03.2013, 11:51   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Hallo,

Zitat:
C:\Users\xxx\Desktop\YGOPro DevPro 1.7.3.2.7z
Was genau soll das sein und v.a. aus welcher Quelle hast du das?
__________________

__________________

Alt 11.03.2013, 12:41   #3
DukeYGO
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Handelt sich dabei um ein Programm, das ich zur Ausübung meiner Freizeit nutze.
hxxp://ygopro.de/download/
DAs Programm updatet sich von alleine und ist grundsätzlich eigentlich unbedenklich.
__________________

Alt 11.03.2013, 12:44   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Ok, danke für die Erklärung

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.03.2013, 13:53   #5
DukeYGO
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



So.
Ich hab alle Sachen durchgeführt. TDSSKiller hat tatsächlich was gefunden.
Ich denk mal, ich vertrau dir die Sachen einfach mal absolut an.
Laut den ganzen Quellen ist das ja irgendwie so ein Problem nur innerhalb des Browsers, aber andere Probleme, können ja neue auslösen....
Ich hoffe wir werden das los. ^^

Malwarebyte Rootkit:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.11.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
xxx:: xxx-PC [administrator]

11.03.2013 13:19:00
mbar-log-2013-03-11 (13-19-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30959
Time elapsed: 21 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
aswMBR:

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-11 13:23:41
-----------------------------
13:23:41.399    OS Version: Windows 6.1.7601 Service Pack 1
13:23:41.399    Number of processors: 4 586 0x2505
13:23:41.399    ComputerName: xxx-PC  UserName: xxx
13:23:43.146    Initialize success
13:23:43.224    AVAST engine defs: 13031100
13:23:44.971    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:23:44.987    Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
13:23:45.018    Disk 0 MBR read successfully
13:23:45.034    Disk 0 MBR scan
13:23:45.034    Disk 0 unknown MBR code
13:23:45.034    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
13:23:45.065    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       568389 MB offset 206848
13:23:45.096    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        40960 MB offset 1164267520
13:23:45.112    Disk 0 Partition 4 00     12  Compaq diag NTFS         1029 MB offset 1248153600
13:23:45.127    Disk 0 scanning sectors +1250261680
13:23:45.205    Disk 0 scanning C:\Windows\system32\drivers
13:23:59.713    Service scanning
13:24:36.576    Modules scanning
13:24:47.902    Disk 0 trace - called modules:
13:24:47.933    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 
13:24:47.933    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87e24030]
13:24:47.949    3 CLASSPNP.SYS[8b78959e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x862f8028]
13:24:49.228    AVAST engine scan C:\Windows
13:24:52.582    AVAST engine scan C:\Windows\system32
13:27:11.563    AVAST engine scan C:\Windows\system32\drivers
13:27:24.932    AVAST engine scan C:\Users\xxx
13:39:12.877    AVAST engine scan C:\ProgramData
13:39:29.740    Scan finished successfully
13:39:58.460    Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\Pc Überprüfung\MBR.dat"
13:39:58.476    The log file has been saved successfully to "C:\Users\xxx\Desktop\Pc Überprüfung\aswMBR.txt"
         
TDSSKiller Log:

Code:
ATTFilter
13:42:21.0874 3408  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:42:22.0123 3408  ============================================================
13:42:22.0123 3408  Current date / time: 2013/03/11 13:42:22.0123
13:42:22.0123 3408  SystemInfo:
13:42:22.0123 3408  
13:42:22.0123 3408  OS Version: 6.1.7601 ServicePack: 1.0
13:42:22.0123 3408  Product type: Workstation
13:42:22.0123 3408  ComputerName: xxx-PC
13:42:22.0123 3408  UserName: xxx
13:42:22.0123 3408  Windows directory: C:\Windows
13:42:22.0123 3408  System windows directory: C:\Windows
13:42:22.0123 3408  Processor architecture: Intel x86
13:42:22.0123 3408  Number of processors: 4
13:42:22.0123 3408  Page size: 0x1000
13:42:22.0123 3408  Boot type: Normal boot
13:42:22.0123 3408  ============================================================
13:42:22.0638 3408  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:42:22.0638 3408  ============================================================
13:42:22.0638 3408  \Device\Harddisk0\DR0:
13:42:22.0638 3408  MBR partitions:
13:42:22.0638 3408  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:42:22.0638 3408  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x45622800
13:42:22.0638 3408  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x45655000, BlocksNum 0x5000000
13:42:22.0638 3408  ============================================================
13:42:22.0685 3408  C: <-> \Device\Harddisk0\DR0\Partition2
13:42:22.0732 3408  D: <-> \Device\Harddisk0\DR0\Partition3
13:42:22.0732 3408  ============================================================
13:42:22.0732 3408  Initialize success
13:42:22.0732 3408  ============================================================
13:42:33.0542 2828  ============================================================
13:42:33.0542 2828  Scan started
13:42:33.0542 2828  Mode: Manual; SigCheck; TDLFS; 
13:42:33.0542 2828  ============================================================
13:42:34.0244 2828  ================ Scan system memory ========================
13:42:34.0244 2828  System memory - ok
13:42:34.0244 2828  ================ Scan services =============================
13:42:34.0432 2828  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:42:34.0588 2828  1394ohci - ok
13:42:34.0650 2828  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:42:34.0681 2828  ACPI - ok
13:42:34.0744 2828  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:42:34.0822 2828  AcpiPmi - ok
13:42:34.0915 2828  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:42:34.0931 2828  AdobeARMservice - ok
13:42:35.0024 2828  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:42:35.0056 2828  AdobeFlashPlayerUpdateSvc - ok
13:42:35.0134 2828  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:42:35.0180 2828  adp94xx - ok
13:42:35.0243 2828  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:42:35.0274 2828  adpahci - ok
13:42:35.0352 2828  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:42:35.0383 2828  adpu320 - ok
13:42:35.0414 2828  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:42:35.0446 2828  AeLookupSvc - ok
13:42:35.0508 2828  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
13:42:35.0555 2828  AFD - ok
13:42:35.0586 2828  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:42:35.0602 2828  agp440 - ok
13:42:35.0664 2828  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
13:42:35.0695 2828  aic78xx - ok
13:42:35.0742 2828  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
13:42:35.0804 2828  ALG - ok
13:42:35.0867 2828  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:42:35.0898 2828  aliide - ok
13:42:35.0976 2828  [ 1DDBBBBDC8ABF026CD0B715CDBBD9F7B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:42:36.0054 2828  AMD External Events Utility - ok
13:42:36.0085 2828  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:42:36.0101 2828  amdagp - ok
13:42:36.0132 2828  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:42:36.0148 2828  amdide - ok
13:42:36.0179 2828  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:42:36.0272 2828  AmdK8 - ok
13:42:36.0304 2828  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:42:36.0350 2828  AmdPPM - ok
13:42:36.0397 2828  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:42:36.0428 2828  amdsata - ok
13:42:36.0460 2828  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:42:36.0491 2828  amdsbs - ok
13:42:36.0506 2828  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:42:36.0522 2828  amdxata - ok
13:42:36.0553 2828  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
13:42:36.0709 2828  AppID - ok
13:42:36.0756 2828  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:42:36.0818 2828  AppIDSvc - ok
13:42:36.0850 2828  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
13:42:36.0912 2828  Appinfo - ok
13:42:36.0959 2828  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:42:36.0990 2828  arc - ok
13:42:37.0006 2828  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:42:37.0021 2828  arcsas - ok
13:42:37.0068 2828  [ 5B3562D243AE2BB76858867DCA43038D ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:42:37.0099 2828  aswFsBlk - ok
13:42:37.0146 2828  [ 1A4EABEE6A4809EDA17F7593E211B402 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:42:37.0162 2828  aswMonFlt - ok
13:42:37.0177 2828  [ F5F5E12CB417C52516A49E2F92509A78 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
13:42:37.0193 2828  aswRdr - ok
13:42:37.0240 2828  [ F9647D0C5871245F60AD743B0A10D1F1 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:42:37.0271 2828  aswRvrt - ok
13:42:37.0302 2828  [ 2A8E206C73D6C0AA795DF8299808AB26 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:42:37.0333 2828  aswSnx - ok
13:42:37.0380 2828  [ F0D5770AE7F46387AE17FF9EBB287AAC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:42:37.0396 2828  aswSP - ok
13:42:37.0411 2828  [ C75DDAE1FDD93A6C9A53DE175DC51225 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
13:42:37.0411 2828  aswTdi - ok
13:42:37.0442 2828  [ 1DCB866DDD43751164AFC01EC2C086CB ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:42:37.0458 2828  aswVmm - ok
13:42:37.0489 2828  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:37.0583 2828  AsyncMac - ok
13:42:37.0614 2828  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
13:42:37.0645 2828  atapi - ok
13:42:37.0708 2828  [ 40A07E6916AC098E31A9E39AC202B8A1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
13:42:37.0723 2828  AtiHdmiService - ok
13:42:37.0879 2828  [ 427C14EA1202C874E3EAD16CD2E2778A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:42:37.0957 2828  atikmdag - ok
13:42:38.0020 2828  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:38.0082 2828  AudioEndpointBuilder - ok
13:42:38.0098 2828  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:42:38.0129 2828  Audiosrv - ok
13:42:38.0191 2828  [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:42:38.0207 2828  avast! Antivirus - ok
13:42:38.0254 2828  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:42:38.0316 2828  AxInstSV - ok
13:42:38.0347 2828  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
13:42:38.0394 2828  b06bdrv - ok
13:42:38.0425 2828  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:42:38.0488 2828  b57nd60x - ok
13:42:38.0550 2828  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:42:38.0581 2828  BDESVC - ok
13:42:38.0612 2828  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:42:38.0690 2828  Beep - ok
13:42:38.0737 2828  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
13:42:38.0800 2828  BFE - ok
13:42:38.0846 2828  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
13:42:38.0909 2828  BITS - ok
13:42:38.0940 2828  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:38.0971 2828  blbdrive - ok
13:42:39.0002 2828  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:42:39.0065 2828  bowser - ok
13:42:39.0096 2828  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:42:39.0190 2828  BrFiltLo - ok
13:42:39.0221 2828  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:42:39.0283 2828  BrFiltUp - ok
13:42:39.0346 2828  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:42:39.0455 2828  BridgeMP - ok
13:42:39.0486 2828  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
13:42:39.0533 2828  Browser - ok
13:42:39.0564 2828  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:42:39.0595 2828  Brserid - ok
13:42:39.0611 2828  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:39.0673 2828  BrSerWdm - ok
13:42:39.0689 2828  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:39.0751 2828  BrUsbMdm - ok
13:42:39.0782 2828  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:39.0829 2828  BrUsbSer - ok
13:42:39.0860 2828  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:42:39.0892 2828  BthEnum - ok
13:42:39.0923 2828  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:42:39.0985 2828  BTHMODEM - ok
13:42:40.0032 2828  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:42:40.0094 2828  BthPan - ok
13:42:40.0141 2828  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:42:40.0188 2828  BTHPORT - ok
13:42:40.0235 2828  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
13:42:40.0297 2828  bthserv - ok
13:42:40.0344 2828  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:42:40.0375 2828  BTHUSB - ok
13:42:40.0422 2828  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:42:40.0500 2828  cdfs - ok
13:42:40.0531 2828  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
13:42:40.0594 2828  cdrom - ok
13:42:40.0625 2828  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:42:40.0687 2828  CertPropSvc - ok
13:42:40.0750 2828  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:42:40.0812 2828  circlass - ok
13:42:40.0843 2828  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
13:42:40.0874 2828  CLFS - ok
13:42:40.0984 2828  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:40.0999 2828  clr_optimization_v2.0.50727_32 - ok
13:42:41.0093 2828  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:41.0124 2828  clr_optimization_v4.0.30319_32 - ok
13:42:41.0140 2828  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:42:41.0186 2828  CmBatt - ok
13:42:41.0218 2828  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:42:41.0233 2828  cmdide - ok
13:42:41.0280 2828  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:42:41.0311 2828  CNG - ok
13:42:41.0374 2828  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:42:41.0405 2828  Compbatt - ok
13:42:41.0420 2828  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:42:41.0467 2828  CompositeBus - ok
13:42:41.0483 2828  COMSysApp - ok
13:42:41.0530 2828  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:42:41.0561 2828  crcdisk - ok
13:42:41.0592 2828  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:42:41.0623 2828  CryptSvc - ok
13:42:41.0670 2828  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:42:41.0717 2828  DcomLaunch - ok
13:42:41.0748 2828  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:42:41.0826 2828  defragsvc - ok
13:42:41.0857 2828  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:42:41.0904 2828  DfsC - ok
13:42:41.0951 2828  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:42:41.0998 2828  Dhcp - ok
13:42:42.0029 2828  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
13:42:42.0091 2828  discache - ok
13:42:42.0138 2828  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:42:42.0169 2828  Disk - ok
13:42:42.0200 2828  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:42:42.0247 2828  Dnscache - ok
13:42:42.0278 2828  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:42:42.0341 2828  dot3svc - ok
13:42:42.0372 2828  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
13:42:42.0419 2828  DPS - ok
13:42:42.0450 2828  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:42:42.0481 2828  drmkaud - ok
13:42:42.0528 2828  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:42:42.0575 2828  DXGKrnl - ok
13:42:42.0622 2828  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
13:42:42.0700 2828  EapHost - ok
13:42:42.0809 2828  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
13:42:42.0887 2828  ebdrv - ok
13:42:42.0918 2828  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
13:42:42.0949 2828  EFS - ok
13:42:43.0012 2828  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:42:43.0074 2828  ehRecvr - ok
13:42:43.0105 2828  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
13:42:43.0152 2828  ehSched - ok
13:42:43.0230 2828  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:42:43.0277 2828  elxstor - ok
13:42:43.0292 2828  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:42:43.0324 2828  ErrDev - ok
13:42:43.0370 2828  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
13:42:43.0464 2828  EventSystem - ok
13:42:43.0495 2828  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
13:42:43.0542 2828  exfat - ok
13:42:43.0558 2828  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:42:43.0604 2828  fastfat - ok
13:42:43.0667 2828  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
13:42:43.0729 2828  Fax - ok
13:42:43.0745 2828  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:42:43.0792 2828  fdc - ok
13:42:43.0823 2828  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
13:42:43.0901 2828  fdPHost - ok
13:42:43.0916 2828  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
13:42:43.0994 2828  FDResPub - ok
13:42:44.0026 2828  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:42:44.0041 2828  FileInfo - ok
13:42:44.0057 2828  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:42:44.0119 2828  Filetrace - ok
13:42:44.0150 2828  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:42:44.0182 2828  flpydisk - ok
13:42:44.0213 2828  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:42:44.0228 2828  FltMgr - ok
13:42:44.0260 2828  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
13:42:44.0338 2828  FontCache - ok
13:42:44.0416 2828  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:42:44.0447 2828  FontCache3.0.0.0 - ok
13:42:44.0494 2828  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:42:44.0525 2828  FsDepends - ok
13:42:44.0540 2828  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:42:44.0556 2828  Fs_Rec - ok
13:42:44.0618 2828  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:42:44.0650 2828  fvevol - ok
13:42:44.0696 2828  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:42:44.0712 2828  gagp30kx - ok
13:42:44.0743 2828  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:42:44.0806 2828  gpsvc - ok
13:42:44.0868 2828  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:42:44.0899 2828  gupdate - ok
13:42:44.0899 2828  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:42:44.0930 2828  gupdatem - ok
13:42:44.0962 2828  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:42:45.0008 2828  hcw85cir - ok
13:42:45.0071 2828  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:45.0133 2828  HdAudAddService - ok
13:42:45.0164 2828  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:42:45.0196 2828  HDAudBus - ok
13:42:45.0227 2828  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:42:45.0274 2828  HidBatt - ok
13:42:45.0289 2828  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:42:45.0336 2828  HidBth - ok
13:42:45.0352 2828  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:42:45.0383 2828  HidIr - ok
13:42:45.0414 2828  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
13:42:45.0445 2828  hidserv - ok
13:42:45.0508 2828  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:42:45.0539 2828  HidUsb - ok
13:42:45.0570 2828  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:42:45.0648 2828  hkmsvc - ok
13:42:45.0695 2828  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:45.0742 2828  HomeGroupListener - ok
13:42:45.0773 2828  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:45.0820 2828  HomeGroupProvider - ok
13:42:45.0866 2828  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:42:45.0898 2828  HpSAMD - ok
13:42:45.0960 2828  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:42:46.0007 2828  HTTP - ok
13:42:46.0038 2828  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:42:46.0038 2828  hwpolicy - ok
13:42:46.0085 2828  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:42:46.0147 2828  i8042prt - ok
13:42:46.0178 2828  [ 26541A068572F650A2FA490726FE81BE ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:42:46.0210 2828  iaStor - ok
13:42:46.0272 2828  [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:42:46.0303 2828  IAStorDataMgrSvc - ok
13:42:46.0334 2828  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:42:46.0350 2828  iaStorV - ok
13:42:46.0412 2828  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:42:46.0490 2828  idsvc - ok
13:42:46.0522 2828  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:42:46.0537 2828  iirsp - ok
13:42:46.0568 2828  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:42:46.0631 2828  IKEEXT - ok
13:42:46.0756 2828  [ 98B5841CCE188B565E0CC460B8FD935F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:42:46.0880 2828  IntcAzAudAddService - ok
13:42:46.0912 2828  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:42:46.0943 2828  intelide - ok
13:42:46.0990 2828  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:42:47.0036 2828  intelppm - ok
13:42:47.0068 2828  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:42:47.0161 2828  IPBusEnum - ok
13:42:47.0192 2828  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:47.0270 2828  IpFilterDriver - ok
13:42:47.0302 2828  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:42:47.0364 2828  iphlpsvc - ok
13:42:47.0395 2828  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:42:47.0426 2828  IPMIDRV - ok
13:42:47.0473 2828  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:42:47.0536 2828  IPNAT - ok
13:42:47.0567 2828  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:42:47.0614 2828  IRENUM - ok
13:42:47.0645 2828  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:42:47.0660 2828  isapnp - ok
13:42:47.0692 2828  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:42:47.0707 2828  iScsiPrt - ok
13:42:47.0738 2828  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
13:42:47.0754 2828  kbdclass - ok
13:42:47.0785 2828  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:42:47.0848 2828  kbdhid - ok
13:42:47.0879 2828  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
13:42:47.0894 2828  KeyIso - ok
13:42:47.0926 2828  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:42:47.0941 2828  KSecDD - ok
13:42:47.0972 2828  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:42:47.0988 2828  KSecPkg - ok
13:42:48.0019 2828  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:42:48.0082 2828  KtmRm - ok
13:42:48.0128 2828  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:42:48.0206 2828  LanmanServer - ok
13:42:48.0238 2828  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:48.0284 2828  LanmanWorkstation - ok
13:42:48.0331 2828  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:42:48.0409 2828  lltdio - ok
13:42:48.0440 2828  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:42:48.0487 2828  lltdsvc - ok
13:42:48.0503 2828  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:42:48.0550 2828  lmhosts - ok
13:42:48.0581 2828  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:42:48.0596 2828  LSI_FC - ok
13:42:48.0643 2828  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:42:48.0674 2828  LSI_SAS - ok
13:42:48.0690 2828  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:42:48.0706 2828  LSI_SAS2 - ok
13:42:48.0737 2828  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:42:48.0752 2828  LSI_SCSI - ok
13:42:48.0784 2828  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
13:42:48.0815 2828  luafv - ok
13:42:48.0862 2828  [ D8C0B2EB928D57C928522EFF500C4BA8 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
13:42:48.0893 2828  ManyCam - ok
13:42:48.0924 2828  [ DFAA87E30868FE4CB7D335837A4BF39C ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv.sys
13:42:48.0955 2828  mcaudrv_simple - ok
13:42:48.0986 2828  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:42:49.0018 2828  Mcx2Svc - ok
13:42:49.0049 2828  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:42:49.0064 2828  megasas - ok
13:42:49.0096 2828  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:42:49.0111 2828  MegaSR - ok
13:42:49.0142 2828  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
13:42:49.0205 2828  MMCSS - ok
13:42:49.0236 2828  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
13:42:49.0314 2828  Modem - ok
13:42:49.0345 2828  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:42:49.0376 2828  monitor - ok
13:42:49.0423 2828  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
13:42:49.0454 2828  mouclass - ok
13:42:49.0501 2828  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:42:49.0517 2828  mouhid - ok
13:42:49.0548 2828  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:42:49.0579 2828  mountmgr - ok
13:42:49.0626 2828  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:42:49.0657 2828  MozillaMaintenance - ok
13:42:49.0673 2828  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:42:49.0688 2828  mpio - ok
13:42:49.0704 2828  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:42:49.0751 2828  mpsdrv - ok
13:42:49.0798 2828  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:42:49.0844 2828  MpsSvc - ok
13:42:49.0891 2828  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:42:49.0922 2828  MRxDAV - ok
13:42:49.0969 2828  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:50.0016 2828  mrxsmb - ok
13:42:50.0047 2828  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:50.0094 2828  mrxsmb10 - ok
13:42:50.0110 2828  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:50.0156 2828  mrxsmb20 - ok
13:42:50.0203 2828  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
13:42:50.0234 2828  msahci - ok
13:42:50.0266 2828  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:42:50.0281 2828  msdsm - ok
13:42:50.0297 2828  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
13:42:50.0328 2828  MSDTC - ok
13:42:50.0359 2828  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:42:50.0406 2828  Msfs - ok
13:42:50.0422 2828  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:42:50.0468 2828  mshidkmdf - ok
13:42:50.0500 2828  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:42:50.0515 2828  msisadrv - ok
13:42:50.0546 2828  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:42:50.0593 2828  MSiSCSI - ok
13:42:50.0593 2828  msiserver - ok
13:42:50.0624 2828  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:42:50.0702 2828  MSKSSRV - ok
13:42:50.0734 2828  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:50.0780 2828  MSPCLOCK - ok
13:42:50.0796 2828  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:42:50.0858 2828  MSPQM - ok
13:42:50.0890 2828  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:42:50.0905 2828  MsRPC - ok
13:42:50.0936 2828  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:42:50.0952 2828  mssmbios - ok
13:42:50.0983 2828  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:42:51.0046 2828  MSTEE - ok
13:42:51.0077 2828  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:42:51.0092 2828  MTConfig - ok
13:42:51.0124 2828  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:42:51.0139 2828  Mup - ok
13:42:51.0186 2828  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
13:42:51.0248 2828  napagent - ok
13:42:51.0311 2828  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:42:51.0358 2828  NativeWifiP - ok
13:42:51.0389 2828  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:42:51.0420 2828  NDIS - ok
13:42:51.0451 2828  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:51.0482 2828  NdisCap - ok
13:42:51.0514 2828  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:51.0560 2828  NdisTapi - ok
13:42:51.0607 2828  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:51.0654 2828  Ndisuio - ok
13:42:51.0685 2828  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:51.0779 2828  NdisWan - ok
13:42:51.0794 2828  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:42:51.0841 2828  NDProxy - ok
13:42:51.0872 2828  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:42:51.0935 2828  NetBIOS - ok
13:42:51.0950 2828  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:42:52.0028 2828  NetBT - ok
13:42:52.0044 2828  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
13:42:52.0060 2828  Netlogon - ok
13:42:52.0106 2828  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
13:42:52.0200 2828  Netman - ok
13:42:52.0216 2828  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
13:42:52.0278 2828  netprofm - ok
13:42:52.0309 2828  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:42:52.0309 2828  NetTcpPortSharing - ok
13:42:52.0356 2828  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:42:52.0387 2828  nfrd960 - ok
13:42:52.0418 2828  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:42:52.0465 2828  NlaSvc - ok
13:42:52.0496 2828  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:42:52.0543 2828  Npfs - ok
13:42:52.0574 2828  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
13:42:52.0621 2828  nsi - ok
13:42:52.0621 2828  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:42:52.0668 2828  nsiproxy - ok
13:42:52.0746 2828  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:42:52.0824 2828  Ntfs - ok
13:42:52.0840 2828  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
13:42:52.0918 2828  Null - ok
13:42:52.0949 2828  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:42:52.0964 2828  nvraid - ok
13:42:52.0996 2828  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:42:53.0011 2828  nvstor - ok
13:42:53.0042 2828  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:42:53.0058 2828  nv_agp - ok
13:42:53.0105 2828  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:42:53.0136 2828  ohci1394 - ok
13:42:53.0152 2828  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:42:53.0198 2828  p2pimsvc - ok
13:42:53.0245 2828  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:42:53.0276 2828  p2psvc - ok
13:42:53.0292 2828  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:42:53.0323 2828  Parport - ok
13:42:53.0354 2828  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:42:53.0370 2828  partmgr - ok
13:42:53.0401 2828  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:42:53.0448 2828  Parvdm - ok
13:42:53.0464 2828  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:42:53.0510 2828  PcaSvc - ok
13:42:53.0542 2828  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
13:42:53.0557 2828  pci - ok
13:42:53.0573 2828  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
13:42:53.0588 2828  pciide - ok
13:42:53.0620 2828  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:42:53.0635 2828  pcmcia - ok
13:42:53.0666 2828  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
13:42:53.0666 2828  pcw - ok
13:42:53.0713 2828  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:42:53.0776 2828  PEAUTH - ok
13:42:53.0822 2828  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
13:42:53.0916 2828  pla - ok
13:42:53.0978 2828  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:42:54.0025 2828  PlugPlay - ok
13:42:54.0056 2828  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:42:54.0072 2828  PNRPAutoReg - ok
13:42:54.0103 2828  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:42:54.0119 2828  PNRPsvc - ok
13:42:54.0166 2828  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:42:54.0228 2828  PolicyAgent - ok
13:42:54.0259 2828  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
13:42:54.0306 2828  Power - ok
13:42:54.0353 2828  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:42:54.0431 2828  PptpMiniport - ok
13:42:54.0446 2828  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:42:54.0478 2828  Processor - ok
13:42:54.0524 2828  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
13:42:54.0587 2828  ProfSvc - ok
13:42:54.0618 2828  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:42:54.0649 2828  ProtectedStorage - ok
13:42:54.0696 2828  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:42:54.0774 2828  Psched - ok
13:42:54.0805 2828  [ 68B57D7C11277EA89F78255480376B4D ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
13:42:54.0821 2828  PSI - ok
13:42:54.0868 2828  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
13:42:54.0883 2828  PSI_SVC_2 - ok
13:42:54.0946 2828  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:42:55.0024 2828  ql2300 - ok
13:42:55.0039 2828  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:42:55.0055 2828  ql40xx - ok
13:42:55.0086 2828  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
13:42:55.0148 2828  QWAVE - ok
13:42:55.0164 2828  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:42:55.0211 2828  QWAVEdrv - ok
13:42:55.0226 2828  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:42:55.0289 2828  RasAcd - ok
13:42:55.0320 2828  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:55.0367 2828  RasAgileVpn - ok
13:42:55.0398 2828  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
13:42:55.0445 2828  RasAuto - ok
13:42:55.0492 2828  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:55.0570 2828  Rasl2tp - ok
13:42:55.0601 2828  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
13:42:55.0663 2828  RasMan - ok
13:42:55.0679 2828  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:55.0726 2828  RasPppoe - ok
13:42:55.0757 2828  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:42:55.0804 2828  RasSstp - ok
13:42:55.0835 2828  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:42:55.0866 2828  rdbss - ok
13:42:55.0897 2828  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:42:55.0913 2828  rdpbus - ok
13:42:55.0944 2828  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:56.0006 2828  RDPCDD - ok
13:42:56.0038 2828  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:42:56.0069 2828  RDPENCDD - ok
13:42:56.0100 2828  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:42:56.0162 2828  RDPREFMP - ok
13:42:56.0209 2828  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:42:56.0256 2828  RdpVideoMiniport - ok
13:42:56.0272 2828  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:42:56.0303 2828  RDPWD - ok
13:42:56.0350 2828  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:42:56.0381 2828  rdyboost - ok
13:42:56.0412 2828  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:42:56.0474 2828  RemoteAccess - ok
13:42:56.0490 2828  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:42:56.0537 2828  RemoteRegistry - ok
13:42:56.0568 2828  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:42:56.0615 2828  RFCOMM - ok
13:42:56.0662 2828  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:42:56.0708 2828  RpcEptMapper - ok
13:42:56.0724 2828  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
13:42:56.0755 2828  RpcLocator - ok
13:42:56.0771 2828  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
13:42:56.0818 2828  RpcSs - ok
13:42:56.0849 2828  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:42:56.0927 2828  rspndr - ok
13:42:56.0974 2828  [ 0340A381B920A6E68178B832889F33F8 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
13:42:56.0989 2828  RSUSBSTOR - ok
13:42:57.0020 2828  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
13:42:57.0052 2828  RTL8167 - ok
13:42:57.0098 2828  [ B5E9979FBB26FC059BD87A81F763D5DA ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
13:42:57.0161 2828  rtl8192se - ok
13:42:57.0176 2828  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
13:42:57.0192 2828  SamSs - ok
13:42:57.0239 2828  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:42:57.0254 2828  sbp2port - ok
13:42:57.0270 2828  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:42:57.0332 2828  SCardSvr - ok
13:42:57.0348 2828  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:42:57.0395 2828  scfilter - ok
13:42:57.0426 2828  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
13:42:57.0520 2828  Schedule - ok
13:42:57.0535 2828  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:42:57.0582 2828  SCPolicySvc - ok
13:42:57.0598 2828  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:42:57.0629 2828  SDRSVC - ok
13:42:57.0707 2828  [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:42:57.0738 2828  SeaPort - ok
13:42:57.0785 2828  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:42:57.0832 2828  secdrv - ok
13:42:57.0847 2828  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
13:42:57.0894 2828  seclogon - ok
13:42:57.0972 2828  [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
13:42:58.0050 2828  Secunia PSI Agent - ok
13:42:58.0097 2828  [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
13:42:58.0159 2828  Secunia Update Agent - ok
13:42:58.0190 2828  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
13:42:58.0237 2828  SENS - ok
13:42:58.0253 2828  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:42:58.0300 2828  SensrSvc - ok
13:42:58.0331 2828  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:42:58.0362 2828  Serenum - ok
13:42:58.0409 2828  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:42:58.0456 2828  Serial - ok
13:42:58.0487 2828  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:42:58.0534 2828  sermouse - ok
13:42:58.0565 2828  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:42:58.0627 2828  SessionEnv - ok
13:42:58.0643 2828  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:42:58.0674 2828  sffdisk - ok
13:42:58.0690 2828  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:42:58.0721 2828  sffp_mmc - ok
13:42:58.0736 2828  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:42:58.0768 2828  sffp_sd - ok
13:42:58.0799 2828  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:42:58.0830 2828  sfloppy - ok
13:42:58.0861 2828  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:42:58.0924 2828  SharedAccess - ok
13:42:58.0955 2828  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:42:59.0002 2828  ShellHWDetection - ok
13:42:59.0033 2828  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:42:59.0033 2828  sisagp - ok
13:42:59.0095 2828  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:42:59.0126 2828  SiSRaid2 - ok
13:42:59.0158 2828  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:42:59.0173 2828  SiSRaid4 - ok
13:42:59.0220 2828  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:42:59.0282 2828  Smb - ok
13:42:59.0314 2828  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:42:59.0345 2828  SNMPTRAP - ok
13:42:59.0376 2828  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:42:59.0392 2828  spldr - ok
13:42:59.0438 2828  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
13:42:59.0516 2828  Spooler - ok
13:42:59.0594 2828  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:42:59.0719 2828  sppsvc - ok
13:42:59.0750 2828  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:42:59.0828 2828  sppuinotify - ok
13:42:59.0860 2828  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:42:59.0906 2828  srv - ok
13:42:59.0938 2828  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:42:59.0969 2828  srv2 - ok
13:43:00.0000 2828  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:43:00.0031 2828  srvnet - ok
13:43:00.0047 2828  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:43:00.0109 2828  SSDPSRV - ok
13:43:00.0125 2828  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:43:00.0172 2828  SstpSvc - ok
13:43:00.0187 2828  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:43:00.0203 2828  stexstor - ok
13:43:00.0250 2828  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:43:00.0312 2828  StiSvc - ok
13:43:00.0328 2828  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:43:00.0359 2828  swenum - ok
13:43:00.0374 2828  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
13:43:00.0421 2828  swprv - ok
13:43:00.0468 2828  [ 03B76B4C38C6A0FCE763FF272E94490D ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:43:00.0499 2828  SynTP - ok
13:43:00.0546 2828  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
13:43:00.0640 2828  SysMain - ok
13:43:00.0671 2828  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:00.0718 2828  TabletInputService - ok
13:43:00.0749 2828  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:43:00.0811 2828  TapiSrv - ok
13:43:00.0842 2828  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
13:43:00.0889 2828  TBS - ok
13:43:00.0936 2828  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:43:01.0014 2828  Tcpip - ok
13:43:01.0045 2828  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:43:01.0076 2828  TCPIP6 - ok
13:43:01.0123 2828  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:43:01.0170 2828  tcpipreg - ok
13:43:01.0201 2828  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:43:01.0232 2828  TDPIPE - ok
13:43:01.0248 2828  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:43:01.0279 2828  TDTCP - ok
13:43:01.0295 2828  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:43:01.0342 2828  tdx - ok
13:43:01.0373 2828  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:43:01.0388 2828  TermDD - ok
13:43:01.0420 2828  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
13:43:01.0466 2828  TermService - ok
13:43:01.0498 2828  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
13:43:01.0529 2828  Themes - ok
13:43:01.0544 2828  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
13:43:01.0576 2828  THREADORDER - ok
13:43:01.0669 2828  [ 7EEAD8BDAFD8F6DDACDD83CEB3191D42 ] TrdCap          C:\Windows\system32\DRIVERS\TrdCap.sys
13:43:01.0732 2828  TrdCap - ok
13:43:01.0763 2828  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
13:43:01.0810 2828  TrkWks - ok
13:43:01.0856 2828  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:01.0934 2828  TrustedInstaller - ok
13:43:01.0966 2828  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:02.0012 2828  tssecsrv - ok
13:43:02.0059 2828  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:43:02.0106 2828  TsUsbFlt - ok
13:43:02.0168 2828  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:43:02.0246 2828  tunnel - ok
13:43:02.0278 2828  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:43:02.0293 2828  uagp35 - ok
13:43:02.0324 2828  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:43:02.0356 2828  udfs - ok
13:43:02.0387 2828  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:43:02.0418 2828  UI0Detect - ok
13:43:02.0449 2828  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:43:02.0480 2828  uliagpkx - ok
13:43:02.0512 2828  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
13:43:02.0558 2828  umbus - ok
13:43:02.0590 2828  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:43:02.0636 2828  UmPass - ok
13:43:02.0652 2828  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
13:43:02.0714 2828  upnphost - ok
13:43:02.0761 2828  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:43:02.0808 2828  usbaudio - ok
13:43:02.0824 2828  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:43:02.0870 2828  usbccgp - ok
13:43:02.0917 2828  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:43:02.0964 2828  usbcir - ok
13:43:02.0980 2828  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:43:02.0995 2828  usbehci - ok
13:43:03.0026 2828  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:43:03.0058 2828  usbhub - ok
13:43:03.0073 2828  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:43:03.0120 2828  usbohci - ok
13:43:03.0151 2828  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:43:03.0198 2828  usbprint - ok
13:43:03.0229 2828  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
13:43:03.0260 2828  USBSTOR - ok
13:43:03.0292 2828  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:43:03.0307 2828  usbuhci - ok
13:43:03.0338 2828  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:43:03.0385 2828  usbvideo - ok
13:43:03.0401 2828  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
13:43:03.0463 2828  UxSms - ok
13:43:03.0479 2828  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
13:43:03.0494 2828  VaultSvc - ok
13:43:03.0541 2828  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:43:03.0557 2828  vdrvroot - ok
13:43:03.0604 2828  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
13:43:03.0666 2828  vds - ok
13:43:03.0713 2828  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:03.0760 2828  vga - ok
13:43:03.0791 2828  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:43:03.0822 2828  VgaSave - ok
13:43:03.0853 2828  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:43:03.0869 2828  vhdmp - ok
13:43:03.0900 2828  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:43:03.0916 2828  viaagp - ok
13:43:03.0947 2828  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
13:43:03.0978 2828  ViaC7 - ok
13:43:03.0978 2828  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
13:43:03.0994 2828  viaide - ok
13:43:04.0025 2828  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:43:04.0056 2828  volmgr - ok
13:43:04.0087 2828  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:43:04.0103 2828  volmgrx - ok
13:43:04.0134 2828  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:43:04.0150 2828  volsnap - ok
13:43:04.0181 2828  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:43:04.0196 2828  vsmraid - ok
13:43:04.0259 2828  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
13:43:04.0368 2828  VSS - ok
13:43:04.0399 2828  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:43:04.0446 2828  vwifibus - ok
13:43:04.0462 2828  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:43:04.0493 2828  vwififlt - ok
13:43:04.0540 2828  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
13:43:04.0618 2828  W32Time - ok
13:43:04.0649 2828  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:43:04.0664 2828  WacomPen - ok
13:43:04.0711 2828  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:43:04.0774 2828  WANARP - ok
13:43:04.0774 2828  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:43:04.0805 2828  Wanarpv6 - ok
13:43:04.0867 2828  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
13:43:04.0945 2828  wbengine - ok
13:43:04.0976 2828  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:43:05.0023 2828  WbioSrvc - ok
13:43:05.0054 2828  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:43:05.0086 2828  wcncsvc - ok
13:43:05.0101 2828  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:05.0148 2828  WcsPlugInService - ok
13:43:05.0164 2828  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:43:05.0179 2828  Wd - ok
13:43:05.0226 2828  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:43:05.0257 2828  Wdf01000 - ok
13:43:05.0288 2828  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:43:05.0320 2828  WdiServiceHost - ok
13:43:05.0320 2828  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:43:05.0351 2828  WdiSystemHost - ok
13:43:05.0382 2828  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
13:43:05.0413 2828  WebClient - ok
13:43:05.0444 2828  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:43:05.0476 2828  Wecsvc - ok
13:43:05.0491 2828  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:43:05.0522 2828  wercplsupport - ok
13:43:05.0554 2828  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:43:05.0600 2828  WerSvc - ok
13:43:05.0647 2828  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:05.0678 2828  WfpLwf - ok
13:43:05.0694 2828  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:43:05.0710 2828  WIMMount - ok
13:43:05.0772 2828  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:43:05.0834 2828  WinDefend - ok
13:43:05.0834 2828  WinHttpAutoProxySvc - ok
13:43:05.0897 2828  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:43:05.0928 2828  Winmgmt - ok
13:43:05.0975 2828  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
13:43:06.0084 2828  WinRM - ok
13:43:06.0131 2828  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:43:06.0178 2828  Wlansvc - ok
13:43:06.0209 2828  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:43:06.0240 2828  WmiAcpi - ok
13:43:06.0271 2828  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:43:06.0302 2828  wmiApSrv - ok
13:43:06.0365 2828  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:43:06.0458 2828  WMPNetworkSvc - ok
13:43:06.0474 2828  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:43:06.0505 2828  WPCSvc - ok
13:43:06.0552 2828  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:43:06.0599 2828  WPDBusEnum - ok
13:43:06.0630 2828  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:43:06.0692 2828  ws2ifsl - ok
13:43:06.0724 2828  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
13:43:06.0755 2828  wscsvc - ok
13:43:06.0755 2828  WSearch - ok
13:43:06.0817 2828  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:43:06.0942 2828  wuauserv - ok
13:43:06.0973 2828  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:43:07.0020 2828  WudfPf - ok
13:43:07.0051 2828  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:07.0067 2828  WUDFRd - ok
13:43:07.0114 2828  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:43:07.0145 2828  wudfsvc - ok
13:43:07.0160 2828  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:43:07.0238 2828  WwanSvc - ok
13:43:07.0285 2828  [ 1F93FCB5BAB3A921ECBA522F63586F4A ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
13:43:07.0301 2828  X10Hid - ok
13:43:07.0379 2828  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
13:43:07.0394 2828  x10nets ( UnsignedFile.Multi.Generic ) - warning
13:43:07.0394 2828  x10nets - detected UnsignedFile.Multi.Generic (1)
13:43:07.0441 2828  [ 378DC1B0B1F62A7488EE8D31A3C6E949 ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
13:43:07.0472 2828  XUIF - ok
13:43:07.0488 2828  ================ Scan global ===============================
13:43:07.0504 2828  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
13:43:07.0535 2828  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
13:43:07.0550 2828  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
13:43:07.0582 2828  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:43:07.0613 2828  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:43:07.0613 2828  [Global] - ok
13:43:07.0613 2828  ================ Scan MBR ==================================
13:43:07.0628 2828  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
13:43:10.0062 2828  \Device\Harddisk0\DR0 - ok
13:43:10.0062 2828  ================ Scan VBR ==================================
13:43:10.0078 2828  [ F8E37D3CAD15B464C40B0EE8F968C1B4 ] \Device\Harddisk0\DR0\Partition1
13:43:10.0078 2828  \Device\Harddisk0\DR0\Partition1 - ok
13:43:10.0109 2828  [ B8BD3CE53607C7617B2C97AB220FBAB4 ] \Device\Harddisk0\DR0\Partition2
13:43:10.0109 2828  \Device\Harddisk0\DR0\Partition2 - ok
13:43:10.0140 2828  [ 3AF2D94621D28C2F3D6DD980D1EBEEB6 ] \Device\Harddisk0\DR0\Partition3
13:43:10.0156 2828  \Device\Harddisk0\DR0\Partition3 - ok
13:43:10.0156 2828  ============================================================
13:43:10.0156 2828  Scan finished
13:43:10.0156 2828  ============================================================
13:43:10.0171 5136  Detected object count: 1
13:43:10.0171 5136  Actual detected object count: 1
13:43:27.0721 5136  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
13:43:27.0721 5136  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:43:33.0322 4376  Deinitialize success
         


Alt 11.03.2013, 13:54   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Das ist harmlos, kannste ignoreiren, die Logs sehen unauffällig aus

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
--> Seth.anzutracking öffnet Werbung im Firefoxbrowser

Alt 11.03.2013, 14:39   #7
DukeYGO
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Das stimmt mich zumindest einigermaßen zufrieden.
Sollte ich falls kein Befund gefunden wird einfach eine der oben von mir gelinkten Anleitungen durchspielen?

JRT Txt Log:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x86
Ran by xxx on 11.03.2013 at 14:05:57,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar" 



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\vivet5t1.default\minidumps [23 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.03.2013 at 14:08:16,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
AdwCleaner Log:

Code:
ATTFilter
# AdwCleaner v2.114 - Datei am 11/03/2013 um 14:09:25 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : xxx- xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\vivet5t1.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v25.0.1364.160

Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S2].txt - [1012 octets] - [11/03/2013 14:09:25]

########## EOF - C:\AdwCleaner[S2].txt - [1072 octets] ##########
         
OTL Log File:

Code:
ATTFilter
OTL logfile created on: 3/11/2013 2:13:28 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.99 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.15% Memory free
5.98 Gb Paging File | 4.72 Gb Available in Paging File | 79.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 523.18 Gb Free Space | 94.26% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.60 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\xxx\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3638.29735__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3638.29705__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3638.29613__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3638.29672__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3638.29685__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3638.29622__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3638.29706__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3638.29666__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3638.29656__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3638.29628__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3638.29622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3638.29736__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3638.29731__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3638.29659__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3638.29634__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3638.29680__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3638.29633__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3638.29664__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3638.29671__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3638.29704__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3638.29663__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3638.29653__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3638.29657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3638.29638__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3638.29665__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3622.19962__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3622.19963__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3622.19993__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3622.19964__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3622.19965__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3622.19974__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3622.19966__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3622.19978__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3622.19975__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3622.19967__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3622.19974__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3638.29730__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3638.29694__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3638.29627__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3638.29699__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3638.29698__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3638.29612__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3622.19977__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3622.19970__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3638.29710__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3622.19967__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3622.19963__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3622.19972__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3622.19974__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3622.19965__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3622.19968__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3622.19964__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3622.19967__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3622.19967__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3622.19965__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3638.29611__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3638.29618__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3638.29609__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3638.29610__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3622.19964__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3622.19967__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3622.19968__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3638.29699__90ba9c70f846762e\CCC.Implementation.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (x10nets) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf_x86.sys (Secunia)
DRV - (mcaudrv_simple) -- C:\Windows\System32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (ManyCam) -- C:\Windows\System32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (TrdCap) -- C:\Windows\System32\drivers\TrdCap.sys (Trident Microsystems, Inc.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\..\SearchScopes\{469CEF17-C4C5-41DB-B566-0B22FFC3D79A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ce2600fe-5456-4fea-af94-64535f2c33be&apn_sauid=26D66C6B-D6C0-433F-A56B-2F7C786F2F1D
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\..\SearchScopes\{CCB2728A-D514-4A42-959D-F237DF1932BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393
IE - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/05 17:20:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/08 05:52:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012/12/14 19:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2013/03/04 21:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\vivet5t1.default\extensions
[2013/03/08 05:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/03/07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/03/07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/03/07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013/03/07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/03/07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/03/07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.mozilla.org/de/plugincheck/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.160\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482_0\
CHR - Extension: Gmail = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/03/06 14:16:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3657325877-1720700274-2462683530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16601466-C772-4CB6-A238-F2D88C533590}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/03/11 14:05:52 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/11 14:03:07 | 000,547,791 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\xxx\Desktop\JRT.exe
[2013/03/11 12:52:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\AntiRootkit
[2013/03/11 12:51:01 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\xxx\Desktop\tdsskiller.exe
[2013/03/11 12:47:25 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\xxx\Desktop\aswMBR.exe
[2013/03/10 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Pc Überprüfung
[2013/03/08 06:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/03/08 06:20:54 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/08 06:20:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/08 06:20:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/08 06:20:37 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/06 21:36:31 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\DevPro
[2013/03/06 14:16:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/06 14:16:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013/03/06 06:41:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/05 22:07:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/03/05 22:07:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013/03/05 22:07:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/03/05 22:07:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013/03/05 22:07:37 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013/03/05 22:07:34 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013/03/05 22:07:34 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/03/05 22:07:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013/03/05 22:07:34 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013/03/05 22:07:34 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013/03/05 22:07:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013/03/05 22:07:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/03/05 22:07:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013/03/05 22:07:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013/03/05 22:07:33 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013/03/05 22:02:19 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013/03/05 22:02:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2013/03/05 22:01:28 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013/03/05 22:01:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013/03/05 22:01:26 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013/03/05 21:56:16 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/03/05 21:56:14 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/03/05 21:56:13 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/05 21:56:13 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/05 21:56:13 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/05 21:56:12 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/03/05 21:56:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/05 21:56:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/05 21:56:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/05 21:56:11 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/03/05 21:56:11 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/03/05 21:56:11 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/03/05 21:56:11 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/03/05 21:56:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/03/05 21:56:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/03/05 21:56:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/03/05 21:56:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/03/05 21:56:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/05 21:56:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/05 21:56:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/05 21:56:10 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/03/05 21:56:10 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/03/05 21:56:10 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/03/05 21:56:10 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/03/05 21:56:10 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/03/05 21:51:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2013/03/05 21:51:36 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/03/05 21:51:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013/03/05 21:51:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013/03/05 21:51:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013/03/05 21:51:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013/03/05 21:51:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013/03/05 21:51:22 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/03/05 21:51:22 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/03/05 21:51:22 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013/03/05 21:51:22 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013/03/05 21:51:22 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/03/05 21:51:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013/03/05 21:51:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013/03/05 21:51:22 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013/03/05 21:51:16 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/03/05 21:51:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013/03/05 21:51:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013/03/05 21:51:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013/03/05 21:51:00 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013/03/05 21:50:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/03/05 21:50:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/03/05 21:50:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/03/05 21:50:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/03/05 21:50:39 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2013/03/05 21:50:39 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013/03/05 21:50:28 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013/03/05 21:50:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013/03/05 21:50:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013/03/05 21:50:22 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2013/03/05 21:50:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013/03/05 21:50:12 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013/03/05 21:50:12 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013/03/05 21:50:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013/03/05 21:50:10 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013/03/05 21:50:10 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013/03/05 21:50:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013/03/05 21:49:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/03/05 21:49:54 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/03/05 21:49:52 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/03/05 21:49:52 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/03/05 21:49:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013/03/05 21:49:45 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013/03/05 21:49:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013/03/05 21:49:39 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013/03/05 17:56:31 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Secunia PSI
[2013/03/05 17:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013/03/05 17:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/03/05 17:21:14 | 000,368,248 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/05 17:21:14 | 000,029,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/05 17:21:12 | 000,060,728 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/03/05 17:21:11 | 000,765,808 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/05 17:21:11 | 000,062,448 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/05 17:21:07 | 000,228,600 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/03/05 17:21:07 | 000,066,408 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/05 17:20:41 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/05 17:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/03/05 17:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/03/05 16:38:20 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Yugioh
[2013/03/05 13:39:37 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2013/03/05 13:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/05 13:39:20 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/03/05 13:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/04 21:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/03/04 20:46:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/04 20:36:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/04 19:02:01 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013/03/04 15:00:32 | 000,103,680 | ---- | C] (GMER) -- C:\uwldrkob.sys
[2013/03/04 14:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/04 04:51:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/03/04 04:49:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/03/03 21:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/03 21:18:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/28 11:39:45 | 000,034,432 | ---- | C] (ManyCam LLC) -- C:\Windows\System32\drivers\mcvidrv.sys
[2013/02/28 11:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
[2013/02/26 12:30:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Rinteln_Dateien
[2013/02/20 18:53:15 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/02/20 07:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/13 13:38:15 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/13 13:38:13 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/13 13:38:13 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/13 13:38:11 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/02/13 13:38:11 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/13 13:38:07 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/03/11 14:17:50 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 14:17:50 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 14:10:39 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/11 14:10:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/11 14:10:19 | 2406,924,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/11 14:05:06 | 000,597,667 | ---- | M] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2013/03/11 14:04:27 | 000,547,791 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\xxx\Desktop\JRT.exe
[2013/03/11 13:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/11 13:54:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/11 12:51:05 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\xxx\Desktop\tdsskiller.exe
[2013/03/11 12:48:43 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\xxx\Desktop\aswMBR.exe
[2013/03/11 12:46:28 | 013,786,977 | ---- | M] () -- C:\Users\xxx\Desktop\mbar-1.01.0.1021.zip
[2013/03/10 22:31:34 | 000,377,856 | ---- | M] () -- C:\Users\xxx\Desktop\gmer_2.1.19155.exe
[2013/03/10 20:52:04 | 000,030,991 | ---- | M] () -- C:\Users\xxx\Desktop\Unbenannt 1.odt
[2013/03/08 06:20:30 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/08 06:20:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/03/08 06:20:28 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/03/08 06:20:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/08 06:20:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/08 06:20:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/08 05:52:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/06 21:35:39 | 321,848,743 | ---- | M] () -- C:\Users\xxx\Desktop\YGOPro DevPro 1.7.3.2.7z
[2013/03/06 14:16:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/03/06 14:16:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013/03/05 22:19:51 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/03/05 22:19:51 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/05 22:19:51 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/03/05 22:19:51 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/05 22:12:04 | 000,311,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/05 22:03:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/03/05 17:56:23 | 000,001,072 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/03/05 17:21:15 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/05 17:21:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/05 13:39:22 | 000,001,075 | ---- | M] () -- C:\Users\xxx\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/03/04 15:00:32 | 000,103,680 | ---- | M] (GMER) -- C:\uwldrkob.sys
[2013/03/04 06:13:10 | 000,000,000 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2013/03/04 05:06:40 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2013/03/03 21:18:18 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/02/28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/02/28 09:36:37 | 000,163,784 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/02/28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/02/28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/02/28 09:36:36 | 000,060,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/02/28 09:36:36 | 000,049,320 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/02/28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/02/28 09:36:07 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/02/28 09:35:59 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/02/26 21:58:52 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/02/26 21:58:52 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/25 18:26:55 | 000,005,120 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/03/11 14:05:05 | 000,597,667 | ---- | C] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2013/03/11 12:46:10 | 013,786,977 | ---- | C] () -- C:\Users\xxx\Desktop\mbar-1.01.0.1021.zip
[2013/03/10 22:31:32 | 000,377,856 | ---- | C] () -- C:\Users\xxx\Desktop\gmer_2.1.19155.exe
[2013/03/06 21:26:28 | 321,848,743 | ---- | C] () -- C:\Users\xxx\Desktop\YGOPro DevPro 1.7.3.2.7z
[2013/03/05 22:03:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2013/03/05 22:02:21 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/05 22:01:26 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/05 17:56:23 | 000,001,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/03/05 17:56:23 | 000,001,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013/03/05 17:21:15 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/03/05 17:21:11 | 000,163,784 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/05 17:21:10 | 000,049,320 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/05 13:39:22 | 000,001,075 | ---- | C] () -- C:\Users\xxx\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/03/04 06:13:10 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2013/02/21 23:48:40 | 000,030,991 | ---- | C] () -- C:\Users\xxx\Desktop\Unbenannt 1.odt
[2013/01/08 19:37:13 | 000,005,120 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Extras Log:

Code:
ATTFilter
OTL Extras logfile created on: 3/11/2013 2:13:28 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.99 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.15% Memory free
5.98 Gb Paging File | 4.72 Gb Available in Paging File | 79.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 523.18 Gb Free Space | 94.26% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.60 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-3657325877-1720700274-2462683530-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{BA33F67A-AF2B-4FB5-A1AA-14DBCD248E2E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C9F34EFE-1E5D-4068-BB14-27330F673971}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5034C34A-FE9D-407C-B509-C90B5F2054CB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{CD1056BA-4E75-4D29-898D-C68578ED5C47}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EB0D9957-F921-4F3D-8376-66138673B9AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05111291-C4F7-8292-01A2-C113286286A4}" = CCC Help Russian
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{071B5C15-8CD0-744E-B0BC-F5855F8DECB0}" = CCC Help Hungarian
"{0AAC425C-6B3E-CD6E-BFFB-5D751CC6753C}" = CCC Help Japanese
"{0DAAFBE9-86D2-BDF6-CC64-34DE56EF5960}" = CCC Help Spanish
"{14191227-D02E-B89F-9B98-95EBB3A547AD}" = Catalyst Control Center Localization All
"{1573631D-6883-DA31-9A46-9FB22B38F75F}" = CCC Help Italian
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 6.2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AD017B8-F7C4-D914-A38C-4756F2DD09F6}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{343F5BC0-7765-BE30-08AF-798781247903}" = ccc-core-static
"{3ABC3B58-0CAD-E52D-4F36-9379D25794FE}" = Catalyst Control Center Graphics Previews Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7F3C64-0CF2-71E6-25A2-C4093A1D50D5}" = ccc-utility
"{3D4A7623-61FE-BF12-C2A8-39C1D0E533CF}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{472B7916-CB4E-6F58-056E-804781DFEFF8}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FF5A6ED-9A89-3E3D-5ADB-60602DA8FB6D}" = CCC Help Greek
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5914674F-5E85-103E-AE01-C69177C320AF}" = CCC Help Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6FC9A3FA-61F5-0D3E-062D-D2C85DA71651}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80FE4054-30AD-A402-BD23-0D3580376EAF}" = CCC Help Dutch
"{838CFC61-FA8C-5AD2-7E86-1BA036D5479F}" = ATI Catalyst Install Manager
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{93C95468-5FFB-101B-FE4F-1B2460AD4791}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96534FAB-69B3-CB78-3312-5416A253792C}" = CCC Help Turkish
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A13AB951-00E5-F431-A1E4-E430F6DF0BD0}" = CCC Help Thai
"{A43A4D7C-8D09-E5AA-F10A-FA99C2D6B400}" = CCC Help Danish
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8832278-3937-6753-A07A-DF23FA6A569A}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA484486-87CC-91E3-C8C1-F505D06A9BEE}" = CCC Help German
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2934A24-C863-7ABE-B054-AD4E97BE48E4}" = CCC Help Finnish
"{B972E956-F6FB-FAD7-43BF-09F558DCFFE6}" = Catalyst Control Center Graphics Previews Common
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C05900D1-D58F-4E26-C60D-605E49583F7E}" = CCC Help Swedish
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3876972-1660-0FC0-5550-B903D161E4D8}" = Catalyst Control Center Graphics Light
"{DAB36FAD-35DE-486A-9F1A-7784AC1E78B5}" = Catalyst Control Center Core Implementation
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFC1FA94-6D9D-7093-A60D-BEFF1A083023}" = CCC Help Chinese Traditional
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EEE369FB-0F44-D01A-C953-2BFA81362638}" = CCC Help Czech
"{EF33D4A2-8A46-84FF-CFAA-7F90F8EE670F}" = Catalyst Control Center Graphics Full Existing
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3A6830D-689F-C34E-5F38-9D66D7D5B3C3}" = CCC Help Chinese Standard
"{F53F4595-BDF7-C392-1CD5-1D425EBAA1A9}" = CCC Help Polish
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Free Antivirus
"CamStudio" = CamStudio
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.94
"Secunia PSI" = Secunia PSI (3.0.0.6005)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3657325877-1720700274-2462683530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
< End of report >
         

Alt 11.03.2013, 14:47   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.03.2013, 16:33   #9
DukeYGO
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Auch nichts auffälliges.
Ich frag mich ob es mein Problem ist oder das der Website.
Sollte man ggf einfach eine von den Bereinigungstipps von den Links oben durchführen?
Also mit Cookies löschen, Addons löschen, Browser neu aufsetzen etc?

MalewareBytes Scan:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.11.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
xxx :: xxx-PC [Administrator]

11.03.2013 14:51:09
mbam-log-2013-03-11 (14-51-09).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203860
Laufzeit: 3 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
ESET Online Scan

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5fa286752453fe4da6aa502559870e42
# engine=13355
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-11 03:18:35
# local_time=2013-03-11 04:18:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 514652 139724987 0 0
# compatibility_mode=5893 16776574 100 94 644068 114646306 0 0
# scanned=245557
# found=0
# cleaned=0
# scan_time=4731
         

Alt 11.03.2013, 16:55   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seth.anzutracking öffnet Werbung im Firefoxbrowser - Standard

Seth.anzutracking öffnet Werbung im Firefoxbrowser



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Seth.anzutracking öffnet Werbung im Firefoxbrowser
7-zip, adobe reader xi, antivirus, aswrvrt.sys, autorun, bho, ccc.exe, cursor, error, fehler, firefox, flash player, helper, home, iexplore.exe, install.exe, log file, logfile, loswerden, mozilla, nodrives, ntdll.dll, programm, realtek, registry, rundll, scan, schadware, secunia psi, security, software, svchost.exe, teamspeak, unknown mbr, werbung, öffnet werbung



Ähnliche Themen: Seth.anzutracking öffnet Werbung im Firefoxbrowser


  1. Chrome öffnet bei Klick auf Link Werbung & Werbung PopUps im Browser
    Plagegeister aller Art und deren Bekämpfung - 03.11.2015 (1)
  2. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  3. Werbung in Firefox, Fenster mit PC Optimierung Werbung öffnet sich automatisch
    Log-Analyse und Auswertung - 10.04.2015 (11)
  4. Scareware im Firefoxbrowser eingefangen, wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 06.07.2014 (15)
  5. Seth.avazutracking.net
    Plagegeister aller Art und deren Bekämpfung - 08.12.2013 (11)
  6. Windows 7: ca. 1 mal pro Woche öffnet sich seth.avazutracking von alleine
    Log-Analyse und Auswertung - 15.08.2013 (12)
  7. Seth.Avazutracking.net - Firefox öffnet selbstständig Werbetabs
    Log-Analyse und Auswertung - 14.08.2013 (15)
  8. Seth Avazutracking.net
    Log-Analyse und Auswertung - 02.08.2013 (13)
  9. Deltasearch maleware aus Firefoxbrowser entfernen
    Log-Analyse und Auswertung - 08.06.2013 (17)
  10. Seth. avazutracking.net
    Log-Analyse und Auswertung - 12.04.2013 (20)
  11. Babylon Toolbar,Spyhunter4, Firefoxbrowser claro search
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (3)
  12. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten ...Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 12.06.2011 (17)
  13. Firefox öffnet Tabs mit Werbung / Anstelle einer verlinkten URL öffnet sich Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (4)
  14. Firefox öffnet Werbung bei Links, IE öffnet selbstständig Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (1)
  15. Internet Explorer öffnet automatisch und öffnet Werbung
    Log-Analyse und Auswertung - 28.08.2009 (18)
  16. Firefox öffnet ständig Werbung und öffnet nie die gewünschte Seite
    Log-Analyse und Auswertung - 05.06.2009 (2)
  17. problem mit norton 360 und werbefenster im firefoxbrowser
    Log-Analyse und Auswertung - 28.07.2008 (1)

Zum Thema Seth.anzutracking öffnet Werbung im Firefoxbrowser - seth.anzutracking öffnet plötzlich auf der Seite yugioh.wikia.com (aus Hobbygründen) fremde Werbung. Dabei flimmert dann der Cursor auf. Meines Wissens kann fremde Schadensoftware neue Schadware aufspielen. Darum will ich das loswerden, - Seth.anzutracking öffnet Werbung im Firefoxbrowser...
Archiv
Du betrachtest: Seth.anzutracking öffnet Werbung im Firefoxbrowser auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.