Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mein PC verschickt e-mails

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.03.2013, 19:42   #1
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Hallo,
Von meiner e-mail Adresse wurden seit dem 12.3.2013 Mahnungen für eine Groupon-Mitgliedschaft mit folgendem oder ähnlichem Inhalt verschickt:

<xxx@aol.com>

--- The header of the original message is following. ---

Received: from mailout-de.gmx.net ([10.1.76.4]) by mrigmx.server.lan
(mrigmx002) with ESMTP (Nemesis) id 0Lyxby-1UkkoR1CBU-014Ca5 for
<xxx@aol.com>; Thu, 14 Mar 2013 15:25:19 +0100
Received: (qmail invoked by alias); 14 Mar 2013 14:25:13 -0000
Received: from p4FF3DF46.dip.t-dialin.net (EHLO lexa1979-PC) [79.243.223.70]
by mail.gmx.net (mp004) with SMTP; 14 Mar 2013 15:25:13 +0100
X-Authenticated: #33423885
X-Provags-ID: V01U2FsdGVkX1+a8ElR/JKaRPcy/nuu0jhjsA30MpNO8A/wGYv2/V
PsND/WOd8SLHVA
From: <yyy yyy@gmx.de>
To: "xxx xxx" <xxx@aol.com>
Subject: xxx xxxMahnung Ihrer Groupon.de Mitgliedschaft xxx xxx
Date: Thu, 14 Mar 2013 14:24:47 GMT
MIME-Version: 1.0
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-Priority: 3
Content-Type: multipart/mixed; boundary="=-XC66EB7797"
X-Y-GMX-Trusted: 0

Festgestellt habe ich dies nur durch Rückläufer, die offenbar wegen einer falschen e-mail Adresse nicht angekommen sind.
Ich habe nun mein Passwort geändert. Seit dem habe ich auch keine Rückläufer mehr bekommen.
Ich habe auch einen Nortonscan gemacht, der findet keine Viren. Die Polizei, bei der ich Anzeige gegen unbekannt erstattet habe, meinte jedoch, es wäre ratsam den PC neu zu installieren. Ist das wirklich nötig?
Ich weiß nicht ob der Rechner zu hause infiziert ist, weil ich mich auch zb in der Uni an anderen PCs mit meiner e-mail angemeldet habe.
(Die Namen in der oben angeführten e-mail habe ich durch xxx, bzw yyy geändert)

Ich hoffe ihr könnt mir helfen.
Liebe Grüße

Simone

Geändert von boesel (18.03.2013 um 20:06 Uhr)

Alt 19.03.2013, 11:53   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 19.03.2013, 14:11   #3
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.03.2013 15:01:38 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Juergen\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 61,79% Memory free
7,96 Gb Paging File | 6,25 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1356,17 Gb Total Space | 1205,58 Gb Free Space | 88,90% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,94 Gb Free Space | 52,35% Space Free | Partition Type: NTFS
 
Computer Name: JUERGEN-PC | User Name: Juergen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A63AE0B-9ED0-425D-8535-214AAC3DB2B4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{312895AC-BE74-44B2-B791-1CFBF10D80F5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5E5C6A75-9DE6-42E3-A609-25DCE8AF501B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7AC7DCB4-EFDE-4DCB-A4D9-BC17FE1855DD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{83A7B532-4A8C-4918-B91B-56FFB8586E94}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{8443EE03-82EC-4A9A-A544-380F33E07B3E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{941F9459-19D5-45CF-97D8-D61A28A20C07}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AA3CA0A3-4539-42C5-95E8-74E973CC7E31}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B4D78521-55EF-458E-A331-944583F53EE4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B54133AB-036A-4831-AE02-E3CBA5136515}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B9F3473E-66B5-4C14-B1AF-84E4F888E2EF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{CFBD7986-8CB3-4668-825E-A63D856215B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D2D9D8C4-A4B1-440B-AE4F-75ECB8917417}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DA7E14F0-FE8C-4012-9F26-D77FB8B346D3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E99F4BB4-EE6F-494E-B87F-D9C6F14F4AE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EEC0F9B2-8ACD-428D-816C-01EEEB15F5D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10111547-2723-4BF4-8CA9-A9FAB1B9A843}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{144500F2-BDCF-4803-91F6-810265314748}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{16207F27-E370-4AFD-A963-EEA943D13737}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{345E38AE-BA99-4BC6-BA68-8ACA810A27A6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{58C9E47F-9B78-4AB5-875C-80C7E3AB6E6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{59BD562F-E71D-47E7-BC4F-6ADD19E99D4B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6AF6008D-9CEB-45CE-BB76-7F569DCDC53E}" = protocol=6 | dir=in | app=c:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe | 
"{74398BB2-F4AE-40A9-BFC7-6C0B9766F6F9}" = protocol=17 | dir=in | app=c:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe | 
"{788BA632-EBBF-447B-B8C9-06DA4AB3AA57}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{86D0475D-C161-4D37-8BDA-F7F1B27C7710}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8B59B287-E311-4C64-974A-98D6FE2C3C2E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8E7B04EA-E483-4AE3-A04A-16BCCDD83B88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8EE03C28-68F7-4422-8F68-1613884A2F2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9488A41D-99DE-439A-9712-3BB62F439433}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{95177C8B-1886-4628-AB16-207D1A05BABC}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{9AF5704F-3461-4333-B4A5-CEDCB877B388}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A5D02DFB-D2D3-476D-B3BF-42996628F632}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{AF9B560E-1155-4411-95A3-BED36F2E675B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{C6B33866-807B-4BB9-B2F2-32D9198EE32D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E7CF622A-FC64-4C9D-AF1D-81E690CA0F49}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{F8BA434F-3751-4264-BB64-81A691281D5C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"TCP Query User{B5F08DFC-9F7F-49D0-9A3F-F3BAD221FAC5}C:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{F1CFA92D-6F86-4C82-9E60-34EA8C3A538D}C:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\juergen\appdata\roaming\dropbox\bin\dropbox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D587747C-370E-E29D-250C-079703113FF0}" = ATI Catalyst Install Manager
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FB2E135E-6189-7608-4EDD-DC783BEC480C}" = ccc-utility64
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01159E8A-44F7-4885-A7F9-872CE4D74063}" = Steuer 2012
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{1761C93A-5ACC-C65C-3926-C157345E800A}" = CCC Help Spanish
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19FB599E-070D-6A0F-0139-EF2348BAB108}" = CCC Help English
"{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{2000D0AC-65F6-05F7-4C47-B2F0BB7DEC24}" = CCC Help Dutch
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C5D751A-0EFB-4EFB-B2E0-86EA580E3180}" = CCC Help Japanese
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}" = Steuer 2011
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4F45EE37-41B8-4228-A0BC-D7633632D692}" = Duden Korrektor kompakt
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58DE8215-740D-109B-C7AE-9CB4D37EE2AC}" = CCC Help Swedish
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{614B82E8-8DC2-8F12-3986-F8B76ECE1A9E}" = ccc-core-static
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E554A6F-7BA1-4FCE-ABFA-430A24631111}" = Duden Korrektor Patch 022010
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76651FD7-2B71-4B61-9F3A-E82F52F08D92}" = Konz 2013
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7DF95FC3-D6A2-8CFA-39F3-ABD3EE2EA542}" = CCC Help French
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E1807A9-AA8B-4541-9D22-ADB579051031}" = Steganos Privacy Suite 11
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82817D55-8A4B-F8FC-2A34-4A054C722FC4}" = CCC Help Italian
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91DCFF5C-6FF9-A16C-6274-788121661298}" = CCC Help Finnish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A68575CE-050E-4E1F-A053-58BE8D9DE7AB}" = ArcSoft MediaImpression 2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8BFA0D1-5196-2297-5559-9C5714BEDEB5}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB27FA31-596C-47EB-2361-727D0EB0B21D}" = CCC Help Danish
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF8244F5-FDD0-482D-B680-B1D16ABB96EB}" = Fritz 8 SE Plus
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}" = Ulead Photo Express 4.0 SE
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B2077E-527A-20FA-F5EE-74A4FDA58E25}" = CCC Help Norwegian
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A021C2-3EB9-CB16-C0A3-9244200623C1}" = Catalyst Control Center InstallProxy
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA6D16E9-9669-9A50-019A-0508AD15BF92}" = Catalyst Control Center Localization All
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Deep Fritz 12 DL" = Deep Fritz 12 DL
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Elektro-Installationstechnik" = Elektro-Installationstechnik
"Finale NotePad 2008" = Finale NotePad 2008
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}" = Konz 2012
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}" = Konz 2013
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MyTomTom" = MyTomTom 3.2.0.802
"N360" = Norton 360
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SmartToolsAdressfenster-Assistentv2.50" = SmartTools Publishing • Word Adressfenster-Assistent
"SmartToolsFalz & Lochmarken-Assistentv6.50" = SmartTools Publishing • Word Falz & Lochmarken-Assistent
"SmartToolsSpalten-Assistentv1.50" = SmartTools Publishing • Excel Spalten-Assistent
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.08.2012 16:08:13 | Computer Name = Juergen-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile 
2.  Das Stammelement der Manifestdatei muss assembliert sein.
 
Error - 14.08.2012 07:15:35 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.08.2012 09:55:19 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.08.2012 14:09:48 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.08.2012 14:44:53 | Computer Name = Juergen-PC | Source = VSS | ID = 8194
Description = 
 
Error - 15.08.2012 02:41:55 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 04:00:51 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 05:37:50 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 08:58:15 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 09:24:01 | Computer Name = Juergen-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 16.09.2011 10:35:43 | Computer Name = Juergen-PC | Source = MCUpdate | ID = 0
Description = 16:35:43 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)  
 
[ System Events ]
Error - 02.03.2013 06:10:00 | Computer Name = Juergen-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 05.03.2013 18:15:23 | Computer Name = Juergen-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?03.?2013 um 22:54:58 unerwartet heruntergefahren.
 
Error - 06.03.2013 14:11:45 | Computer Name = Juergen-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst lmhosts erreicht.
 
Error - 15.03.2013 14:21:51 | Computer Name = Juergen-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.03.2013 15:01:38 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Juergen\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 61,79% Memory free
7,96 Gb Paging File | 6,25 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1356,17 Gb Total Space | 1205,58 Gb Free Space | 88,90% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,94 Gb Free Space | 52,35% Space Free | Partition Type: NTFS
 
Computer Name: JUERGEN-PC | User Name: Juergen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Juergen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Juergen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
PRC - C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
PRC - C:\Program Files (x86)\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
PRC - C:\Program Files (x86)\Duden\Duden-Bibliothek\dudenbib.exe (Bibliographisches Institut GmbH)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.3.0.36\wincfi39.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Duden\Duden Korrektor\MBControls.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symds64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130318.025\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130318.025\eng64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130208.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130316.002\IDSviA64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SLEE_17_DRIVER) -- C:\Windows\SleeN1764.sys (Softwareentwicklung Remus - ArchiCrypt - )
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A C2 9A 19 44 DE CB 01  [binary data]
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\SearchScopes,DefaultScope = {A3A10BC2-7C83-4BDD-A1E0-DF160D839783}
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\SearchScopes\{A3A10BC2-7C83-4BDD-A1E0-DF160D839783}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_de
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=&geo=DE&ver=5
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\SearchScopes\{FE35B43B-D949-4497-8F44-F1EA58B66BE1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B09F060FA-566D-42D7-BF79-97AB30863433%7D:11.1.8.9700
FF - prefs.js..extensions.enabledAddons: %7B00F0643E-B367-4779-B45D-7046EBA37A88%7D:11.1.8.9700
FF - prefs.js..extensions.enabledAddons: %7B8b86149f-01fb-4842-9dd8-4d7eb02fd055%7D:0.25.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%203
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.0.26
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{09F060FA-566D-42D7-BF79-97AB30863433}: C:\Program Files (x86)\Steganos Privacy Suite 11\pfplugin [2011.08.13 13:19:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Privacy Suite 11\spmplugin3 [2011.08.13 13:19:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn\ [2013.03.19 14:50:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn\ [2012.09.26 10:56:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.09 14:29:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 20:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 20:46:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.03.02 21:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\Extensions
[2012.03.02 21:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.02.14 09:28:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\Firefox\Profiles\we0fn9ju.default\extensions
[2013.01.23 17:23:49 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Juergen\AppData\Roaming\mozilla\Firefox\Profiles\we0fn9ju.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2012.11.17 22:23:41 | 000,284,001 | ---- | M] () (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\firefox\profiles\we0fn9ju.default\extensions\compatibility@addons.mozilla.org.xpi
[2012.12.11 23:24:52 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\firefox\profiles\we0fn9ju.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 09:28:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Juergen\AppData\Roaming\mozilla\firefox\profiles\we0fn9ju.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.08.12 16:32:21 | 000,002,442 | ---- | M] () -- C:\Users\Juergen\AppData\Roaming\mozilla\firefox\profiles\we0fn9ju.default\searchplugins\safesearch.xml
[2013.03.08 20:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.13 13:19:07 | 000,000,000 | ---D | M] (Steganos Private Favorites) -- C:\PROGRAM FILES (X86)\STEGANOS PRIVACY SUITE 11\PFPLUGIN
[2011.08.13 13:19:16 | 000,000,000 | ---D | M] (Steganos Password Manager) -- C:\PROGRAM FILES (X86)\STEGANOS PRIVACY SUITE 11\SPMPLUGIN3
[2013.03.19 14:50:26 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\COFFPLGN
[2012.09.26 10:56:03 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPLGN
[2013.03.08 20:46:47 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.22 11:44:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.28 22:23:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.22 11:44:56 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.22 11:44:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.22 11:44:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.22 11:44:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O3 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SSS2009 File Redirection Starter] C:\Program Files (x86)\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
O4 - HKLM..\Run: [SSS2009 HotKeys] C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
O4 - HKU\S-1-5-18..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKtray.exe (Expert System S.p.A.)
O4 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1295584570-3174185841-2463311283-1001..\Run: [SSS2009 Browser Monitor] C:\Program Files (x86)\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Juergen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Juergen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Juergen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Juergen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Program Files (x86)\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{765A1CCB-65BB-445F-B8E5-2A5AA6604FBC}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.18 19:55:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.03.13 10:35:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.13 10:35:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.13 10:35:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.13 10:35:53 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.13 10:35:53 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.13 10:35:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.13 10:35:53 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.13 10:35:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.13 10:35:52 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.13 10:35:52 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.13 10:35:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.13 10:35:52 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.13 10:35:51 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.13 10:35:51 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.13 10:35:51 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.13 10:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.13 10:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.13 10:20:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.10 12:06:36 | 000,000,000 | ---D | C] -- C:\Users\Juergen\AppData\Local\{2FDD59C6-71D9-4B9E-89F8-885FBE5BD3EA}
[2013.03.08 20:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.27 22:20:51 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 22:20:50 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 22:20:50 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 22:20:50 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 22:20:48 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 22:20:48 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 22:20:46 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 22:20:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 22:20:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 22:20:45 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 22:20:45 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 22:20:45 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 22:20:45 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 22:20:45 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 22:20:45 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 22:20:45 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 22:20:45 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 22:20:45 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 22:20:45 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 22:20:45 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 22:20:45 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 22:20:45 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 22:20:45 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 22:20:45 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 22:20:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 22:20:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 22:20:45 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 22:20:45 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 22:20:44 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 22:20:44 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 22:20:44 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 22:20:43 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 22:20:43 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 22:20:43 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 22:20:43 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.24 19:14:03 | 000,000,000 | ---D | C] -- C:\Users\Juergen\AppData\Local\{5EF242BD-C6B2-4659-A71E-FB312BDE47A2}
[2013.02.20 18:59:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Konz2013
[2009.02.26 10:43:03 | 000,357,768 | ---- | C] (Symantec Corporation) -- C:\Users\Juergen\SymXPep2.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.19 14:56:47 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 14:56:47 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 14:49:39 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 14:49:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.19 14:49:28 | 3206,787,072 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.19 13:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.19 12:32:33 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.19 12:32:33 | 000,654,602 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.19 12:32:33 | 000,616,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.19 12:32:33 | 000,130,216 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.19 12:32:33 | 000,106,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.19 12:07:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.14 17:04:29 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.14 17:04:29 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.14 17:01:58 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.03.13 12:01:01 | 001,959,870 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\Cat.DB
[2013.03.10 12:07:29 | 000,092,766 | ---- | M] () -- C:\Users\Juergen\Documents\img007.jpg
[2013.03.05 23:14:50 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\VT20130115.021
[2013.02.22 19:36:00 | 014,561,280 | ---- | M] () -- C:\Users\Juergen\Documents\FRITZ.Box_Fon_WLAN_7240.73.05.22.image
[2013.02.21 13:14:33 | 000,007,661 | ---- | M] () -- C:\Users\Juergen\AppData\Local\Resmon.ResmonCfg
[2013.02.21 13:13:40 | 000,091,508 | ---- | M] () -- C:\Users\Juergen\Documents\cc_20130221_131316.reg
[2013.02.20 23:38:40 | 000,000,169 | ---- | M] () -- C:\Windows\ChssBase.ini
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.14 17:01:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.03.14 17:01:58 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.03.10 12:07:29 | 000,092,766 | ---- | C] () -- C:\Users\Juergen\Documents\img007.jpg
[2013.02.25 15:29:51 | 000,276,494 | ---- | C] () -- C:\Users\Juergen\Documents\FRITZ.Box Fon WLAN 7240 (UI) 73.05.05_06.12.11_0811.export
[2013.02.22 19:37:30 | 014,561,280 | ---- | C] () -- C:\Users\Juergen\Documents\FRITZ.Box_Fon_WLAN_7240.73.05.22.image
[2013.02.21 13:13:22 | 000,091,508 | ---- | C] () -- C:\Users\Juergen\Documents\cc_20130221_131316.reg
[2012.07.19 13:34:33 | 000,581,803 | ---- | C] () -- C:\Users\Juergen\xtention_xtention.jar
[2012.07.19 13:34:32 | 000,946,804 | ---- | C] () -- C:\Users\Juergen\xtention_AnchorsShelf.xml
[2012.06.26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.06.26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.06.26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.06.26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.04.17 17:37:18 | 000,000,001 | R--- | C] () -- C:\Users\Juergen\serverport
[2012.03.06 22:11:08 | 000,000,156 | ---- | C] () -- C:\Windows\bfe_prog.ini
[2012.02.04 12:12:14 | 000,007,661 | ---- | C] () -- C:\Users\Juergen\AppData\Local\Resmon.ResmonCfg
[2012.01.22 22:00:35 | 000,000,608 | ---- | C] () -- C:\Windows\wiso.ini
[2011.12.06 19:35:05 | 000,000,169 | ---- | C] () -- C:\Windows\ChssBase.ini
[2011.10.20 18:05:07 | 011,946,407 | ---- | C] () -- C:\Windows\SysWow64\meinfotoalbum_meinfotoalbum_uninstaller.exe
[2011.08.30 17:43:23 | 000,004,096 | -H-- | C] () -- C:\Users\Juergen\AppData\Local\keyfile3.drm
[2011.08.12 09:25:47 | 000,000,102 | ---- | C] () -- C:\Windows\wincmd.ini
[2011.08.06 11:42:38 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.08.06 11:26:12 | 001,532,996 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.20 15:53:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2006.06.17 13:57:54 | 000,000,253 | ---- | C] () -- C:\Users\Juergen\.java.policy
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.09.19 12:48:55 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Ashampoo
[2012.01.22 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Buhl Data Service
[2011.12.29 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Canon
[2012.12.03 22:42:49 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\ChessBase
[2013.03.19 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Dropbox
[2012.02.06 23:03:31 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Duden
[2013.01.09 14:29:27 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\DVDVideoSoft
[2013.01.09 14:29:33 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.11 07:59:09 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\FRITZ!
[2012.01.09 15:14:58 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2011.08.12 09:26:27 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\GHISLER
[2012.12.09 20:10:43 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Samsung
[2012.08.14 20:30:58 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\SmartTools
[2012.09.26 17:10:13 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\SoftGrid Client
[2013.02.22 20:40:56 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Steganos
[2012.05.30 09:58:53 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\TeamViewer
[2011.11.09 08:46:42 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Tific
[2012.03.02 21:53:46 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\TomTom
[2011.08.16 21:58:31 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\TP
[2012.03.07 10:51:04 | 000,000,000 | ---D | M] -- C:\Users\Juergen\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Ich hoffe das war so richtig?!?!?!
Soll ich das OTL Ding nun wieder vom PC runter löschen?

In diesen beiden Logfiles steht sehr oft der Name Juergen (Benutzername)...das ist aber nicht mein Name, deshalb hab ich ihn jetzt nicht mit *** ersetzt. Ist das Ok?

Und was nun?? :-S
__________________

Alt 19.03.2013, 14:36   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.03.2013, 14:46   #5
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Ok stopp!

also wenn ich Norton deaktiviere, kann ich das dann anschließend ganz normal wieder starten?? Aber wie? Ich habe das von einem Techniker alles anschließen und einrichten lassen...hab nun Angst, dass ich das allein nicht mehr ans laufen kriege...

Soll ich das trotzdem machen?


Alt 19.03.2013, 14:49   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Du sollst es doch nur deaktivieren und nicht deinstallieren
__________________
--> Mein PC verschickt e-mails

Alt 19.03.2013, 14:54   #7
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Ok nächste blöde Frage... wie deaktiviere ich das denn??

Sorry, aber bin ein Computer-Legastheniker. Bin schon exrem stolz, dass ich das mit OTL geschafft hab

Hab jetzt mal schnell geguckt... aber ich finde auch gar nichts zum deaktivieren von Norton... ich kann es nur deinstallieren.. auch auf der Internetseite auf die man kommt, wenn man auf Hilfe klickt steht nichts dazu!! Un was nun?

Geändert von boesel (19.03.2013 um 15:00 Uhr)

Alt 19.03.2013, 15:22   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Ist aus der Ferne leider nicht mal eben so zu beantworten, ich kenn diese Software bzw. deren Bedienung nicht und wir können auch nicht mal eben zu jedem der zig Virenscanner die es gibt eine bebilderte Anleitung aus dem Ärmel schütteln. Bevor du stundenlang suchst, deinstallier es einfach und mach weiter
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.03.2013, 16:08   #9
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Habe nun den GMER- scan durchgeführt und Norton geht auch wieder

Soll ich denn die GMER.txt- Datei auch hier posten?

bis du antwortest mach ich mal weiter mit der MAlewarebytes- Geschichte

Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Juergen :: JUERGEN-PC [administrator]

19.03.2013 17:31:13
mbar-log-2013-03-19 (17-31-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29803
Time elapsed: 7 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Also, da wurde, wie du siehst, nichts gefunden.

Dann brauch ich mir keine Sorgen machen?

Was ist denn mit meinem e-mail Postfach? Da ich mein Passwort geändert habe, nach dem diese mails verschickt wurden, fühle ich mich nun zwar sicherer, aber gibt es noch was, was ich beachten muss? Sollte ich vielleicht sogar eine neue e-mail Adresse erstellen müssen, oder denkst du die Gefahr ist gebannt??

Ich danke schon mal bis hier hin!

So, ich füge aber trotzdem noch das Ergebnis von dem GMER ein :


GMER Logfile:
Code:
ATTFilter
GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-19 16:51:47
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD15 rev.51.0 1397,27GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\Juergen\AppData\Local\Temp\axlirfob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                          0000000076971465 2 bytes [97, 76]
.text  C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                         00000000769714bb 2 bytes [97, 76]
.text  ...                                                                                                                                                    * 2
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076971465 2 bytes [97, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000769714bb 2 bytes [97, 76]
.text  ...                                                                                                                                                    * 2
.text  C:\Program Files (x86)\Samsung\Kies\Kies.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                             0000000076971465 2 bytes [97, 76]
.text  C:\Program Files (x86)\Samsung\Kies\Kies.exe[3004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                            00000000769714bb 2 bytes [97, 76]
.text  ...                                                                                                                                                    * 2
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3016] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint                             000000007755000c 1 byte [C3]
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3016] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin                        00000000775df85a 5 bytes JMP 000000017758d571
.text  C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe[516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                          0000000076971465 2 bytes [97, 76]
.text  C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe[516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                         00000000769714bb 2 bytes [97, 76]
.text  ...                                                                                                                                                    * 2
.text  C:\Users\Juergen\AppData\Roaming\Dropbox\bin\Dropbox.exe[2572] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                 0000000076971465 2 bytes [97, 76]
.text  C:\Users\Juergen\AppData\Roaming\Dropbox\bin\Dropbox.exe[2572] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                00000000769714bb 2 bytes [97, 76]
.text  ...                                                                                                                                                    * 2

---- Disk sectors - GMER 2.1 ----

Disk   \Device\Harddisk0\DR0                                                                                                                                  unknown MBR code

---- EOF - GMER 2.1 ----
         
--- --- ---

Geändert von boesel (19.03.2013 um 16:41 Uhr)

Alt 19.03.2013, 22:48   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.03.2013, 15:28   #11
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Hey Cosinus,
ich wollte nur Bescheid geben, dass ich im Moment nicht an dem besagten Rechner arbeiten kann. Vielleicht schaffe ich es morgen deine neuen Anweisungen zu befolgen, aber wahrscheinlich erst nach dem Wochenende.

Aber sobald es geht, werde ich weiter machen und die gewünschten Sachen posten!

LG Simone

Alt 21.03.2013, 16:18   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Ok, aber eine Bitte: lass solche Zwischenrufe, poste nur wenn es Probleme gibt oder wenn du die Logs hast (diese dann auch posten in CODE-Tags)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.03.2013, 17:57   #13
boesel
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Hey, hier sind die nächsten Logs...der Rest kommt noch

leider weiß ich nicht wie ich das mit diesen CODE-TAgs machen muss...Das sind diese Kästchen, oder? Ich hab ds ja sogar mal gemacht, aber das habe ich nicht bewusst hinbekommen...also sorry, oder du erklärst es kurz, falls das so gar nicht geht...

18:53:57.0075 3964 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:53:57.0495 3964 ============================================================
18:53:57.0495 3964 Current date / time: 2013/03/26 18:53:57.0495
18:53:57.0495 3964 SystemInfo:
18:53:57.0496 3964
18:53:57.0496 3964 OS Version: 6.1.7601 ServicePack: 1.0
18:53:57.0496 3964 Product type: Workstation
18:53:57.0496 3964 ComputerName: JUERGEN-PC
18:53:57.0496 3964 UserName: Juergen
18:53:57.0496 3964 Windows directory: C:\Windows
18:53:57.0496 3964 System windows directory: C:\Windows
18:53:57.0496 3964 Running under WOW64
18:53:57.0496 3964 Processor architecture: Intel x64
18:53:57.0496 3964 Number of processors: 4
18:53:57.0496 3964 Page size: 0x1000
18:53:57.0496 3964 Boot type: Normal boot
18:53:57.0496 3964 ============================================================
18:53:58.0082 3964 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:53:58.0097 3964 ============================================================
18:53:58.0097 3964 \Device\Harddisk0\DR0:
18:53:58.0097 3964 MBR partitions:
18:53:58.0097 3964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:53:58.0097 3964 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA9854800
18:53:58.0097 3964 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA9887000, BlocksNum 0x5000000
18:53:58.0097 3964 ============================================================
18:53:58.0115 3964 C: <-> \Device\Harddisk0\DR0\Partition2
18:53:58.0153 3964 D: <-> \Device\Harddisk0\DR0\Partition3
18:53:58.0153 3964 ============================================================
18:53:58.0153 3964 Initialize success
18:53:58.0153 3964 ============================================================
18:54:01.0944 1456 ============================================================
18:54:01.0944 1456 Scan started
18:54:01.0944 1456 Mode: Manual;
18:54:01.0944 1456 ============================================================
18:54:02.0508 1456 ================ Scan system memory ========================
18:54:02.0508 1456 System memory - ok
18:54:02.0510 1456 ================ Scan services =============================
18:54:02.0642 1456 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:54:02.0646 1456 1394ohci - ok
18:54:02.0669 1456 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:54:02.0674 1456 ACPI - ok
18:54:02.0702 1456 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:54:02.0703 1456 AcpiPmi - ok
18:54:02.0809 1456 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:54:02.0810 1456 AdobeARMservice - ok
18:54:02.0921 1456 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:54:02.0925 1456 AdobeFlashPlayerUpdateSvc - ok
18:54:02.0962 1456 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:54:02.0970 1456 adp94xx - ok
18:54:02.0996 1456 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:54:03.0002 1456 adpahci - ok
18:54:03.0019 1456 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:54:03.0023 1456 adpu320 - ok
18:54:03.0039 1456 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:54:03.0041 1456 AeLookupSvc - ok
18:54:03.0082 1456 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:54:03.0088 1456 AFD - ok
18:54:03.0119 1456 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:54:03.0120 1456 agp440 - ok
18:54:03.0135 1456 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:54:03.0137 1456 ALG - ok
18:54:03.0163 1456 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:54:03.0164 1456 aliide - ok
18:54:03.0208 1456 [ 5EBA5E837D6635AEA999BAE47E186C6F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:54:03.0211 1456 AMD External Events Utility - ok
18:54:03.0226 1456 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:54:03.0228 1456 amdide - ok
18:54:03.0246 1456 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:54:03.0247 1456 AmdK8 - ok
18:54:03.0423 1456 [ DCC8177244FE79C61C4E73C65E63922A ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:54:03.0574 1456 amdkmdag - ok
18:54:03.0597 1456 [ 7FE67D107329DC2CF89136A8E19BCEB7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:54:03.0600 1456 amdkmdap - ok
18:54:03.0611 1456 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:54:03.0612 1456 AmdPPM - ok
18:54:03.0634 1456 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:54:03.0636 1456 amdsata - ok
18:54:03.0656 1456 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:54:03.0659 1456 amdsbs - ok
18:54:03.0688 1456 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:54:03.0689 1456 amdxata - ok
18:54:03.0721 1456 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
18:54:03.0723 1456 androidusb - ok
18:54:03.0740 1456 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:54:03.0741 1456 AppID - ok
18:54:03.0751 1456 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:54:03.0765 1456 AppIDSvc - ok
18:54:03.0788 1456 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:54:03.0790 1456 Appinfo - ok
18:54:03.0808 1456 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:54:03.0810 1456 arc - ok
18:54:03.0828 1456 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:54:03.0830 1456 arcsas - ok
18:54:03.0860 1456 [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
18:54:03.0862 1456 asmthub3 - ok
18:54:03.0891 1456 [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
18:54:03.0897 1456 asmtxhci - ok
18:54:03.0927 1456 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:54:03.0928 1456 AsyncMac - ok
18:54:03.0985 1456 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:54:03.0986 1456 atapi - ok
18:54:04.0019 1456 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:54:04.0021 1456 AtiHDAudioService - ok
18:54:04.0043 1456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:54:04.0051 1456 AudioEndpointBuilder - ok
18:54:04.0063 1456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:54:04.0068 1456 AudioSrv - ok
18:54:04.0115 1456 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:54:04.0117 1456 AxInstSV - ok
18:54:04.0140 1456 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:54:04.0147 1456 b06bdrv - ok
18:54:04.0197 1456 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:54:04.0201 1456 b57nd60a - ok
18:54:04.0213 1456 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:54:04.0216 1456 BDESVC - ok
18:54:04.0233 1456 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:54:04.0234 1456 Beep - ok
18:54:04.0298 1456 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:54:04.0308 1456 BFE - ok
18:54:04.0625 1456 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130301.001\BHDrvx64.sys
18:54:04.0641 1456 BHDrvx64 - ok
18:54:04.0675 1456 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:54:04.0684 1456 BITS - ok
18:54:04.0706 1456 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:54:04.0707 1456 blbdrive - ok
18:54:04.0731 1456 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:54:04.0733 1456 bowser - ok
18:54:04.0751 1456 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:54:04.0752 1456 BrFiltLo - ok
18:54:04.0785 1456 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:54:04.0786 1456 BrFiltUp - ok
18:54:04.0804 1456 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:54:04.0807 1456 Browser - ok
18:54:04.0837 1456 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:54:04.0841 1456 Brserid - ok
18:54:04.0863 1456 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:54:04.0865 1456 BrSerWdm - ok
18:54:04.0888 1456 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:54:04.0890 1456 BrUsbMdm - ok
18:54:04.0905 1456 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:54:04.0906 1456 BrUsbSer - ok
18:54:04.0920 1456 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:54:04.0921 1456 BTHMODEM - ok
18:54:04.0930 1456 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:54:04.0932 1456 bthserv - ok
18:54:04.0988 1456 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1403000.024\ccSetx64.sys
18:54:04.0991 1456 ccSet_N360 - ok
18:54:05.0004 1456 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:54:05.0006 1456 cdfs - ok
18:54:05.0026 1456 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:54:05.0028 1456 cdrom - ok
18:54:05.0039 1456 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:54:05.0041 1456 CertPropSvc - ok
18:54:05.0062 1456 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:54:05.0063 1456 circlass - ok
18:54:05.0084 1456 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:54:05.0087 1456 CLFS - ok
18:54:05.0156 1456 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:54:05.0158 1456 clr_optimization_v2.0.50727_32 - ok
18:54:05.0192 1456 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:54:05.0194 1456 clr_optimization_v2.0.50727_64 - ok
18:54:05.0263 1456 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:54:05.0281 1456 clr_optimization_v4.0.30319_32 - ok
18:54:05.0305 1456 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:54:05.0307 1456 clr_optimization_v4.0.30319_64 - ok
18:54:05.0326 1456 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:54:05.0327 1456 CmBatt - ok
18:54:05.0343 1456 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:54:05.0344 1456 cmdide - ok
18:54:05.0368 1456 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:54:05.0374 1456 CNG - ok
18:54:05.0405 1456 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:54:05.0406 1456 Compbatt - ok
18:54:05.0440 1456 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:54:05.0442 1456 CompositeBus - ok
18:54:05.0446 1456 COMSysApp - ok
18:54:05.0474 1456 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:54:05.0475 1456 crcdisk - ok
18:54:05.0505 1456 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:54:05.0509 1456 CryptSvc - ok
18:54:05.0602 1456 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:54:05.0612 1456 cvhsvc - ok
18:54:05.0660 1456 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:54:05.0668 1456 DcomLaunch - ok
18:54:05.0690 1456 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:54:05.0695 1456 defragsvc - ok
18:54:05.0707 1456 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:54:05.0709 1456 DfsC - ok
18:54:05.0732 1456 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:54:05.0737 1456 Dhcp - ok
18:54:05.0773 1456 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:54:05.0774 1456 discache - ok
18:54:05.0779 1456 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:54:05.0781 1456 Disk - ok
18:54:05.0798 1456 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:54:05.0801 1456 Dnscache - ok
18:54:05.0830 1456 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:54:05.0834 1456 dot3svc - ok
18:54:05.0845 1456 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:54:05.0848 1456 DPS - ok
18:54:05.0882 1456 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:54:05.0883 1456 drmkaud - ok
18:54:05.0915 1456 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:54:05.0928 1456 DXGKrnl - ok
18:54:05.0954 1456 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:54:05.0956 1456 EapHost - ok
18:54:06.0036 1456 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:54:06.0146 1456 ebdrv - ok
18:54:06.0235 1456 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:54:06.0241 1456 eeCtrl - ok
18:54:06.0257 1456 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:54:06.0259 1456 EFS - ok
18:54:06.0296 1456 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:54:06.0305 1456 ehRecvr - ok
18:54:06.0315 1456 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:54:06.0318 1456 ehSched - ok
18:54:06.0338 1456 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:54:06.0345 1456 elxstor - ok
18:54:06.0374 1456 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:54:06.0376 1456 EraserUtilRebootDrv - ok
18:54:06.0406 1456 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:54:06.0407 1456 ErrDev - ok
18:54:06.0434 1456 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:54:06.0439 1456 EventSystem - ok
18:54:06.0449 1456 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:54:06.0452 1456 exfat - ok
18:54:06.0468 1456 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:54:06.0472 1456 fastfat - ok
18:54:06.0491 1456 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:54:06.0500 1456 Fax - ok
18:54:06.0511 1456 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:54:06.0513 1456 fdc - ok
18:54:06.0528 1456 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:54:06.0529 1456 fdPHost - ok
18:54:06.0540 1456 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:54:06.0542 1456 FDResPub - ok
18:54:06.0550 1456 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:54:06.0551 1456 FileInfo - ok
18:54:06.0563 1456 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:54:06.0565 1456 Filetrace - ok
18:54:06.0591 1456 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:54:06.0592 1456 flpydisk - ok
18:54:06.0609 1456 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:54:06.0614 1456 FltMgr - ok
18:54:06.0659 1456 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:54:06.0675 1456 FontCache - ok
18:54:06.0719 1456 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:54:06.0720 1456 FontCache3.0.0.0 - ok
18:54:06.0731 1456 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:54:06.0733 1456 FsDepends - ok
18:54:06.0754 1456 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:54:06.0755 1456 Fs_Rec - ok
18:54:06.0776 1456 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:54:06.0779 1456 fvevol - ok
18:54:06.0797 1456 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:54:06.0799 1456 gagp30kx - ok
18:54:06.0828 1456 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:54:06.0838 1456 gpsvc - ok
18:54:06.0905 1456 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:54:06.0908 1456 gupdate - ok
18:54:06.0921 1456 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:54:06.0922 1456 gupdatem - ok
18:54:06.0938 1456 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:54:06.0940 1456 hcw85cir - ok
18:54:06.0992 1456 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:54:07.0002 1456 HdAudAddService - ok
18:54:07.0020 1456 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:54:07.0022 1456 HDAudBus - ok
18:54:07.0037 1456 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:54:07.0038 1456 HidBatt - ok
18:54:07.0050 1456 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:54:07.0052 1456 HidBth - ok
18:54:07.0069 1456 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:54:07.0071 1456 HidIr - ok
18:54:07.0085 1456 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:54:07.0086 1456 hidserv - ok
18:54:07.0098 1456 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:54:07.0100 1456 HidUsb - ok
18:54:07.0113 1456 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:54:07.0116 1456 hkmsvc - ok
18:54:07.0134 1456 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:54:07.0139 1456 HomeGroupListener - ok
18:54:07.0148 1456 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:54:07.0152 1456 HomeGroupProvider - ok
18:54:07.0170 1456 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:54:07.0172 1456 HpSAMD - ok
18:54:07.0207 1456 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:54:07.0216 1456 HTTP - ok
18:54:07.0232 1456 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:54:07.0233 1456 hwpolicy - ok
18:54:07.0252 1456 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:54:07.0254 1456 i8042prt - ok
18:54:07.0269 1456 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:54:07.0273 1456 iaStor - ok
18:54:07.0342 1456 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:54:07.0344 1456 IAStorDataMgrSvc - ok
18:54:07.0375 1456 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:54:07.0381 1456 iaStorV - ok
18:54:07.0430 1456 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:54:07.0442 1456 idsvc - ok
18:54:07.0507 1456 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130323.001\IDSvia64.sys
18:54:07.0514 1456 IDSVia64 - ok
18:54:07.0539 1456 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:54:07.0540 1456 iirsp - ok
18:54:07.0610 1456 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:54:07.0612 1456 IJPLMSVC - ok
18:54:07.0644 1456 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:54:07.0655 1456 IKEEXT - ok
18:54:07.0727 1456 [ 3E49DAC8EEFA6016AA2A6331BEC866AE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:54:07.0776 1456 IntcAzAudAddService - ok
18:54:07.0830 1456 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:54:07.0832 1456 intelide - ok
18:54:07.0864 1456 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:54:07.0866 1456 intelppm - ok
18:54:07.0882 1456 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:54:07.0884 1456 IPBusEnum - ok
18:54:07.0895 1456 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:54:07.0897 1456 IpFilterDriver - ok
18:54:07.0928 1456 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:54:07.0936 1456 iphlpsvc - ok
18:54:07.0962 1456 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:54:07.0964 1456 IPMIDRV - ok
18:54:07.0969 1456 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:54:07.0972 1456 IPNAT - ok
18:54:07.0984 1456 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:54:07.0986 1456 IRENUM - ok
18:54:08.0004 1456 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:54:08.0005 1456 isapnp - ok
18:54:08.0025 1456 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:54:08.0029 1456 iScsiPrt - ok
18:54:08.0055 1456 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:54:08.0056 1456 kbdclass - ok
18:54:08.0068 1456 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:54:08.0069 1456 kbdhid - ok
18:54:08.0081 1456 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:54:08.0083 1456 KeyIso - ok
18:54:08.0096 1456 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:54:08.0098 1456 KSecDD - ok
18:54:08.0108 1456 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:54:08.0111 1456 KSecPkg - ok
18:54:08.0119 1456 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:54:08.0120 1456 ksthunk - ok
18:54:08.0135 1456 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:54:08.0140 1456 KtmRm - ok
18:54:08.0161 1456 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:54:08.0166 1456 LanmanServer - ok
18:54:08.0181 1456 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:54:08.0185 1456 LanmanWorkstation - ok
18:54:08.0208 1456 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:54:08.0210 1456 lltdio - ok
18:54:08.0230 1456 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:54:08.0235 1456 lltdsvc - ok
18:54:08.0244 1456 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:54:08.0245 1456 lmhosts - ok
18:54:08.0284 1456 [ 1584DEEAE5AA0E3FB045F3D0EAC585EA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:54:08.0288 1456 LMS - ok
18:54:08.0310 1456 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:54:08.0313 1456 LSI_FC - ok
18:54:08.0329 1456 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:54:08.0331 1456 LSI_SAS - ok
18:54:08.0339 1456 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:54:08.0341 1456 LSI_SAS2 - ok
18:54:08.0351 1456 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:54:08.0353 1456 LSI_SCSI - ok
18:54:08.0365 1456 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:54:08.0367 1456 luafv - ok
18:54:08.0385 1456 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:54:08.0387 1456 Mcx2Svc - ok
18:54:08.0402 1456 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:54:08.0404 1456 megasas - ok
18:54:08.0426 1456 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:54:08.0430 1456 MegaSR - ok
18:54:08.0447 1456 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:54:08.0449 1456 MEIx64 - ok
18:54:08.0465 1456 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:54:08.0467 1456 MMCSS - ok
18:54:08.0476 1456 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:54:08.0477 1456 Modem - ok
18:54:08.0490 1456 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:54:08.0491 1456 monitor - ok
18:54:08.0510 1456 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:54:08.0511 1456 mouclass - ok
18:54:08.0525 1456 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:54:08.0526 1456 mouhid - ok
18:54:08.0554 1456 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:54:08.0556 1456 mountmgr - ok
18:54:08.0607 1456 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:54:08.0610 1456 MozillaMaintenance - ok
18:54:08.0630 1456 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:54:08.0634 1456 mpio - ok
18:54:08.0653 1456 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:54:08.0655 1456 mpsdrv - ok
18:54:08.0684 1456 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:54:08.0695 1456 MpsSvc - ok
18:54:08.0708 1456 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:54:08.0711 1456 MRxDAV - ok
18:54:08.0743 1456 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:54:08.0746 1456 mrxsmb - ok
18:54:08.0782 1456 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:54:08.0788 1456 mrxsmb10 - ok
18:54:08.0803 1456 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:54:08.0805 1456 mrxsmb20 - ok
18:54:08.0818 1456 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:54:08.0819 1456 msahci - ok
18:54:08.0836 1456 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:54:08.0839 1456 msdsm - ok
18:54:08.0853 1456 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:54:08.0857 1456 MSDTC - ok
18:54:08.0879 1456 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:54:08.0881 1456 Msfs - ok
18:54:08.0894 1456 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:54:08.0895 1456 mshidkmdf - ok
18:54:08.0899 1456 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:54:08.0901 1456 msisadrv - ok
18:54:08.0922 1456 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:54:08.0926 1456 MSiSCSI - ok
18:54:08.0930 1456 msiserver - ok
18:54:08.0954 1456 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:54:08.0956 1456 MSKSSRV - ok
18:54:08.0971 1456 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:54:08.0973 1456 MSPCLOCK - ok
18:54:08.0987 1456 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:54:08.0988 1456 MSPQM - ok
18:54:09.0008 1456 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:54:09.0013 1456 MsRPC - ok
18:54:09.0039 1456 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:54:09.0040 1456 mssmbios - ok
18:54:09.0047 1456 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:54:09.0048 1456 MSTEE - ok
18:54:09.0063 1456 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:54:09.0065 1456 MTConfig - ok
18:54:09.0078 1456 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:54:09.0080 1456 Mup - ok
18:54:09.0222 1456 [ 241BD3019FB31E812A51B31B06906335 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
18:54:09.0224 1456 N360 - ok
18:54:09.0248 1456 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:54:09.0255 1456 napagent - ok
18:54:09.0286 1456 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:54:09.0291 1456 NativeWifiP - ok
18:54:09.0363 1456 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130325.024\ENG64.SYS
18:54:09.0365 1456 NAVENG - ok
18:54:09.0418 1456 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130325.024\EX64.SYS
18:54:09.0456 1456 NAVEX15 - ok
18:54:09.0495 1456 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:54:09.0504 1456 NDIS - ok
18:54:09.0515 1456 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:54:09.0516 1456 NdisCap - ok
18:54:09.0528 1456 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:54:09.0529 1456 NdisTapi - ok
18:54:09.0538 1456 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:54:09.0539 1456 Ndisuio - ok
18:54:09.0549 1456 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:54:09.0551 1456 NdisWan - ok
18:54:09.0568 1456 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:54:09.0569 1456 NDProxy - ok
18:54:09.0574 1456 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:54:09.0575 1456 NetBIOS - ok
18:54:09.0590 1456 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:54:09.0593 1456 NetBT - ok
18:54:09.0618 1456 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:54:09.0619 1456 Netlogon - ok
18:54:09.0637 1456 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:54:09.0642 1456 Netman - ok
18:54:09.0658 1456 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:54:09.0663 1456 netprofm - ok
18:54:09.0688 1456 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:54:09.0690 1456 NetTcpPortSharing - ok
18:54:09.0721 1456 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:54:09.0722 1456 nfrd960 - ok
18:54:09.0737 1456 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:54:09.0741 1456 NlaSvc - ok
18:54:09.0749 1456 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:54:09.0750 1456 Npfs - ok
18:54:09.0755 1456 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:54:09.0757 1456 nsi - ok
18:54:09.0767 1456 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:54:09.0768 1456 nsiproxy - ok
18:54:09.0816 1456 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:54:09.0854 1456 Ntfs - ok
18:54:09.0895 1456 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:54:09.0896 1456 Null - ok
18:54:10.0069 1456 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:54:10.0220 1456 nvlddmkm - ok
18:54:10.0248 1456 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:54:10.0250 1456 nvraid - ok
18:54:10.0266 1456 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:54:10.0268 1456 nvstor - ok
18:54:10.0288 1456 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:54:10.0290 1456 nv_agp - ok
18:54:10.0306 1456 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:54:10.0307 1456 ohci1394 - ok
18:54:10.0336 1456 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:54:10.0339 1456 ose - ok
18:54:10.0466 1456 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:54:10.0555 1456 osppsvc - ok
18:54:10.0576 1456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:54:10.0580 1456 p2pimsvc - ok
18:54:10.0596 1456 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:54:10.0601 1456 p2psvc - ok
18:54:10.0616 1456 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:54:10.0618 1456 Parport - ok
18:54:10.0629 1456 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:54:10.0630 1456 partmgr - ok
18:54:10.0644 1456 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:54:10.0647 1456 PcaSvc - ok
18:54:10.0677 1456 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:54:10.0680 1456 pci - ok
18:54:10.0692 1456 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:54:10.0694 1456 pciide - ok
18:54:10.0707 1456 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:54:10.0710 1456 pcmcia - ok
18:54:10.0723 1456 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:54:10.0724 1456 pcw - ok
18:54:10.0743 1456 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:54:10.0750 1456 PEAUTH - ok
18:54:10.0825 1456 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:54:10.0828 1456 PerfHost - ok
18:54:10.0867 1456 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:54:10.0890 1456 pla - ok
18:54:10.0931 1456 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:54:10.0937 1456 PlugPlay - ok
18:54:10.0952 1456 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:54:10.0955 1456 PNRPAutoReg - ok
18:54:10.0973 1456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:54:10.0977 1456 PNRPsvc - ok
18:54:10.0993 1456 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:54:11.0000 1456 PolicyAgent - ok
18:54:11.0020 1456 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:54:11.0024 1456 Power - ok
18:54:11.0035 1456 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:54:11.0037 1456 PptpMiniport - ok
18:54:11.0049 1456 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:54:11.0050 1456 Processor - ok
18:54:11.0075 1456 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:54:11.0079 1456 ProfSvc - ok
18:54:11.0094 1456 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:54:11.0096 1456 ProtectedStorage - ok
18:54:11.0105 1456 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:54:11.0108 1456 Psched - ok
18:54:11.0162 1456 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:54:11.0165 1456 PSI_SVC_2 - ok
18:54:11.0212 1456 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:54:11.0235 1456 ql2300 - ok
18:54:11.0260 1456 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:54:11.0263 1456 ql40xx - ok
18:54:11.0278 1456 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:54:11.0283 1456 QWAVE - ok
18:54:11.0301 1456 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:54:11.0303 1456 QWAVEdrv - ok
18:54:11.0318 1456 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:54:11.0319 1456 RasAcd - ok
18:54:11.0332 1456 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:54:11.0333 1456 RasAgileVpn - ok
18:54:11.0351 1456 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:54:11.0354 1456 RasAuto - ok
18:54:11.0374 1456 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:54:11.0377 1456 Rasl2tp - ok
18:54:11.0402 1456 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:54:11.0408 1456 RasMan - ok
18:54:11.0419 1456 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:54:11.0421 1456 RasPppoe - ok
18:54:11.0432 1456 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:54:11.0434 1456 RasSstp - ok
18:54:11.0449 1456 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:54:11.0454 1456 rdbss - ok
18:54:11.0471 1456 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:54:11.0473 1456 rdpbus - ok
18:54:11.0486 1456 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:54:11.0487 1456 RDPCDD - ok
18:54:11.0509 1456 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:54:11.0510 1456 RDPENCDD - ok
18:54:11.0525 1456 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:54:11.0526 1456 RDPREFMP - ok
18:54:11.0551 1456 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:54:11.0554 1456 RDPWD - ok
18:54:11.0571 1456 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:54:11.0575 1456 rdyboost - ok
18:54:11.0590 1456 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:54:11.0593 1456 RemoteAccess - ok
18:54:11.0605 1456 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:54:11.0609 1456 RemoteRegistry - ok
18:54:11.0623 1456 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:54:11.0626 1456 RpcEptMapper - ok
18:54:11.0640 1456 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:54:11.0642 1456 RpcLocator - ok
18:54:11.0661 1456 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:54:11.0666 1456 RpcSs - ok
18:54:11.0685 1456 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:54:11.0687 1456 rspndr - ok
18:54:11.0726 1456 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:54:11.0732 1456 RTL8167 - ok
18:54:11.0781 1456 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
18:54:11.0791 1456 RTL8192su - ok
18:54:11.0795 1456 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:54:11.0796 1456 SamSs - ok
18:54:11.0826 1456 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:54:11.0829 1456 sbp2port - ok
18:54:11.0841 1456 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:54:11.0845 1456 SCardSvr - ok
18:54:11.0865 1456 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:54:11.0867 1456 scfilter - ok
18:54:11.0892 1456 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:54:11.0909 1456 Schedule - ok
18:54:11.0928 1456 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:54:11.0929 1456 SCPolicySvc - ok
18:54:11.0947 1456 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:54:11.0951 1456 SDRSVC - ok
18:54:11.0967 1456 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:54:11.0968 1456 secdrv - ok
18:54:11.0976 1456 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:54:11.0979 1456 seclogon - ok
18:54:11.0983 1456 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:54:11.0986 1456 SENS - ok
18:54:12.0006 1456 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:54:12.0008 1456 SensrSvc - ok
18:54:12.0030 1456 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:54:12.0031 1456 Serenum - ok
18:54:12.0040 1456 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:54:12.0043 1456 Serial - ok
18:54:12.0060 1456 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:54:12.0061 1456 sermouse - ok
18:54:12.0080 1456 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:54:12.0084 1456 SessionEnv - ok
18:54:12.0093 1456 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:54:12.0094 1456 sffdisk - ok
18:54:12.0111 1456 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:54:12.0112 1456 sffp_mmc - ok
18:54:12.0128 1456 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:54:12.0129 1456 sffp_sd - ok
18:54:12.0144 1456 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:54:12.0145 1456 sfloppy - ok
18:54:12.0186 1456 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:54:12.0195 1456 Sftfs - ok
18:54:12.0244 1456 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:54:12.0250 1456 sftlist - ok
18:54:12.0262 1456 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:54:12.0266 1456 Sftplay - ok
18:54:12.0281 1456 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:54:12.0282 1456 Sftredir - ok
18:54:12.0286 1456 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:54:12.0288 1456 Sftvol - ok
18:54:12.0307 1456 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:54:12.0310 1456 sftvsa - ok
18:54:12.0335 1456 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:54:12.0341 1456 SharedAccess - ok
18:54:12.0361 1456 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:54:12.0368 1456 ShellHWDetection - ok
18:54:12.0394 1456 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:54:12.0395 1456 SiSRaid2 - ok
18:54:12.0411 1456 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:54:12.0413 1456 SiSRaid4 - ok
18:54:12.0478 1456 [ 544788D536087DAF32B846F10D8392F5 ] SLEE_17_DRIVER C:\Windows\Sleen1764.sys
18:54:12.0480 1456 SLEE_17_DRIVER - ok
18:54:12.0505 1456 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:54:12.0507 1456 Smb - ok
18:54:12.0522 1456 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:54:12.0524 1456 SNMPTRAP - ok
18:54:12.0539 1456 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:54:12.0540 1456 spldr - ok
18:54:12.0568 1456 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:54:12.0576 1456 Spooler - ok
18:54:12.0648 1456 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:54:12.0710 1456 sppsvc - ok
18:54:12.0729 1456 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:54:12.0731 1456 sppuinotify - ok
18:54:12.0827 1456 [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP C:\Windows\System32\Drivers\N360x64\1403000.024\SRTSP64.SYS
18:54:12.0836 1456 SRTSP - ok
18:54:12.0850 1456 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\N360x64\1403000.024\SRTSPX64.SYS
18:54:12.0851 1456 SRTSPX - ok
18:54:12.0879 1456 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:54:12.0885 1456 srv - ok
18:54:12.0903 1456 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:54:12.0909 1456 srv2 - ok
18:54:12.0920 1456 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:54:12.0923 1456 srvnet - ok
18:54:12.0939 1456 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
18:54:12.0942 1456 ssadbus - ok
18:54:12.0978 1456 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:54:12.0979 1456 ssadmdfl - ok
18:54:12.0996 1456 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
18:54:12.0999 1456 ssadmdm - ok
18:54:13.0030 1456 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
18:54:13.0032 1456 ssadserd - ok
18:54:13.0062 1456 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
18:54:13.0065 1456 sscdbus - ok
18:54:13.0075 1456 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:54:13.0076 1456 sscdmdfl - ok
18:54:13.0096 1456 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
18:54:13.0100 1456 sscdmdm - ok
18:54:13.0118 1456 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:54:13.0122 1456 SSDPSRV - ok
18:54:13.0135 1456 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:54:13.0138 1456 SstpSvc - ok
18:54:13.0157 1456 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:54:13.0158 1456 stexstor - ok
18:54:13.0181 1456 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:54:13.0189 1456 stisvc - ok
18:54:13.0202 1456 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:54:13.0203 1456 swenum - ok
18:54:13.0223 1456 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:54:13.0230 1456 swprv - ok
18:54:13.0250 1456 [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS C:\Windows\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
18:54:13.0256 1456 SymDS - ok
18:54:13.0299 1456 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
18:54:13.0312 1456 SymEFA - ok
18:54:13.0349 1456 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:54:13.0352 1456 SymEvent - ok
18:54:13.0382 1456 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1403000.024\Ironx64.SYS
18:54:13.0385 1456 SymIRON - ok
18:54:13.0407 1456 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1403000.024\SYMNETS.SYS
18:54:13.0413 1456 SymNetS - ok
18:54:13.0456 1456 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:54:13.0492 1456 SysMain - ok
18:54:13.0508 1456 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:54:13.0511 1456 TabletInputService - ok
18:54:13.0525 1456 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:54:13.0530 1456 TapiSrv - ok
18:54:13.0543 1456 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:54:13.0546 1456 TBS - ok
18:54:13.0603 1456 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:54:13.0640 1456 Tcpip - ok
18:54:13.0669 1456 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:54:13.0678 1456 TCPIP6 - ok
18:54:13.0707 1456 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:54:13.0709 1456 tcpipreg - ok
18:54:13.0728 1456 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:54:13.0729 1456 TDPIPE - ok
18:54:13.0762 1456 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:54:13.0763 1456 TDTCP - ok
18:54:13.0780 1456 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:54:13.0782 1456 tdx - ok
18:54:13.0858 1456 [ CB2BAE47B5B74BF8185C1F9FB01EAA4E ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
18:54:13.0906 1456 TeamViewer6 - ok
18:54:13.0950 1456 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:54:13.0952 1456 TermDD - ok
18:54:13.0978 1456 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:54:13.0988 1456 TermService - ok
18:54:14.0005 1456 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:54:14.0008 1456 Themes - ok
18:54:14.0022 1456 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:54:14.0024 1456 THREADORDER - ok
18:54:14.0050 1456 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
18:54:14.0052 1456 TomTomHOMEService - ok
18:54:14.0067 1456 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:54:14.0070 1456 TrkWks - ok
18:54:14.0113 1456 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:54:14.0116 1456 TrustedInstaller - ok
18:54:14.0126 1456 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:54:14.0128 1456 tssecsrv - ok
18:54:14.0136 1456 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:54:14.0138 1456 TsUsbFlt - ok
18:54:14.0147 1456 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:54:14.0148 1456 TsUsbGD - ok
18:54:14.0159 1456 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:54:14.0162 1456 tunnel - ok
18:54:14.0172 1456 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:54:14.0174 1456 uagp35 - ok
18:54:14.0190 1456 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:54:14.0195 1456 udfs - ok
18:54:14.0214 1456 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:54:14.0216 1456 UI0Detect - ok
18:54:14.0232 1456 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:54:14.0234 1456 uliagpkx - ok
18:54:14.0251 1456 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:54:14.0253 1456 umbus - ok
18:54:14.0275 1456 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:54:14.0277 1456 UmPass - ok
18:54:14.0378 1456 [ FC43877B4625F6EB773C98233EB625C5 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:54:14.0421 1456 UNS - ok
18:54:14.0439 1456 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:54:14.0443 1456 upnphost - ok
18:54:14.0472 1456 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:54:14.0473 1456 usbccgp - ok
18:54:14.0483 1456 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:54:14.0485 1456 usbcir - ok
18:54:14.0504 1456 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:54:14.0506 1456 usbehci - ok
18:54:14.0523 1456 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:54:14.0528 1456 usbhub - ok
18:54:14.0544 1456 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:54:14.0545 1456 usbohci - ok
18:54:14.0567 1456 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:54:14.0569 1456 usbprint - ok
18:54:14.0602 1456 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:54:14.0604 1456 usbscan - ok
18:54:14.0619 1456 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:54:14.0621 1456 USBSTOR - ok
18:54:14.0637 1456 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:54:14.0639 1456 usbuhci - ok
18:54:14.0683 1456 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:54:14.0686 1456 usbvideo - ok
18:54:14.0712 1456 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
18:54:14.0713 1456 usb_rndisx - ok
18:54:14.0720 1456 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:54:14.0723 1456 UxSms - ok
18:54:14.0730 1456 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:54:14.0731 1456 VaultSvc - ok
18:54:14.0743 1456 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:54:14.0745 1456 vdrvroot - ok
18:54:14.0764 1456 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:54:14.0772 1456 vds - ok
18:54:14.0798 1456 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:54:14.0800 1456 vga - ok
18:54:14.0803 1456 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:54:14.0805 1456 VgaSave - ok
18:54:14.0820 1456 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:54:14.0823 1456 vhdmp - ok
18:54:14.0845 1456 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:54:14.0846 1456 viaide - ok
18:54:14.0855 1456 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:54:14.0857 1456 volmgr - ok
18:54:14.0872 1456 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:54:14.0877 1456 volmgrx - ok
18:54:14.0893 1456 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:54:14.0897 1456 volsnap - ok
18:54:14.0923 1456 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:54:14.0925 1456 vsmraid - ok
18:54:14.0962 1456 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:54:14.0998 1456 VSS - ok
18:54:15.0014 1456 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:54:15.0015 1456 vwifibus - ok
18:54:15.0043 1456 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:54:15.0045 1456 vwififlt - ok
18:54:15.0049 1456 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:54:15.0050 1456 vwifimp - ok
18:54:15.0065 1456 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:54:15.0071 1456 W32Time - ok
18:54:15.0090 1456 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:54:15.0091 1456 WacomPen - ok
18:54:15.0100 1456 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:54:15.0102 1456 WANARP - ok
18:54:15.0104 1456 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:54:15.0105 1456 Wanarpv6 - ok
18:54:15.0139 1456 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:54:15.0153 1456 wbengine - ok
18:54:15.0167 1456 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:54:15.0170 1456 WbioSrvc - ok
18:54:15.0193 1456 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:54:15.0197 1456 wcncsvc - ok
18:54:15.0207 1456 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:54:15.0209 1456 WcsPlugInService - ok
18:54:15.0215 1456 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:54:15.0215 1456 Wd - ok
18:54:15.0244 1456 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:54:15.0251 1456 Wdf01000 - ok
18:54:15.0263 1456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:54:15.0265 1456 WdiServiceHost - ok
18:54:15.0267 1456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:54:15.0269 1456 WdiSystemHost - ok
18:54:15.0282 1456 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:54:15.0286 1456 WebClient - ok
18:54:15.0296 1456 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:54:15.0300 1456 Wecsvc - ok
18:54:15.0317 1456 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:54:15.0319 1456 wercplsupport - ok
18:54:15.0335 1456 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:54:15.0337 1456 WerSvc - ok
18:54:15.0344 1456 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:54:15.0345 1456 WfpLwf - ok
18:54:15.0356 1456 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:54:15.0357 1456 WIMMount - ok
18:54:15.0376 1456 WinDefend - ok
18:54:15.0379 1456 WinHttpAutoProxySvc - ok
18:54:15.0414 1456 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:54:15.0418 1456 Winmgmt - ok
18:54:15.0465 1456 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:54:15.0502 1456 WinRM - ok
18:54:15.0530 1456 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:54:15.0542 1456 Wlansvc - ok
18:54:15.0599 1456 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:54:15.0602 1456 wlcrasvc - ok
18:54:15.0673 1456 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:54:15.0722 1456 wlidsvc - ok
18:54:15.0750 1456 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:54:15.0754 1456 WmiAcpi - ok
18:54:15.0769 1456 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:54:15.0773 1456 wmiApSrv - ok
18:54:15.0777 1456 WMPNetworkSvc - ok
18:54:15.0796 1456 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:54:15.0798 1456 WPCSvc - ok
18:54:15.0818 1456 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:54:15.0821 1456 WPDBusEnum - ok
18:54:15.0840 1456 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:54:15.0841 1456 ws2ifsl - ok
18:54:15.0855 1456 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:54:15.0859 1456 wscsvc - ok
18:54:15.0862 1456 WSearch - ok
18:54:15.0890 1456 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
18:54:15.0893 1456 wsvd - ok
18:54:15.0953 1456 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:54:16.0003 1456 wuauserv - ok
18:54:16.0036 1456 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:54:16.0037 1456 WudfPf - ok
18:54:16.0061 1456 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:54:16.0064 1456 WUDFRd - ok
18:54:16.0089 1456 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:54:16.0092 1456 wudfsvc - ok
18:54:16.0109 1456 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:54:16.0114 1456 WwanSvc - ok
18:54:16.0146 1456 ================ Scan global ===============================
18:54:16.0171 1456 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:54:16.0192 1456 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:16.0200 1456 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:16.0219 1456 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:54:16.0236 1456 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:54:16.0241 1456 [Global] - ok
18:54:16.0242 1456 ================ Scan MBR ==================================
18:54:16.0262 1456 [ 5D949EEA3BEEC2DF38A2D7900AD89A60 ] \Device\Harddisk0\DR0
18:54:17.0903 1456 \Device\Harddisk0\DR0 - ok
18:54:17.0904 1456 ================ Scan VBR ==================================
18:54:17.0905 1456 [ ED705AB412008FFB3D967C026FA11FD4 ] \Device\Harddisk0\DR0\Partition1
18:54:17.0906 1456 \Device\Harddisk0\DR0\Partition1 - ok
18:54:17.0908 1456 [ 3F8243C55A3DDA5A2458CC2BA80E2F88 ] \Device\Harddisk0\DR0\Partition2
18:54:17.0909 1456 \Device\Harddisk0\DR0\Partition2 - ok
18:54:17.0931 1456 [ 6E7648A582ADBAFFA149E369159A07D4 ] \Device\Harddisk0\DR0\Partition3
18:54:17.0933 1456 \Device\Harddisk0\DR0\Partition3 - ok
18:54:17.0933 1456 ============================================================
18:54:17.0933 1456 Scan finished
18:54:17.0933 1456 ============================================================
18:54:17.0939 3580 Detected object count: 0
18:54:17.0939 3580 Actual detected object count: 0

So und hier sind die anderen Logs:::


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-26 18:28:24
-----------------------------
18:28:24.779 OS Version: Windows x64 6.1.7601 Service Pack 1
18:28:24.779 Number of processors: 4 586 0x2A07
18:28:24.780 ComputerName: JUERGEN-PC UserName: Juergen
18:28:26.958 Initialize success
18:32:18.338 AVAST engine defs: 13032600
18:32:44.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:32:44.792 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 3
18:32:44.914 Disk 0 MBR read successfully
18:32:44.917 Disk 0 MBR scan
18:32:44.922 Disk 0 unknown MBR code
18:32:44.925 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:32:44.933 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1388713 MB offset 206848
18:32:44.976 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 40960 MB offset 2844291072
18:32:44.990 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 2928177152
18:32:45.024 Disk 0 scanning C:\Windows\system32\drivers
18:32:52.946 Service scanning
18:33:09.030 Modules scanning
18:33:09.038 Disk 0 trace - called modules:
18:33:09.057 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:33:09.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006607060]
18:33:09.067 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80048b5050]
18:33:11.997 AVAST engine scan C:\Windows
18:33:14.888 AVAST engine scan C:\Windows\system32
18:35:27.496 AVAST engine scan C:\Windows\system32\drivers
18:35:39.398 AVAST engine scan C:\Users\Juergen
18:39:53.719 AVAST engine scan C:\ProgramData
18:42:56.412 Scan finished successfully
18:45:01.265 Disk 0 MBR has been saved successfully to "C:\Users\Juergen\Desktop\MBR.dat"
18:45:01.271 The log file has been saved successfully to "C:\Users\Juergen\Desktop\aswMBR.txt"

Geändert von boesel (26.03.2013 um 18:10 Uhr)

Alt 26.03.2013, 21:47   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mein PC verschickt e-mails - Standard

Mein PC verschickt e-mails



Zitat:
18:54:01.0944 1456 Scan started
18:54:01.0944 1456 Mode: Manual;
Bitte die Anleitungen sorgfältiger lesen und umsetzen; du hast den tdsskiller falsch eingestellt
CODE-Tags wendet man wie folgt an:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Mein PC verschickt e-mails
adresse, andere, anderen, angemeldet, anzeige, e-mail, express, falsche, folge, gen, gmx.de, infiziert, inhalt, message, microsoft, namen, nemesis, neu, nötig, outlook, passwort, pcs, qmail, rechner, scan, unbekannt, verschickt, verschickt e-mails, wirklich



Ähnliche Themen: Mein PC verschickt e-mails


  1. iPhone verschickt E-Mails.
    Smartphone, Tablet & Handy Security - 22.12.2014 (1)
  2. Mein Email Account verschickt Spam Mails mit Internetlinks
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (11)
  3. Mein Account verschickt Spam-Mails....
    Plagegeister aller Art und deren Bekämpfung - 08.04.2013 (7)
  4. Computer verschickt mails !
    Log-Analyse und Auswertung - 18.03.2013 (30)
  5. GMX Account verschickt Spam-Mails
    Überwachung, Datenschutz und Spam - 10.08.2012 (102)
  6. Mein Hotmail verschickt automatisch Junk-Mails von Diät Pillen o.O
    Log-Analyse und Auswertung - 16.07.2012 (7)
  7. web.de verschickt eigenständig Spam-mails
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (30)
  8. Mein GMX Konto verschickt Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 21.05.2012 (1)
  9. Mein Yahhoo Account verschickt automatisch spam mails
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (3)
  10. Mein mailaccount hat selbständig mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 23.10.2011 (3)
  11. Mein Hotmail Konto verschickt automatisch Spam-Mails an mein Adressbuch =/
    Plagegeister aller Art und deren Bekämpfung - 16.02.2011 (7)
  12. mein Email Account verschickt Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 27.12.2010 (1)
  13. GMX-Account verschickt E-Mails
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (22)
  14. Mails von meiner IP verschickt worden.
    Plagegeister aller Art und deren Bekämpfung - 28.11.2009 (3)
  15. PC verschickt unaufgefordert mails
    Log-Analyse und Auswertung - 26.07.2009 (2)
  16. PC verschickt willkürlich E-Mails
    Plagegeister aller Art und deren Bekämpfung - 19.07.2008 (2)
  17. Winlogon verschickt Mails!
    Plagegeister aller Art und deren Bekämpfung - 30.12.2005 (4)

Zum Thema Mein PC verschickt e-mails - Hallo, Von meiner e-mail Adresse wurden seit dem 12.3.2013 Mahnungen für eine Groupon-Mitgliedschaft mit folgendem oder ähnlichem Inhalt verschickt: <xxx@aol.com> --- The header of the original message is following. --- - Mein PC verschickt e-mails...
Archiv
Du betrachtest: Mein PC verschickt e-mails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.