Internetseiten wie Google und YouTube sind gesperrt

Mischmann · 25.03.2013, 12:32

Moin Moin Leute,
ich habe ein großes Problem und zwar:
immer wenn ich versuche Google oder YouTube etc. aufzurufen werde ich auf eine Webseite, wo man einen Survey ausfüllen muss, umgeleitet.
(Bild: s1.directupload.net/file/d/3172/fxtv7k34_jpg.htm)
Ich vermute, dass es sich um Malware handelt.
Ich hoffe ihr könnt mir helfen.

Schöne Grüße
Mischmann

cosinus · 25.03.2013, 15:57

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Mischmann · 25.03.2013, 18:03

Erstmal Hallo cosinus,
nein ich habe leider keine schon vorhandenen Logs oder sonstiges, ich hoffe das macht nichts.

Gruß
Mischmann

cosinus · 25.03.2013, 20:29

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Mischmann · 26.03.2013, 18:46

Hier sind die beiden Log Dateien:

Extras.txt

Code:

ATTFilter

OTL Extras logfile created on: 26.03.2013 18:35:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nutzer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,62 Gb Available Physical Memory | 85,20% Memory free
31,97 Gb Paging File | 29,20 Gb Available in Paging File | 91,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 833,76 Gb Total Space | 721,68 Gb Free Space | 86,56% Space Free | Partition Type: NTFS
Drive M: | 97,66 Gb Total Space | 86,18 Gb Free Space | 88,24% Space Free | Partition Type: NTFS
 
Computer Name: MARC-PC | User Name: Nutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DEE14BF-7D35-4AF9-9B5C-CADBA7D778F4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E186CEF6-71A9-4A8A-8941-0CC9BA8CF534}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B501B4A-AFF0-431B-BD0D-388E72725C39}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{1FE0047B-167A-4303-B0C2-DB4516BCE296}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{260F6BC9-7BA7-4E18-83BA-C4DE37A1FF9F}" = protocol=6 | dir=in | app=c:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{27376600-BEA2-44BF-83C6-223D9C14D333}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{31B3F02B-4DB7-4AA1-B31C-CC0A2A9B360A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{49F9D757-D44E-4E48-BBD9-A4ED2999CD3C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{522C319A-0B5B-42A2-8DAE-EA6B55A9BA94}" = protocol=58 | dir=in | app=system | 
"{5469146A-CED9-4635-B3AC-BDD9D15837B2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{547131A6-CA16-4E4F-B4CA-9B3CB392DE6A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe | 
"{54AF8601-EAEB-4F89-9BA8-2AE26200D6DE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{58B75156-4B8E-4746-876E-C47BAFA566FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{620BD626-D91B-48C5-BAD0-343D6527D8F1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{641AC99E-6E47-416B-AC3C-8A08CB987641}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe | 
"{68CB16C8-FE82-4694-8378-237D4FA2A0B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe | 
"{6A81ECC2-0318-4A6D-842E-0BE2EFC165D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\krater\run_game.exe | 
"{6D1540B5-1277-41A4-A74C-4F6EC654A009}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeonland\dungeonland.exe | 
"{74441DA1-21AF-4BE5-A95E-2E4E4E51FB3B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | 
"{7552E5B6-7E93-443E-B7EB-D60D72DCF28E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe | 
"{8843E02E-981F-463E-860B-34CF569AD823}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | 
"{8C6666E6-E4D7-44FF-9F15-F5156F2E495C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeonland\dungeonland.exe | 
"{A1033296-50BD-4486-B26B-37D96243B4C2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A16E2429-69F7-45DD-8F1E-4452C45805A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{A2757489-271A-48B1-BC21-48143E313ACE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A5953606-2453-4DBC-8841-1CDEBABA5D8A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{B1DB1FBF-669C-46F5-A6AE-D1D9367A28CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe | 
"{B496C321-17DC-45FB-97F9-851DE22056A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\construct2\construct2.exe | 
"{BEA3851A-783A-4856-9EE3-89B6EA91488C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tower wars\tw.exe | 
"{C1CAAD05-7F7E-43F9-946C-5DEAC41B634B}" = dir=in | app=c:\brickforce\brickforce.exe | 
"{CAF2CB4B-2319-4C36-BDEB-8A7770D6B53D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe | 
"{D0E0412B-89B5-4F43-A244-13CA90A0D2AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\krater\run_game.exe | 
"{D5C1871E-A20C-47FB-84FB-4BFD4C2C95E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | 
"{D5F15880-F3FB-4784-BA0A-8B678A5C653C}" = dir=in | app=c:\brickforce\bflauncher.exe | 
"{D6CE96F5-8C10-485E-9F2D-A88413B735E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tower wars\tw.exe | 
"{E7B679C0-D66B-472F-AADE-6D48E9B9A138}" = protocol=17 | dir=in | app=c:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe | 
"{E933C90D-A481-4F88-838E-04DB31A41FD0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FF8CC193-6614-4FEC-9431-6E88EE48824F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\construct2\construct2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B39AC27-CF06-4D20-A3B6-5F1BD41A81E8}" = ESET Smart Security
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{32F437DA-BABA-CD62-E342-69FE17FAC771}" = ccc-utility64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{413C3B15-DCB6-4329-77B0-C20A3D9F010F}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FE78439-7CAA-45FE-A808-2D7A0FC98643}" = iTunes
"{64A3A4F4-B792-11D6-A78A-00B0D0170100}" = Java SE Development Kit 7 Update 10 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AFAAEAF-7256-793D-AE2B-B4B2C5B3A807}" = AMD Catalyst Install Manager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C0C31BCC-56FB-42A7-8766-D29E1BD74C7D}" = Python 2.7.3 (64-bit)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Blender" = Blender
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek
"{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FFBF70A-9D40-4C3C-8F6C-6C3237B419BA}" = Scrolls
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian
"{370CA4B0-A1D8-4863-A3C5-6879AEE1663A}" = Angry Birds
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional
"{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All
"{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile
"{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish
"{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch
"{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish
"{55F7D521-17CA-454D-9D4D-975EF2E10708}_is1" = Torchlight II
"{5DB849D6-9392-4FB7-9ABB-87ED433152E5}" = LG United Mobile Drivers
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 3.2.2.2
"{7FDEBC17-F2F8-4B66-BE25-A2DD59B44F61}" = LibreOffice 3.6
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F6F7194-0734-4CDA-8C04-6B766F2241A6}" = Camtasia Studio 8
"{91B1F7B1-9721-D228-F591-2C2A4695302C}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish
"{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German
"{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese
"{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish
"{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese
"{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E2CD3469-A161-4316-84C4-E82E817E02DF}" = CraftStudio
"{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = Catalyst Control Center
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE448EE9-3A6A-4BA3-B0EB-04D767570298}" = Crocodile Physics 604 DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"Brick-Force" = Brick-Force 
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Pro" = DAEMON Tools Pro
"FileZilla Client" = FileZilla Client 3.6.0.2
"Google Chrome" = Google Chrome
"HighwayNights" = Cobra 11 - Highway Nights (remove only)
"iFunbox_is1" = iFunbox (v2.1.2228.731), iFunbox DevTeam
"ImgBurn" = ImgBurn
"LG PC Suite" = LG PC Suite
"LogMeIn Hamachi" = LogMeIn Hamachi
"Minecraft Texturepack Editor" = Minecraft Texturepack Editor
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Scrolls 1.0.0" = Scrolls
"Steam App 105600" = Terraria
"Steam App 200900" = Cave Story+
"Steam App 214360" = Tower Wars
"Steam App 218130" = Dungeonland
"Steam App 219740" = Don't Starve
"Steam App 221260" = Little Inferno
"Steam App 224540" = Ace of Spades
"Steam App 227240" = Construct 2 Free
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 4000" = Garry's Mod
"Steam App 40800" = Super Meat Boy
"Steam App 42170" = Krater
"Unity" = Unity
"Usb Driver (Windows X32/X64) v1.0.0.5" = Usb Driver (Windows X32/X64) v1.0.0.5
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"XN Resource Editor_is1" = XNResourceEditor 3.0.0.1
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GameMaker81" = GameMaker 8.1
"GameMaker-Studio11" = GameMaker-Studio 1.1
"ROBOProFischertechnik" = ROBOPro (fischertechnik) Programm
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.03.2013 06:58:52 | Computer Name = Marc-PC | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 25.03.2013 06:58:53 | Computer Name = Marc-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 25.03.2013 07:00:08 | Computer Name = Marc-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.03.2013 07:03:28 | Computer Name = Marc-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 25.03.2013 09:11:19 | Computer Name = Marc-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.03.2013 16:23:46 | Computer Name = Marc-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\lg electronics\lg pc suite\LGPCSuite.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 25.03.2013 16:33:45 | Computer Name = Marc-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.03.2013 16:33:45 | Computer Name = Marc-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 999
 
Error - 25.03.2013 16:33:45 | Computer Name = Marc-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error - 26.03.2013 13:31:42 | Computer Name = Marc-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 22.03.2013 14:56:44 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 25.03.2013 06:58:52 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 25.03.2013 06:58:52 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 25.03.2013 06:59:22 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 25.03.2013 07:00:45 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 25.03.2013 07:00:45 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 25.03.2013 09:11:58 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 25.03.2013 09:11:58 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 26.03.2013 13:32:14 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 26.03.2013 13:32:14 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >

OTL.txt

Code:

ATTFilter

OTL logfile created on: 26.03.2013 18:35:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nutzer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,62 Gb Available Physical Memory | 85,20% Memory free
31,97 Gb Paging File | 29,20 Gb Available in Paging File | 91,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 833,76 Gb Total Space | 721,68 Gb Free Space | 86,56% Space Free | Partition Type: NTFS
Drive M: | 97,66 Gb Total Space | 86,18 Gb Free Space | 88,24% Space Free | Partition Type: NTFS
 
Computer Name: MARC-PC | User Name: Nutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nutzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
PRC - C:\Programme\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe (Advanced Micro Devices, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
SRV - (ekrn) -- C:\Programme\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ipadtst) -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys (Windows (R) Win 7 DDK provider)
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 25 69 4C 43 FC CF CD 01  [binary data]
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3364937439-2021353488-1822520321-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..network.proxy.http: "91.228.53.28"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Nutzer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.11 17:58:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.08 20:27:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.11 17:58:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.12.08 19:45:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\Extensions
[2013.03.22 21:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\Firefox\Profiles\qd1g40so.default\extensions
[2012.12.18 16:57:32 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Nutzer\AppData\Roaming\mozilla\Firefox\Profiles\qd1g40so.default\extensions\battlefieldplay4free@ea.com
[2013.03.15 21:18:59 | 000,000,000 | ---D | M] (Firefox OS Simulator) -- C:\Users\Nutzer\AppData\Roaming\mozilla\Firefox\Profiles\qd1g40so.default\extensions\r2d2b2g@mozilla.org
[2013.03.15 21:18:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\Firefox\Profiles\qd1g40so.default\extensions\r2d2b2g@mozilla.org\profile\extensions
[2012.12.08 19:45:37 | 000,615,655 | ---- | M] () (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\firefox\profiles\qd1g40so.default\extensions\testpilot@labs.mozilla.com.xpi
[2013.02.06 10:31:32 | 000,011,678 | ---- | M] () (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\firefox\profiles\qd1g40so.default\extensions\r2d2b2g@mozilla.org\profile\extensions\b2g-prosthesis@mozilla.org.xpi
[2013.02.06 10:31:42 | 000,236,193 | ---- | M] () (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\firefox\profiles\qd1g40so.default\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProvider.jsm
[2013.02.06 10:31:42 | 000,065,503 | ---- | M] () (No name found) -- C:\Users\Nutzer\AppData\Roaming\mozilla\firefox\profiles\qd1g40so.default\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProviderUtils.js
[2013.02.19 20:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.19 20:04:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2013.02.19 20:04:28 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.12.05 20:29:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.12.05 20:29:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.12.05 20:29:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.12.05 20:29:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.12.05 20:29:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.12.05 20:29:24 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.03.22 20:15:29 | 000,010,410 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 198.167.139.182 google.com
O1 - Hosts: 198.167.139.182 www.google.ae
O1 - Hosts: 198.167.139.182 www.google.com.af
O1 - Hosts: 198.167.139.182 www.google.com.ag
O1 - Hosts: 198.167.139.182 www.google.off.ai
O1 - Hosts: 198.167.139.182 www.google.am
O1 - Hosts: 198.167.139.182 www.google.com.ar
O1 - Hosts: 198.167.139.182 www.google.as
O1 - Hosts: 198.167.139.182 www.google.at
O1 - Hosts: 198.167.139.182 www.google.com.au
O1 - Hosts: 198.167.139.182 www.google.az
O1 - Hosts: 198.167.139.182 www.google.ba
O1 - Hosts: 198.167.139.182 www.google.com.bd
O1 - Hosts: 198.167.139.182 www.google.be
O1 - Hosts: 198.167.139.182 www.google.bg
O1 - Hosts: 198.167.139.182 www.google.com.bh
O1 - Hosts: 198.167.139.182 www.google.bi
O1 - Hosts: 198.167.139.182 www.google.com.bo
O1 - Hosts: 198.167.139.182 www.google.com.br
O1 - Hosts: 198.167.139.182 www.google.bs
O1 - Hosts: 198.167.139.182 www.google.co.bw
O1 - Hosts: 198.167.139.182 www.google.com.bz
O1 - Hosts: 198.167.139.182 www.google.ca
O1 - Hosts: 198.167.139.182 www.google.cd
O1 - Hosts: 198.167.139.182 www.google.cg
O1 - Hosts: 313 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A36C52A-0A7C-4983-AB4A-7F0FE506497D}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDCA2ABA-3EE6-41AA-B5F3-C1AA39D0708E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5e972332-9192-11e2-9f4b-d43d7e27d9f4}\Shell - "" = AutoRun
O33 - MountPoints2\{5e972332-9192-11e2-9f4b-d43d7e27d9f4}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.26 18:34:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nutzer\Desktop\OTL.exe
[2013.03.25 13:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.03.22 20:48:29 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Malwarebytes
[2013.03.22 20:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.22 19:50:25 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\judith_win
[2013.03.22 16:41:22 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\MC Bukkit Video
[2013.03.22 12:33:12 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr90.dll
[2013.03.22 12:33:12 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp90.dll
[2013.03.22 12:33:12 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcm90.dll
[2013.03.22 12:33:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll
[2013.03.22 12:33:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013.03.22 12:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2013.03.22 12:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2013.03.20 20:59:58 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\ML
[2013.03.20 20:53:23 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\LG Electronics
[2013.03.20 20:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
[2013.03.20 20:51:31 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\LG Electronics
[2013.03.20 20:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2013.03.14 16:31:34 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Pokemon
[2013.03.13 21:54:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.13 21:54:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.13 21:54:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.13 21:54:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.13 21:54:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.13 21:54:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.13 21:54:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.13 21:54:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.13 21:54:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.13 21:54:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.13 21:54:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.13 21:54:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.13 21:54:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.13 21:54:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.13 21:54:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.13 19:37:22 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\First Texture Pack 1.5
[2013.03.12 19:25:17 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\.idlerc
[2013.03.12 19:23:56 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013.03.12 19:23:38 | 000,000,000 | ---D | C] -- C:\Python27
[2013.03.11 17:59:56 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\Macroplant_LLC
[2013.03.11 17:59:44 | 000,223,760 | ---- | C] (EldoS Corporation) -- C:\Windows\SysWow64\CbFsNetRdr3.dll
[2013.03.11 17:59:44 | 000,190,480 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\CbFsMntNtf3.dll
[2013.03.11 17:59:44 | 000,158,224 | ---- | C] (EldoS Corporation) -- C:\Windows\SysWow64\CbFsMntNtf3.dll
[2013.03.11 17:59:44 | 000,141,328 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\CbFsNetRdr3.dll
[2013.03.11 17:59:22 | 000,352,144 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\cbfs3.sys
[2013.03.11 17:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
[2013.03.11 17:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iExplorer
[2013.03.11 17:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.03.11 17:49:26 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\Langeweile
[2013.03.07 20:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013.03.07 19:15:06 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\MC 1.5
[2013.03.07 18:38:20 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Desktop\MC Backup
[2013.03.05 20:01:12 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\CraftStudio
[2013.03.05 20:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CraftStudio
[2013.03.05 20:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CraftStudio
[2013.03.05 18:13:34 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Documents\First Project
[2013.03.05 17:32:09 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Unity
[2013.03.05 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\PACE Anti-Piracy
[2013.03.05 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\PACE Anti-Piracy
[2013.03.05 17:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2013.03.05 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\Unity
[2013.03.05 17:16:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects
[2013.03.05 17:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
[2013.03.05 17:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unity
[2013.03.05 17:08:12 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\.Comma Excess
[2013.03.03 16:52:51 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\Sonstige Spiele
[2013.03.02 11:50:02 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crocodile Clips
[2013.03.02 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crocodile Clips
[2013.03.02 11:49:03 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013.02.28 17:25:33 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\RetroCityRampage
[2013.02.27 22:10:46 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 22:10:46 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 22:10:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 22:10:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 22:10:44 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 22:10:44 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 22:10:37 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 22:10:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 22:10:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 22:10:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 22:10:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 22:10:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 22:10:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 22:10:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 22:10:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 22:10:36 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 22:10:36 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 22:10:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 22:10:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 22:10:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 22:10:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 22:10:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 22:10:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 22:10:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 22:10:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 22:10:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 22:10:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 22:10:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 22:10:35 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 22:10:35 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 22:10:35 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 22:10:35 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 22:10:35 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 22:10:35 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 22:10:34 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 22:10:34 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 22:10:34 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 22:10:34 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 22:10:33 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 22:10:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 22:10:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.26 16:56:18 | 000,000,000 | ---D | C] -- C:\Windows\de
[2013.02.26 16:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.02.26 16:54:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.02.26 16:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013.02.26 16:51:14 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\Windows Live
[2013.02.26 16:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013.02.25 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Audacity
[2013.02.25 20:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013.02.25 20:12:01 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Local\Programs
[2013.02.25 17:58:07 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\Blender Foundation
[2013.02.25 17:57:33 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\.thumbnails
[2013.02.25 17:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2013.02.25 17:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation
[2013.02.25 17:48:09 | 000,000,000 | ---D | C] -- C:\Users\Nutzer\AppData\Roaming\MAXON
[2013.02.25 17:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D
[2013.02.25 17:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema 4D R12
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.26 18:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nutzer\Desktop\OTL.exe
[2013.03.26 18:30:03 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.26 18:29:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.26 18:29:53 | 4281,737,214 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 22:27:38 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 22:27:38 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 22:21:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 21:45:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.22 19:50:02 | 011,443,389 | ---- | M] () -- C:\Users\Nutzer\Desktop\judith_win.zip
[2013.03.22 12:33:24 | 000,002,411 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013.03.22 12:33:12 | 000,000,837 | ---- | M] () -- C:\Users\Nutzer\Desktop\LGMobile Support Tool.lnk
[2013.03.22 11:32:53 | 005,561,287 | ---- | M] () -- C:\Users\Nutzer\Desktop\minecraft.jar
[2013.03.20 21:01:32 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.20 21:01:32 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.20 21:01:32 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.20 21:01:32 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.20 21:01:32 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.20 20:52:25 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013.03.13 19:46:12 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.13 19:46:12 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.13 19:23:25 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.13 19:08:03 | 000,286,523 | ---- | M] () -- C:\Users\Nutzer\Desktop\Animierte Texturen Vorlage.zip
[2013.03.12 18:51:45 | 179,080,652 | ---- | M] () -- C:\Users\Nutzer\Desktop\MinecraftClone.rar
[2013.03.11 22:15:46 | 006,495,768 | ---- | M] () -- C:\Users\Nutzer\Desktop\Cantina Band Remix.mp3
[2013.03.11 17:59:21 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2013.03.06 21:24:09 | 838,733,824 | ---- | M] () -- C:\Users\Nutzer\Desktop\Pizza War Game Super Run.camrec
[2013.03.06 21:22:13 | 000,004,608 | ---- | M] () -- C:\Users\Nutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.05 20:00:58 | 000,002,561 | ---- | M] () -- C:\Users\Public\Desktop\CraftStudio.lnk
[2013.03.05 17:58:56 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Unity.lnk
[2013.03.02 11:50:02 | 000,002,400 | ---- | M] () -- C:\Users\Nutzer\Desktop\Crocodile Physics 604.lnk
[2013.02.28 17:25:11 | 000,000,511 | ---- | M] () -- C:\Users\Nutzer\Desktop\Retro City Rampage.lnk
[2013.02.27 15:32:25 | 000,311,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.26 18:53:29 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.26 16:55:41 | 000,000,020 | ---- | M] () -- C:\Windows\Lö-
[2013.02.25 17:55:37 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk
[2013.02.25 17:48:01 | 000,001,559 | ---- | M] () -- C:\Users\Nutzer\Desktop\CINEMA 4D.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.22 19:49:50 | 011,443,389 | ---- | C] () -- C:\Users\Nutzer\Desktop\judith_win.zip
[2013.03.22 16:13:09 | 000,966,965 | ---- | C] () -- C:\Users\Nutzer\Desktop\YouTube Intro 1 Musik.wmv
[2013.03.22 12:33:12 | 000,000,837 | ---- | C] () -- C:\Users\Nutzer\Desktop\LGMobile Support Tool.lnk
[2013.03.22 12:33:07 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013.03.22 12:33:07 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013.03.20 20:52:25 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013.03.13 19:08:01 | 000,286,523 | ---- | C] () -- C:\Users\Nutzer\Desktop\Animierte Texturen Vorlage.zip
[2013.03.12 18:47:30 | 179,080,652 | ---- | C] () -- C:\Users\Nutzer\Desktop\MinecraftClone.rar
[2013.03.11 22:10:08 | 006,495,768 | ---- | C] () -- C:\Users\Nutzer\Desktop\Cantina Band Remix.mp3
[2013.03.11 17:59:21 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\iExplorer.lnk
[2013.03.06 21:23:23 | 838,733,824 | ---- | C] () -- C:\Users\Nutzer\Desktop\Pizza War Game Super Run.camrec
[2013.03.05 20:00:58 | 000,002,561 | ---- | C] () -- C:\Users\Public\Desktop\CraftStudio.lnk
[2013.03.05 17:58:56 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Unity.lnk
[2013.03.02 11:50:02 | 000,002,400 | ---- | C] () -- C:\Users\Nutzer\Desktop\Crocodile Physics 604.lnk
[2013.02.28 17:25:11 | 000,000,511 | ---- | C] () -- C:\Users\Nutzer\Desktop\Retro City Rampage.lnk
[2013.02.26 16:56:01 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013.02.26 16:55:50 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013.02.26 16:55:40 | 000,000,020 | ---- | C] () -- C:\Windows\Lö-
[2013.02.25 20:12:12 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.02.25 17:55:37 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk
[2013.02.25 17:48:01 | 000,001,559 | ---- | C] () -- C:\Users\Nutzer\Desktop\CINEMA 4D.lnk
[2013.01.04 20:20:32 | 000,004,608 | ---- | C] () -- C:\Users\Nutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.08 21:36:46 | 001,597,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.01 20:39:40 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 5632 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Nutzer\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Nutzer\Desktop\desktop.ini:gs5sys

< End of report >

cosinus · 26.03.2013, 22:45

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Mischmann · 26.03.2013, 23:07

Gmer.txt

Code:

ATTFilter

GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-26 22:55:07
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721010DLE630 rev.MS2OA650 931,51GB
Running: mgv1peny.exe; Driver: C:\Users\Nutzer\AppData\Local\Temp\kwtdypog.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1672] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                 00000000750487b1 4 bytes [C2, 04, 00, 00]
.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                      0000000075141465 2 bytes [14, 75]
.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                     00000000751414bb 2 bytes [14, 75]
.text  ...                                                                                                                                       * 2
.text  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075141465 2 bytes [14, 75]
.text  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000751414bb 2 bytes [14, 75]
.text  ...                                                                                                                                       * 2

---- EOF - GMER 2.1 ----

Malware findet nichts und sagt, dass kein Restart (CleanUp) nötig sei.

Malware Log

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.26.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Nutzer :: MARC-PC [administrator]

26.03.2013 23:05:27
mbar-log-2013-03-26 (23-05-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30214
Time elapsed: 6 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cosinus · 27.03.2013, 00:05

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Mischmann · 27.03.2013, 13:06

aswMBR.txt

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-27 12:36:36
-----------------------------
12:36:36.202    OS Version: Windows x64 6.1.7601 Service Pack 1
12:36:36.202    Number of processors: 6 586 0x102
12:36:36.203    ComputerName: MARC-PC  UserName: Nutzer
12:36:41.382    Initialize success
12:38:56.337    AVAST engine defs: 13032601
12:39:48.947    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:39:48.950    Disk 0 Vendor: Hitachi_HDS721010DLE630 MS2OA650 Size: 953869MB BusType: 3
12:39:49.014    Disk 0 MBR read successfully
12:39:49.018    Disk 0 MBR scan
12:39:49.048    Disk 0 Windows 7 default MBR code
12:39:49.051    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
12:39:49.081    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       853767 MB offset 206848
12:39:49.129    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        99999 MB offset 1748721664
12:39:49.202    Disk 0 scanning C:\Windows\system32\drivers
12:40:04.141    Service scanning
12:40:16.131    Service MSICDSetup D:\CDriver64.sys **LOCKED** 21
12:40:17.873    Service NTIOLib_1_0_C D:\NTIOLib_X64.sys **LOCKED** 21
12:40:31.260    Modules scanning
12:40:31.280    Disk 0 trace - called modules:
12:40:31.386    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
12:40:31.395    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d750060]
12:40:31.404    3 CLASSPNP.SYS[fffff8800188443f] -> nt!IofCallDriver -> [0xfffffa800d6639b0]
12:40:31.413    5 ACPI.sys[fffff88000f0a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d740060]
12:40:32.763    AVAST engine scan C:\Windows
12:40:35.071    AVAST engine scan C:\Windows\system32
12:44:49.877    AVAST engine scan C:\Windows\system32\drivers
12:45:02.711    AVAST engine scan C:\Users\Nutzer
12:57:59.632    AVAST engine scan C:\ProgramData
12:58:30.165    Scan finished successfully
13:03:35.818    Disk 0 MBR has been saved successfully to "C:\Users\Nutzer\Desktop\MBR.dat"
13:03:35.840    The log file has been saved successfully to "C:\Users\Nutzer\Desktop\aswMBR.txt"

TDSSKiller.txt

Code:

ATTFilter

13:04:42.0494 4416  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:04:42.0678 4416  ============================================================
13:04:42.0678 4416  Current date / time: 2013/03/27 13:04:42.0678
13:04:42.0678 4416  SystemInfo:
13:04:42.0678 4416  
13:04:42.0678 4416  OS Version: 6.1.7601 ServicePack: 1.0
13:04:42.0678 4416  Product type: Workstation
13:04:42.0678 4416  ComputerName: MARC-PC
13:04:42.0679 4416  UserName: Nutzer
13:04:42.0679 4416  Windows directory: C:\Windows
13:04:42.0679 4416  System windows directory: C:\Windows
13:04:42.0679 4416  Running under WOW64
13:04:42.0679 4416  Processor architecture: Intel x64
13:04:42.0679 4416  Number of processors: 6
13:04:42.0679 4416  Page size: 0x1000
13:04:42.0679 4416  Boot type: Normal boot
13:04:42.0679 4416  ============================================================
13:04:43.0953 4416  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:04:44.0041 4416  ============================================================
13:04:44.0041 4416  \Device\Harddisk0\DR0:
13:04:44.0042 4416  MBR partitions:
13:04:44.0042 4416  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:04:44.0042 4416  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x68383800
13:04:44.0042 4416  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x683B6000, BlocksNum 0xC34F800
13:04:44.0042 4416  ============================================================
13:04:44.0056 4416  C: <-> \Device\Harddisk0\DR0\Partition2
13:04:44.0111 4416  M: <-> \Device\Harddisk0\DR0\Partition3
13:04:44.0111 4416  ============================================================
13:04:44.0111 4416  Initialize success
13:04:44.0111 4416  ============================================================
13:04:52.0474 4928  ============================================================
13:04:52.0475 4928  Scan started
13:04:52.0475 4928  Mode: Manual; SigCheck; TDLFS; 
13:04:52.0475 4928  ============================================================
13:04:53.0879 4928  ================ Scan system memory ========================
13:04:53.0879 4928  System memory - ok
13:04:53.0880 4928  ================ Scan services =============================
13:04:53.0991 4928  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:04:54.0066 4928  1394ohci - ok
13:04:54.0084 4928  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:04:54.0102 4928  ACPI - ok
13:04:54.0115 4928  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:04:54.0140 4928  AcpiPmi - ok
13:04:54.0187 4928  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:04:54.0199 4928  AdobeARMservice - ok
13:04:54.0261 4928  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:04:54.0275 4928  AdobeFlashPlayerUpdateSvc - ok
13:04:54.0308 4928  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:04:54.0328 4928  adp94xx - ok
13:04:54.0365 4928  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:04:54.0381 4928  adpahci - ok
13:04:54.0393 4928  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:04:54.0407 4928  adpu320 - ok
13:04:54.0427 4928  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:04:54.0471 4928  AeLookupSvc - ok
13:04:54.0504 4928  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:04:54.0529 4928  AFD - ok
13:04:54.0559 4928  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:04:54.0570 4928  agp440 - ok
13:04:54.0592 4928  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:04:54.0627 4928  ALG - ok
13:04:54.0645 4928  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:04:54.0654 4928  aliide - ok
13:04:54.0696 4928  AMD FUEL Service - ok
13:04:54.0699 4928  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:04:54.0708 4928  amdide - ok
13:04:54.0733 4928  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
13:04:54.0751 4928  amdiox64 - ok
13:04:54.0776 4928  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:04:54.0796 4928  AmdK8 - ok
13:04:54.0818 4928  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:04:54.0844 4928  AmdPPM - ok
13:04:54.0864 4928  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:04:54.0874 4928  amdsata - ok
13:04:54.0881 4928  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:04:54.0892 4928  amdsbs - ok
13:04:54.0906 4928  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:04:54.0915 4928  amdxata - ok
13:04:54.0942 4928  [ 8660C7BFE2CBA7E0B3F5D9ECD05D780E ] AndNetDiag      C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
13:04:54.0964 4928  AndNetDiag - ok
13:04:54.0973 4928  [ 620F9CDFC8987FE26F6E0DC37D645B45 ] ANDNetModem     C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
13:04:54.0983 4928  ANDNetModem - ok
13:04:55.0004 4928  [ F312FAD7DBD49ED21A194AC71B497832 ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:04:55.0012 4928  AODDriver4.01 - ok
13:04:55.0039 4928  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:04:55.0079 4928  AppID - ok
13:04:55.0096 4928  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:04:55.0135 4928  AppIDSvc - ok
13:04:55.0145 4928  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:04:55.0181 4928  Appinfo - ok
13:04:55.0224 4928  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:04:55.0246 4928  Apple Mobile Device - ok
13:04:55.0261 4928  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:04:55.0271 4928  arc - ok
13:04:55.0275 4928  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:04:55.0285 4928  arcsas - ok
13:04:55.0362 4928  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:04:55.0371 4928  aspnet_state - ok
13:04:55.0400 4928  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:04:55.0439 4928  AsyncMac - ok
13:04:55.0450 4928  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:04:55.0459 4928  atapi - ok
13:04:55.0483 4928  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
13:04:55.0491 4928  AtiPcie - ok
13:04:55.0527 4928  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:04:55.0585 4928  AudioEndpointBuilder - ok
13:04:55.0594 4928  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:04:55.0629 4928  AudioSrv - ok
13:04:55.0648 4928  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:04:55.0684 4928  AxInstSV - ok
13:04:55.0717 4928  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:04:55.0745 4928  b06bdrv - ok
13:04:55.0772 4928  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:04:55.0796 4928  b57nd60a - ok
13:04:55.0840 4928  [ 44E6E51AEDBF3E0B38A6CD5432649E57 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
13:04:55.0866 4928  BCMH43XX - ok
13:04:55.0881 4928  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:04:55.0910 4928  BDESVC - ok
13:04:55.0930 4928  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:04:55.0967 4928  Beep - ok
13:04:55.0988 4928  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:04:56.0038 4928  BFE - ok
13:04:56.0061 4928  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:04:56.0111 4928  BITS - ok
13:04:56.0133 4928  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:04:56.0148 4928  blbdrive - ok
13:04:56.0166 4928  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:04:56.0181 4928  Bonjour Service - ok
13:04:56.0203 4928  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:04:56.0226 4928  bowser - ok
13:04:56.0239 4928  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:04:56.0259 4928  BrFiltLo - ok
13:04:56.0274 4928  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:04:56.0286 4928  BrFiltUp - ok
13:04:56.0309 4928  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:04:56.0321 4928  Browser - ok
13:04:56.0336 4928  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:04:56.0353 4928  Brserid - ok
13:04:56.0364 4928  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:04:56.0384 4928  BrSerWdm - ok
13:04:56.0387 4928  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:04:56.0406 4928  BrUsbMdm - ok
13:04:56.0408 4928  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:04:56.0418 4928  BrUsbSer - ok
13:04:56.0421 4928  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:04:56.0439 4928  BTHMODEM - ok
13:04:56.0453 4928  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:04:56.0484 4928  bthserv - ok
13:04:56.0524 4928  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
13:04:56.0539 4928  cbfs3 - ok
13:04:56.0563 4928  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:04:56.0596 4928  cdfs - ok
13:04:56.0616 4928  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:04:56.0627 4928  cdrom - ok
13:04:56.0642 4928  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:04:56.0696 4928  CertPropSvc - ok
13:04:56.0711 4928  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:04:56.0732 4928  circlass - ok
13:04:56.0754 4928  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:04:56.0773 4928  CLFS - ok
13:04:56.0841 4928  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:04:56.0851 4928  clr_optimization_v2.0.50727_32 - ok
13:04:56.0879 4928  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:04:56.0888 4928  clr_optimization_v2.0.50727_64 - ok
13:04:56.0952 4928  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:04:56.0967 4928  clr_optimization_v4.0.30319_32 - ok
13:04:56.0977 4928  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:04:56.0991 4928  clr_optimization_v4.0.30319_64 - ok
13:04:57.0012 4928  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:04:57.0035 4928  CmBatt - ok
13:04:57.0041 4928  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:04:57.0055 4928  cmdide - ok
13:04:57.0081 4928  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:04:57.0111 4928  CNG - ok
13:04:57.0115 4928  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:04:57.0124 4928  Compbatt - ok
13:04:57.0139 4928  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:04:57.0161 4928  CompositeBus - ok
13:04:57.0168 4928  COMSysApp - ok
13:04:57.0184 4928  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:04:57.0193 4928  crcdisk - ok
13:04:57.0219 4928  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:04:57.0247 4928  CryptSvc - ok
13:04:57.0272 4928  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:04:57.0317 4928  DcomLaunch - ok
13:04:57.0341 4928  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:04:57.0387 4928  defragsvc - ok
13:04:57.0416 4928  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:04:57.0452 4928  DfsC - ok
13:04:57.0476 4928  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:04:57.0504 4928  Dhcp - ok
13:04:57.0512 4928  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:04:57.0552 4928  discache - ok
13:04:57.0576 4928  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:04:57.0586 4928  Disk - ok
13:04:57.0603 4928  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:04:57.0622 4928  Dnscache - ok
13:04:57.0637 4928  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:04:57.0674 4928  dot3svc - ok
13:04:57.0690 4928  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:04:57.0731 4928  DPS - ok
13:04:57.0764 4928  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:04:57.0797 4928  drmkaud - ok
13:04:57.0865 4928  [ 821BF177A24172F5F0EE9B322F58516C ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:04:57.0889 4928  dtsoftbus01 - ok
13:04:57.0917 4928  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:04:57.0943 4928  DXGKrnl - ok
13:04:57.0969 4928  [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
13:04:57.0980 4928  eamonm - ok
13:04:57.0990 4928  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:04:58.0028 4928  EapHost - ok
13:04:58.0070 4928  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:04:58.0134 4928  ebdrv - ok
13:04:58.0155 4928  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:04:58.0178 4928  EFS - ok
13:04:58.0211 4928  [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
13:04:58.0221 4928  ehdrv - ok
13:04:58.0268 4928  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:04:58.0294 4928  ehRecvr - ok
13:04:58.0313 4928  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:04:58.0335 4928  ehSched - ok
13:04:58.0387 4928  [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
13:04:58.0427 4928  ekrn - ok
13:04:58.0449 4928  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:04:58.0466 4928  elxstor - ok
13:04:58.0482 4928  [ 587F0F4145A1536A6E37EFD769B7665F ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
13:04:58.0492 4928  epfw - ok
13:04:58.0508 4928  [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
13:04:58.0516 4928  EpfwLWF - ok
13:04:58.0534 4928  [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
13:04:58.0543 4928  epfwwfp - ok
13:04:58.0556 4928  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:04:58.0574 4928  ErrDev - ok
13:04:58.0606 4928  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:04:58.0650 4928  EventSystem - ok
13:04:58.0664 4928  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:04:58.0695 4928  exfat - ok
13:04:58.0723 4928  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:04:58.0770 4928  fastfat - ok
13:04:58.0802 4928  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:04:58.0825 4928  Fax - ok
13:04:58.0835 4928  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:04:58.0855 4928  fdc - ok
13:04:58.0872 4928  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:04:58.0901 4928  fdPHost - ok
13:04:58.0912 4928  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:04:58.0943 4928  FDResPub - ok
13:04:59.0000 4928  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:04:59.0024 4928  FileInfo - ok
13:04:59.0034 4928  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:04:59.0092 4928  Filetrace - ok
13:04:59.0111 4928  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:04:59.0122 4928  flpydisk - ok
13:04:59.0136 4928  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:04:59.0150 4928  FltMgr - ok
13:04:59.0244 4928  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:04:59.0271 4928  FontCache - ok
13:04:59.0307 4928  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:04:59.0314 4928  FontCache3.0.0.0 - ok
13:04:59.0325 4928  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:04:59.0335 4928  FsDepends - ok
13:04:59.0361 4928  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:04:59.0370 4928  Fs_Rec - ok
13:04:59.0404 4928  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:04:59.0419 4928  fvevol - ok
13:04:59.0446 4928  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:04:59.0456 4928  gagp30kx - ok
13:04:59.0479 4928  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:04:59.0487 4928  GEARAspiWDM - ok
13:04:59.0519 4928  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:04:59.0559 4928  gpsvc - ok
13:04:59.0620 4928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:04:59.0633 4928  gupdate - ok
13:04:59.0636 4928  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:04:59.0645 4928  gupdatem - ok
13:04:59.0665 4928  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:04:59.0674 4928  hamachi - ok
13:04:59.0800 4928  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:04:59.0849 4928  Hamachi2Svc - ok
13:04:59.0865 4928  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:04:59.0883 4928  hcw85cir - ok
13:04:59.0916 4928  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:04:59.0937 4928  HdAudAddService - ok
13:04:59.0954 4928  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:04:59.0968 4928  HDAudBus - ok
13:04:59.0971 4928  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:04:59.0992 4928  HidBatt - ok
13:04:59.0996 4928  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:05:00.0009 4928  HidBth - ok
13:05:00.0013 4928  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:05:00.0026 4928  HidIr - ok
13:05:00.0041 4928  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:05:00.0072 4928  hidserv - ok
13:05:00.0095 4928  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:05:00.0106 4928  HidUsb - ok
13:05:00.0123 4928  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:05:00.0163 4928  hkmsvc - ok
13:05:00.0180 4928  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:05:00.0199 4928  HomeGroupListener - ok
13:05:00.0211 4928  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:05:00.0228 4928  HomeGroupProvider - ok
13:05:00.0246 4928  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:05:00.0256 4928  HpSAMD - ok
13:05:00.0287 4928  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:05:00.0337 4928  HTTP - ok
13:05:00.0345 4928  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:05:00.0354 4928  hwpolicy - ok
13:05:00.0371 4928  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:05:00.0382 4928  i8042prt - ok
13:05:00.0406 4928  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:05:00.0422 4928  iaStorV - ok
13:05:00.0464 4928  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:05:00.0484 4928  idsvc - ok
13:05:00.0506 4928  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:05:00.0516 4928  iirsp - ok
13:05:00.0542 4928  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:05:00.0591 4928  IKEEXT - ok
13:05:00.0663 4928  [ 47E33B715F7A1723C3536E48FDFD0E21 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:05:00.0724 4928  IntcAzAudAddService - ok
13:05:00.0733 4928  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:05:00.0742 4928  intelide - ok
13:05:00.0765 4928  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:05:00.0780 4928  intelppm - ok
13:05:00.0819 4928  [ EFB79287207C8FBFE96BE1CE81CDD94E ] ipadtst         C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys
13:05:00.0828 4928  ipadtst - ok
13:05:00.0846 4928  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:05:00.0889 4928  IPBusEnum - ok
13:05:00.0893 4928  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:05:00.0922 4928  IpFilterDriver - ok
13:05:00.0941 4928  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:05:00.0971 4928  iphlpsvc - ok
13:05:00.0991 4928  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:05:01.0010 4928  IPMIDRV - ok
13:05:01.0014 4928  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:05:01.0048 4928  IPNAT - ok
13:05:01.0085 4928  [ 44886233135241F3990724082EB104EE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:05:01.0101 4928  iPod Service - ok
13:05:01.0118 4928  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:05:01.0144 4928  IRENUM - ok
13:05:01.0161 4928  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:05:01.0170 4928  isapnp - ok
13:05:01.0190 4928  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:05:01.0204 4928  iScsiPrt - ok
13:05:01.0223 4928  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:05:01.0233 4928  kbdclass - ok
13:05:01.0254 4928  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:05:01.0278 4928  kbdhid - ok
13:05:01.0288 4928  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:05:01.0301 4928  KeyIso - ok
13:05:01.0326 4928  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:05:01.0337 4928  KSecDD - ok
13:05:01.0346 4928  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:05:01.0358 4928  KSecPkg - ok
13:05:01.0371 4928  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:05:01.0407 4928  ksthunk - ok
13:05:01.0429 4928  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:05:01.0474 4928  KtmRm - ok
13:05:01.0503 4928  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:05:01.0536 4928  LanmanServer - ok
13:05:01.0547 4928  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:05:01.0588 4928  LanmanWorkstation - ok
13:05:01.0617 4928  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:05:01.0656 4928  lltdio - ok
13:05:01.0683 4928  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:05:01.0716 4928  lltdsvc - ok
13:05:01.0728 4928  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:05:01.0762 4928  lmhosts - ok
13:05:01.0797 4928  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:05:01.0807 4928  LSI_FC - ok
13:05:01.0812 4928  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:05:01.0822 4928  LSI_SAS - ok
13:05:01.0830 4928  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:05:01.0840 4928  LSI_SAS2 - ok
13:05:01.0844 4928  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:05:01.0855 4928  LSI_SCSI - ok
13:05:01.0875 4928  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:05:01.0914 4928  luafv - ok
13:05:01.0934 4928  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:05:01.0956 4928  Mcx2Svc - ok
13:05:01.0960 4928  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:05:01.0969 4928  megasas - ok
13:05:01.0986 4928  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:05:01.0999 4928  MegaSR - ok
13:05:02.0012 4928  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:05:02.0048 4928  MMCSS - ok
13:05:02.0058 4928  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:05:02.0094 4928  Modem - ok
13:05:02.0104 4928  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:05:02.0127 4928  monitor - ok
13:05:02.0149 4928  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:05:02.0158 4928  mouclass - ok
13:05:02.0164 4928  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:05:02.0180 4928  mouhid - ok
13:05:02.0193 4928  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:05:02.0203 4928  mountmgr - ok
13:05:02.0240 4928  [ 59EA30F848EC832E7CEC6F56F428C24B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:05:02.0249 4928  MozillaMaintenance - ok
13:05:02.0278 4928  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:05:02.0289 4928  mpio - ok
13:05:02.0300 4928  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:05:02.0331 4928  mpsdrv - ok
13:05:02.0356 4928  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:05:02.0397 4928  MpsSvc - ok
13:05:02.0405 4928  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:05:02.0429 4928  MRxDAV - ok
13:05:02.0493 4928  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:05:02.0540 4928  mrxsmb - ok
13:05:02.0556 4928  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:05:02.0572 4928  mrxsmb10 - ok
13:05:02.0580 4928  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:05:02.0590 4928  mrxsmb20 - ok
13:05:02.0605 4928  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:05:02.0614 4928  msahci - ok
13:05:02.0631 4928  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:05:02.0641 4928  msdsm - ok
13:05:02.0656 4928  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:05:02.0682 4928  MSDTC - ok
13:05:02.0703 4928  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:05:02.0741 4928  Msfs - ok
13:05:02.0748 4928  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:05:02.0783 4928  mshidkmdf - ok
13:05:02.0789 4928  MSICDSetup - ok
13:05:02.0804 4928  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:05:02.0813 4928  msisadrv - ok
13:05:02.0836 4928  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:05:02.0878 4928  MSiSCSI - ok
13:05:02.0881 4928  msiserver - ok
13:05:02.0912 4928  [ 7B1270DEE500C2A912DCA3D9E161174B ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
13:05:02.0921 4928  MSI_SuperCharger - ok
13:05:02.0939 4928  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:05:02.0980 4928  MSKSSRV - ok
13:05:02.0990 4928  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:05:03.0027 4928  MSPCLOCK - ok
13:05:03.0030 4928  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:05:03.0062 4928  MSPQM - ok
13:05:03.0079 4928  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:05:03.0094 4928  MsRPC - ok
13:05:03.0103 4928  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:05:03.0112 4928  mssmbios - ok
13:05:03.0119 4928  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:05:03.0152 4928  MSTEE - ok
13:05:03.0155 4928  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:05:03.0165 4928  MTConfig - ok
13:05:03.0172 4928  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:05:03.0181 4928  Mup - ok
13:05:03.0201 4928  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:05:03.0251 4928  napagent - ok
13:05:03.0280 4928  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:05:03.0320 4928  NativeWifiP - ok
13:05:03.0387 4928  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:05:03.0423 4928  NDIS - ok
13:05:03.0446 4928  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:05:03.0476 4928  NdisCap - ok
13:05:03.0514 4928  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:05:03.0543 4928  NdisTapi - ok
13:05:03.0571 4928  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:05:03.0628 4928  Ndisuio - ok
13:05:03.0655 4928  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:05:03.0691 4928  NdisWan - ok
13:05:03.0717 4928  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:05:03.0746 4928  NDProxy - ok
13:05:03.0770 4928  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:05:03.0810 4928  NetBIOS - ok
13:05:03.0815 4928  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:05:03.0847 4928  NetBT - ok
13:05:03.0863 4928  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:05:03.0872 4928  Netlogon - ok
13:05:03.0897 4928  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:05:03.0932 4928  Netman - ok
13:05:03.0961 4928  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:05:03.0970 4928  NetMsmqActivator - ok
13:05:03.0974 4928  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:05:03.0984 4928  NetPipeActivator - ok
13:05:03.0991 4928  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:05:04.0040 4928  netprofm - ok
13:05:04.0043 4928  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:05:04.0052 4928  NetTcpActivator - ok
13:05:04.0055 4928  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:05:04.0065 4928  NetTcpPortSharing - ok
13:05:04.0097 4928  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:05:04.0107 4928  nfrd960 - ok
13:05:04.0122 4928  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:05:04.0164 4928  NlaSvc - ok
13:05:04.0178 4928  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:05:04.0208 4928  Npfs - ok
13:05:04.0216 4928  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:05:04.0256 4928  nsi - ok
13:05:04.0267 4928  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:05:04.0306 4928  nsiproxy - ok
13:05:04.0346 4928  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:05:04.0384 4928  Ntfs - ok
13:05:04.0414 4928  [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_1_0_3   C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
13:05:04.0422 4928  NTIOLib_1_0_3 - ok
13:05:04.0431 4928  NTIOLib_1_0_C - ok
13:05:04.0446 4928  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:05:04.0485 4928  Null - ok
13:05:04.0514 4928  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:05:04.0524 4928  NVHDA - ok
13:05:04.0673 4928  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:05:04.0836 4928  nvlddmkm - ok
13:05:04.0861 4928  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:05:04.0872 4928  nvraid - ok
13:05:04.0897 4928  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:05:04.0908 4928  nvstor - ok
13:05:04.0942 4928  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:05:04.0966 4928  nvsvc - ok
13:05:05.0013 4928  [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:05:05.0043 4928  nvUpdatusService - ok
13:05:05.0062 4928  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:05:05.0073 4928  nv_agp - ok
13:05:05.0076 4928  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:05:05.0094 4928  ohci1394 - ok
13:05:05.0122 4928  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:05:05.0142 4928  p2pimsvc - ok
13:05:05.0157 4928  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:05:05.0172 4928  p2psvc - ok
13:05:05.0197 4928  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:05:05.0220 4928  Parport - ok
13:05:05.0239 4928  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:05:05.0249 4928  partmgr - ok
13:05:05.0268 4928  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:05:05.0292 4928  PcaSvc - ok
13:05:05.0309 4928  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:05:05.0320 4928  pci - ok
13:05:05.0327 4928  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:05:05.0336 4928  pciide - ok
13:05:05.0356 4928  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:05:05.0368 4928  pcmcia - ok
13:05:05.0381 4928  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:05:05.0390 4928  pcw - ok
13:05:05.0399 4928  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:05:05.0449 4928  PEAUTH - ok
13:05:05.0503 4928  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:05:05.0525 4928  PerfHost - ok
13:05:05.0564 4928  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:05:05.0617 4928  pla - ok
13:05:05.0647 4928  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:05:05.0669 4928  PlugPlay - ok
13:05:05.0693 4928  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:05:05.0703 4928  PNRPAutoReg - ok
13:05:05.0714 4928  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:05:05.0727 4928  PNRPsvc - ok
13:05:05.0751 4928  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:05:05.0795 4928  PolicyAgent - ok
13:05:05.0819 4928  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:05:05.0856 4928  Power - ok
13:05:05.0882 4928  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:05:05.0938 4928  PptpMiniport - ok
13:05:05.0952 4928  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:05:05.0962 4928  Processor - ok
13:05:05.0988 4928  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:05:06.0012 4928  ProfSvc - ok
13:05:06.0020 4928  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:05:06.0030 4928  ProtectedStorage - ok
13:05:06.0053 4928  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:05:06.0095 4928  Psched - ok
13:05:06.0127 4928  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:05:06.0163 4928  ql2300 - ok
13:05:06.0177 4928  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:05:06.0187 4928  ql40xx - ok
13:05:06.0212 4928  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:05:06.0230 4928  QWAVE - ok
13:05:06.0239 4928  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:05:06.0257 4928  QWAVEdrv - ok
13:05:06.0269 4928  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:05:06.0306 4928  RasAcd - ok
13:05:06.0334 4928  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:05:06.0363 4928  RasAgileVpn - ok
13:05:06.0372 4928  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:05:06.0407 4928  RasAuto - ok
13:05:06.0415 4928  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:05:06.0444 4928  Rasl2tp - ok
13:05:06.0470 4928  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:05:06.0504 4928  RasMan - ok
13:05:06.0511 4928  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:05:06.0549 4928  RasPppoe - ok
13:05:06.0569 4928  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:05:06.0606 4928  RasSstp - ok
13:05:06.0617 4928  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:05:06.0650 4928  rdbss - ok
13:05:06.0660 4928  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:05:06.0678 4928  rdpbus - ok
13:05:06.0692 4928  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:05:06.0721 4928  RDPCDD - ok
13:05:06.0733 4928  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:05:06.0767 4928  RDPENCDD - ok
13:05:06.0780 4928  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:05:06.0810 4928  RDPREFMP - ok
13:05:06.0831 4928  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:05:06.0843 4928  RDPWD - ok
13:05:06.0858 4928  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:05:06.0871 4928  rdyboost - ok
13:05:06.0887 4928  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:05:06.0918 4928  RemoteAccess - ok
13:05:06.0925 4928  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:05:06.0960 4928  RemoteRegistry - ok
13:05:06.0982 4928  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:05:07.0016 4928  RpcEptMapper - ok
13:05:07.0027 4928  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:05:07.0047 4928  RpcLocator - ok
13:05:07.0072 4928  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:05:07.0107 4928  RpcSs - ok
13:05:07.0124 4928  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:05:07.0154 4928  rspndr - ok
13:05:07.0186 4928  [ 39A719875F572241C585A629EE62EB14 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:05:07.0202 4928  RTL8167 - ok
13:05:07.0213 4928  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:05:07.0224 4928  SamSs - ok
13:05:07.0236 4928  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:05:07.0246 4928  sbp2port - ok
13:05:07.0259 4928  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:05:07.0291 4928  SCardSvr - ok
13:05:07.0323 4928  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:05:07.0378 4928  scfilter - ok
13:05:07.0402 4928  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:05:07.0458 4928  Schedule - ok
13:05:07.0483 4928  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:05:07.0512 4928  SCPolicySvc - ok
13:05:07.0531 4928  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:05:07.0553 4928  SDRSVC - ok
13:05:07.0584 4928  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:05:07.0625 4928  secdrv - ok
13:05:07.0632 4928  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:05:07.0662 4928  seclogon - ok
13:05:07.0679 4928  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:05:07.0710 4928  SENS - ok
13:05:07.0720 4928  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:05:07.0737 4928  SensrSvc - ok
13:05:07.0753 4928  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:05:07.0770 4928  Serenum - ok
13:05:07.0789 4928  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:05:07.0805 4928  Serial - ok
13:05:07.0829 4928  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:05:07.0847 4928  sermouse - ok
13:05:07.0864 4928  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:05:07.0893 4928  SessionEnv - ok
13:05:07.0897 4928  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:05:07.0909 4928  sffdisk - ok
13:05:07.0912 4928  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:05:07.0935 4928  sffp_mmc - ok
13:05:07.0938 4928  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:05:07.0957 4928  sffp_sd - ok
13:05:07.0960 4928  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:05:07.0975 4928  sfloppy - ok
13:05:07.0997 4928  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:05:08.0031 4928  SharedAccess - ok
13:05:08.0046 4928  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:05:08.0090 4928  ShellHWDetection - ok
13:05:08.0106 4928  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:05:08.0116 4928  SiSRaid2 - ok
13:05:08.0128 4928  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:05:08.0138 4928  SiSRaid4 - ok
13:05:08.0183 4928  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:05:08.0206 4928  SkypeUpdate - ok
13:05:08.0224 4928  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:05:08.0256 4928  Smb - ok
13:05:08.0279 4928  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:05:08.0290 4928  SNMPTRAP - ok
13:05:08.0307 4928  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:05:08.0316 4928  spldr - ok
13:05:08.0334 4928  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:05:08.0353 4928  Spooler - ok
13:05:08.0400 4928  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:05:08.0483 4928  sppsvc - ok
13:05:08.0498 4928  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:05:08.0528 4928  sppuinotify - ok
13:05:08.0547 4928  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:05:08.0572 4928  srv - ok
13:05:08.0587 4928  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:05:08.0613 4928  srv2 - ok
13:05:08.0639 4928  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:05:08.0650 4928  srvnet - ok
13:05:08.0677 4928  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:05:08.0710 4928  SSDPSRV - ok
13:05:08.0722 4928  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:05:08.0754 4928  SstpSvc - ok
13:05:08.0780 4928  Steam Client Service - ok
13:05:08.0824 4928  [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:05:08.0837 4928  Stereo Service - ok
13:05:08.0856 4928  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:05:08.0865 4928  stexstor - ok
13:05:08.0907 4928  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:05:08.0945 4928  stisvc - ok
13:05:08.0956 4928  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:05:08.0965 4928  swenum - ok
13:05:08.0986 4928  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:05:09.0023 4928  swprv - ok
13:05:09.0052 4928  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:05:09.0098 4928  SysMain - ok
13:05:09.0116 4928  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:05:09.0132 4928  TabletInputService - ok
13:05:09.0138 4928  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:05:09.0181 4928  TapiSrv - ok
13:05:09.0195 4928  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:05:09.0228 4928  TBS - ok
13:05:09.0393 4928  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:05:09.0442 4928  Tcpip - ok
13:05:09.0468 4928  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:05:09.0502 4928  TCPIP6 - ok
13:05:09.0520 4928  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:05:09.0530 4928  tcpipreg - ok
13:05:09.0547 4928  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:05:09.0564 4928  TDPIPE - ok
13:05:09.0580 4928  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:05:09.0603 4928  TDTCP - ok
13:05:09.0620 4928  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:05:09.0649 4928  tdx - ok
13:05:09.0663 4928  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:05:09.0672 4928  TermDD - ok
13:05:09.0698 4928  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:05:09.0741 4928  TermService - ok
13:05:09.0756 4928  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:05:09.0771 4928  Themes - ok
13:05:09.0788 4928  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:05:09.0818 4928  THREADORDER - ok
13:05:09.0834 4928  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:05:09.0873 4928  TrkWks - ok
13:05:09.0905 4928  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:05:09.0935 4928  TrustedInstaller - ok
13:05:09.0945 4928  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:05:09.0983 4928  tssecsrv - ok
13:05:10.0009 4928  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:05:10.0019 4928  TsUsbFlt - ok
13:05:10.0022 4928  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:05:10.0032 4928  TsUsbGD - ok
13:05:10.0053 4928  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:05:10.0090 4928  tunnel - ok
13:05:10.0094 4928  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:05:10.0103 4928  uagp35 - ok
13:05:10.0118 4928  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:05:10.0161 4928  udfs - ok
13:05:10.0185 4928  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:05:10.0210 4928  UI0Detect - ok
13:05:10.0231 4928  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:05:10.0241 4928  uliagpkx - ok
13:05:10.0253 4928  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:05:10.0269 4928  umbus - ok
13:05:10.0272 4928  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:05:10.0289 4928  UmPass - ok
13:05:10.0298 4928  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:05:10.0343 4928  upnphost - ok
13:05:10.0382 4928  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:05:10.0392 4928  USBAAPL64 - ok
13:05:10.0416 4928  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:05:10.0427 4928  usbccgp - ok
13:05:10.0452 4928  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:05:10.0473 4928  usbcir - ok
13:05:10.0486 4928  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:05:10.0502 4928  usbehci - ok
13:05:10.0521 4928  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:05:10.0528 4928  usbfilter - ok
13:05:10.0534 4928  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:05:10.0557 4928  usbhub - ok
13:05:10.0565 4928  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:05:10.0586 4928  usbohci - ok
13:05:10.0595 4928  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:05:10.0606 4928  usbprint - ok
13:05:10.0618 4928  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:05:10.0640 4928  USBSTOR - ok
13:05:10.0652 4928  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:05:10.0672 4928  usbuhci - ok
13:05:10.0693 4928  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:05:10.0731 4928  UxSms - ok
13:05:10.0738 4928  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:05:10.0748 4928  VaultSvc - ok
13:05:10.0767 4928  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:05:10.0776 4928  vdrvroot - ok
13:05:10.0787 4928  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:05:10.0835 4928  vds - ok
13:05:10.0850 4928  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:05:10.0862 4928  vga - ok
13:05:10.0876 4928  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:05:10.0912 4928  VgaSave - ok
13:05:10.0925 4928  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:05:10.0936 4928  vhdmp - ok
13:05:10.0946 4928  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:05:10.0955 4928  viaide - ok
13:05:10.0975 4928  vmci - ok
13:05:10.0980 4928  VMnetAdapter - ok
13:05:10.0991 4928  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:05:11.0001 4928  volmgr - ok
13:05:11.0016 4928  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:05:11.0031 4928  volmgrx - ok
13:05:11.0038 4928  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:05:11.0051 4928  volsnap - ok
13:05:11.0072 4928  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:05:11.0083 4928  vsmraid - ok
13:05:11.0120 4928  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:05:11.0200 4928  VSS - ok
13:05:11.0221 4928  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:05:11.0242 4928  vwifibus - ok
13:05:11.0274 4928  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:05:11.0299 4928  vwififlt - ok
13:05:11.0323 4928  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:05:11.0358 4928  W32Time - ok
13:05:11.0369 4928  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:05:11.0379 4928  WacomPen - ok
13:05:11.0395 4928  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:05:11.0433 4928  WANARP - ok
13:05:11.0436 4928  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:05:11.0465 4928  Wanarpv6 - ok
13:05:11.0491 4928  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:05:11.0531 4928  wbengine - ok
13:05:11.0548 4928  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:05:11.0565 4928  WbioSrvc - ok
13:05:11.0581 4928  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:05:11.0607 4928  wcncsvc - ok
13:05:11.0622 4928  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:05:11.0640 4928  WcsPlugInService - ok
13:05:11.0661 4928  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:05:11.0670 4928  Wd - ok
13:05:11.0698 4928  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:05:11.0722 4928  Wdf01000 - ok
13:05:11.0741 4928  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:05:11.0808 4928  WdiServiceHost - ok
13:05:11.0811 4928  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:05:11.0830 4928  WdiSystemHost - ok
13:05:11.0849 4928  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:05:11.0872 4928  WebClient - ok
13:05:11.0877 4928  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:05:11.0914 4928  Wecsvc - ok
13:05:11.0925 4928  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:05:11.0958 4928  wercplsupport - ok
13:05:11.0985 4928  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:05:12.0016 4928  WerSvc - ok
13:05:12.0041 4928  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:05:12.0071 4928  WfpLwf - ok
13:05:12.0083 4928  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:05:12.0092 4928  WIMMount - ok
13:05:12.0098 4928  WinDefend - ok
13:05:12.0103 4928  WinHttpAutoProxySvc - ok
13:05:12.0144 4928  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:05:12.0205 4928  Winmgmt - ok
13:05:12.0249 4928  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:05:12.0314 4928  WinRM - ok
13:05:12.0348 4928  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:05:12.0371 4928  WinUsb - ok
13:05:12.0394 4928  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:05:12.0425 4928  Wlansvc - ok
13:05:12.0516 4928  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:05:12.0554 4928  wlidsvc - ok
13:05:12.0561 4928  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:05:12.0579 4928  WmiAcpi - ok
13:05:12.0603 4928  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:05:12.0640 4928  wmiApSrv - ok
13:05:12.0666 4928  WMPNetworkSvc - ok
13:05:12.0684 4928  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:05:12.0710 4928  WPCSvc - ok
13:05:12.0729 4928  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:05:12.0748 4928  WPDBusEnum - ok
13:05:12.0769 4928  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:05:12.0802 4928  ws2ifsl - ok
13:05:12.0815 4928  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:05:12.0836 4928  wscsvc - ok
13:05:12.0839 4928  WSearch - ok
13:05:12.0890 4928  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:05:12.0941 4928  wuauserv - ok
13:05:12.0956 4928  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:05:12.0974 4928  WudfPf - ok
13:05:13.0007 4928  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:05:13.0034 4928  WUDFRd - ok
13:05:13.0058 4928  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:05:13.0074 4928  wudfsvc - ok
13:05:13.0098 4928  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:05:13.0120 4928  WwanSvc - ok
13:05:13.0172 4928  X6va008 - ok
13:05:13.0184 4928  X6va011 - ok
13:05:13.0200 4928  ================ Scan global ===============================
13:05:13.0218 4928  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:05:13.0248 4928  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:05:13.0262 4928  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:05:13.0276 4928  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:05:13.0298 4928  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:05:13.0306 4928  [Global] - ok
13:05:13.0306 4928  ================ Scan MBR ==================================
13:05:13.0319 4928  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:05:13.0616 4928  \Device\Harddisk0\DR0 - ok
13:05:13.0616 4928  ================ Scan VBR ==================================
13:05:13.0619 4928  [ E8376CAB629565B5002E3B15FE920E3D ] \Device\Harddisk0\DR0\Partition1
13:05:13.0620 4928  \Device\Harddisk0\DR0\Partition1 - ok
13:05:13.0654 4928  [ A6849094192E44AB30A325F2D906D1D6 ] \Device\Harddisk0\DR0\Partition2
13:05:13.0655 4928  \Device\Harddisk0\DR0\Partition2 - ok
13:05:13.0692 4928  [ 2CBD0DC74F0173C92CEEFACAFCB6B88E ] \Device\Harddisk0\DR0\Partition3
13:05:13.0695 4928  \Device\Harddisk0\DR0\Partition3 - ok
13:05:13.0695 4928  ============================================================
13:05:13.0695 4928  Scan finished
13:05:13.0695 4928  ============================================================
13:05:13.0713 1036  Detected object count: 0
13:05:13.0713 1036  Actual detected object count: 0
13:05:26.0850 1268  Deinitialize success

cosinus · 27.03.2013, 15:59

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Mischmann · 27.03.2013, 17:34

ComboFix ist bei "Logdatei wird erstellt" abgebrochen. Hat auch keine Log Datei erstellt.
Der PC hat auch keinen Restart durchgeführt.
Dafür geht YouTube wieder, aber bei Google kommt das immer noch.

Kurzer Nachtrag:
Google funktioniert auch wieder

Dieses Forum ist echt super. Sehr zu empfehlen

cosinus · 28.03.2013, 11:59

Ich brauch den Quarantäneordner von Combofix. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner Quarantine in C:\Qoobox in eine Datei zippen
3.) die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Mischmann · 28.03.2013, 12:23

Habe die .zip Datei hochgeladen.

cosinus · 28.03.2013, 12:55

Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und starte es bitte nochmal.

Mischmann · 28.03.2013, 19:59

Jetzt hat ComboFix geklappt
ComboFix.txt

Code:

ATTFilter

ComboFix 13-03-27.01 - Nutzer 28.03.2013  19:06:02.2.6 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16367.14125 [GMT 1:00]
ausgeführt von:: c:\users\Nutzer\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal Firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-28 bis 2013-03-28  ))))))))))))))))))))))))))))))
.
.
2013-03-28 18:15 . 2013-03-28 18:15	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-03-28 18:15 . 2013-03-28 18:15	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2013-03-28 18:15 . 2013-03-28 18:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-28 17:57 . 2013-03-28 17:57	--------	d-----w-	c:\users\Nutzer\AppData\Local\fontconfig
2013-03-28 17:57 . 2013-03-28 17:58	--------	d-----w-	c:\users\Nutzer\.gimp-2.8
2013-03-28 17:57 . 2013-03-28 17:57	--------	d-----w-	c:\users\Nutzer\AppData\Local\gegl-0.2
2013-03-28 17:27 . 2013-03-28 17:28	--------	d-----w-	c:\program files\GIMP 2
2013-03-28 17:22 . 2013-03-28 17:22	--------	d-----w-	c:\users\Nutzer\Android Programmierung
2013-03-28 15:31 . 2013-03-28 17:00	--------	d-----w-	c:\users\Nutzer\.android
2013-03-28 15:24 . 2013-03-28 15:24	--------	d-----w-	c:\users\Nutzer\AppData\Local\http___www.minecraftversi
2013-03-28 15:09 . 2013-03-28 15:09	--------	d-----w-	c:\users\Nutzer\.appinventor
2013-03-28 14:49 . 2013-03-28 14:49	--------	d-----w-	c:\program files (x86)\mstrgen
2013-03-28 14:46 . 2013-03-28 14:46	--------	d-----w-	C:\LG_USB
2013-03-28 14:43 . 2012-07-03 10:50	36352	----a-w-	c:\windows\system32\drivers\lgandnetmodem64.sys
2013-03-28 14:43 . 2012-07-03 10:50	29184	----a-w-	c:\windows\system32\drivers\lgandnetdiag64.sys
2013-03-28 14:42 . 2013-03-28 14:42	--------	d-----w-	C:\LGP880
2013-03-27 13:16 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B9FB089-F9AD-4B7A-8EE6-6B32C6ABA3BE}\mpengine.dll
2013-03-27 13:01 . 2013-03-27 13:01	--------	d-sh--w-	c:\windows\BitLockerDiscoveryVolumeContents
2013-03-27 13:01 . 2013-03-27 13:01	--------	d-----w-	c:\windows\RemotePackages
2013-03-26 17:34 . 2013-02-12 04:12	19968	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-03-25 12:34 . 2013-03-25 12:34	--------	d-----w-	c:\program files (x86)\MSXML 4.0
2013-03-22 19:48 . 2013-03-22 19:48	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\Malwarebytes
2013-03-22 19:48 . 2013-03-22 19:48	--------	d-----w-	c:\programdata\Malwarebytes
2013-03-22 11:33 . 2011-05-10 12:37	655872	----a-w-	c:\windows\SysWow64\msvcr90.dll
2013-03-22 11:33 . 2011-05-10 12:37	568832	----a-w-	c:\windows\SysWow64\msvcp90.dll
2013-03-22 11:33 . 2011-05-10 12:37	224768	----a-w-	c:\windows\SysWow64\msvcm90.dll
2013-03-22 11:33 . 2006-05-04 07:33	53248	----a-w-	c:\windows\SysWow64\CommonDL.dll
2013-03-22 11:33 . 2005-11-24 01:34	82432	----a-w-	c:\windows\SysWow64\msxml4r.dll
2013-03-22 11:33 . 2005-10-04 00:39	44544	----a-w-	c:\windows\SysWow64\msxml4a.dll
2013-03-22 11:33 . 2013-03-22 11:33	--------	d-----w-	c:\programdata\LGMOBILEAX
2013-03-20 19:59 . 2013-03-20 19:59	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\ML
2013-03-20 19:53 . 2013-03-20 19:58	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\LG Electronics
2013-03-20 19:51 . 2013-03-20 19:51	--------	d-----w-	c:\users\Nutzer\AppData\Local\LG Electronics
2013-03-20 19:50 . 2013-03-28 14:47	--------	d-----w-	c:\program files (x86)\LG Electronics
2013-03-14 15:31 . 2013-03-14 15:38	--------	d-----w-	c:\users\Nutzer\Pokemon
2013-03-12 18:25 . 2013-03-12 18:31	--------	d-----w-	c:\users\Nutzer\.idlerc
2013-03-12 18:23 . 2013-03-12 18:23	98304	----a-r-	c:\users\Nutzer\AppData\Roaming\Microsoft\Installer\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7D}\python_icon.exe
2013-03-12 18:23 . 2013-03-12 18:23	--------	d-----w-	C:\Python27
2013-03-11 16:59 . 2013-03-11 16:59	--------	d-----w-	c:\users\Nutzer\AppData\Local\Macroplant_LLC
2013-03-11 16:59 . 2012-04-09 15:27	223760	----a-w-	c:\windows\SysWow64\CbFsNetRdr3.dll
2013-03-11 16:59 . 2012-04-09 15:27	190480	----a-w-	c:\windows\system32\CbFsMntNtf3.dll
2013-03-11 16:59 . 2012-04-09 15:27	158224	----a-w-	c:\windows\SysWow64\CbFsMntNtf3.dll
2013-03-11 16:59 . 2012-04-09 15:27	141328	----a-w-	c:\windows\system32\CbFsNetRdr3.dll
2013-03-11 16:59 . 2012-04-09 15:27	352144	----a-w-	c:\windows\system32\drivers\cbfs3.sys
2013-03-11 16:59 . 2013-03-11 16:59	--------	d-----w-	c:\program files (x86)\iExplorer
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-03-11 16:58 . 2013-03-11 16:58	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-03-07 19:14 . 2013-03-07 19:54	--------	d-----w-	c:\programdata\BlueStacksSetup
2013-03-05 19:01 . 2013-03-05 19:14	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\CraftStudio
2013-03-05 19:00 . 2013-03-05 19:00	--------	d-----w-	c:\program files (x86)\CraftStudio
2013-03-05 16:32 . 2013-03-05 16:32	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\Unity
2013-03-05 16:31 . 2013-03-05 16:32	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\PACE Anti-Piracy
2013-03-05 16:31 . 2013-03-05 16:32	--------	d-----w-	c:\programdata\PACE Anti-Piracy
2013-03-05 16:31 . 2013-03-05 16:31	--------	d-----w-	c:\users\Nutzer\AppData\Local\PACE Anti-Piracy
2013-03-05 16:17 . 2013-03-06 18:41	--------	d-----w-	c:\users\Nutzer\AppData\Local\Unity
2013-03-05 16:14 . 2013-03-05 16:59	--------	d-----w-	c:\program files (x86)\Unity
2013-03-05 16:08 . 2013-03-05 16:08	--------	d-----w-	c:\users\Nutzer\.Comma Excess
2013-03-03 15:52 . 2013-03-03 15:53	--------	d-----w-	c:\users\Nutzer\Sonstige Spiele
2013-03-02 10:49 . 2013-03-02 10:49	--------	d-----w-	c:\program files (x86)\Crocodile Clips
2013-03-02 10:49 . 2013-03-02 10:49	--------	d-----w-	c:\windows\Downloaded Installations
2013-02-28 16:25 . 2013-02-28 17:08	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\RetroCityRampage
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 20:55 . 2012-11-30 08:46	72013344	----a-w-	c:\windows\system32\MRT.exe
2013-03-13 18:46 . 2012-12-08 18:47	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 18:46 . 2012-12-08 18:47	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-12 05:45 . 2013-03-13 20:48	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 20:48	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 20:48	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 20:48	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 20:48	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 20:48	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-01-17 00:28 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-15 17:48	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-15 17:48	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-15 17:48	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-15 17:47	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-15 17:47	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-15 17:47	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-15 17:47	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-15 17:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-15 17:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-15 17:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-15 17:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-15 17:47	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-15 17:47	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27	158224	----a-w-	c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-05-22 502328]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-18 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [2011-12-12 17936]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;D:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [2012-05-22 142904]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [2011-12-12 1256192]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys [2012-04-09 352144]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-27 12:21	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-08 18:46]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21 16:10]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21 16:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27	190480	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-05-08 6470760]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: Interfaces\{0A36C52A-0A7C-4983-AB4A-7F0FE506497D}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\qd1g40so.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.http - 91.228.53.28
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-UnityWebPlayer - c:\users\Nutzer\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-28  19:26:50
ComboFix-quarantined-files.txt  2013-03-28 18:26
.
Vor Suchlauf: 19 Verzeichnis(se), 770.198.114.304 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 770.166.067.200 Bytes frei
.
- - End Of File - - 5AD4E5B06C7EC78DFCA4F28567E1AE48

28.03.2013, 12:55	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Internetseiten wie Google und YouTube sind gesperrt Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und starte es bitte nochmal. __________________ Logfiles bitte immer in CODE-Tags posten

Internetseiten wie Google und YouTube sind gesperrt

Plagegeister aller Art und deren Bekämpfung: Internetseiten wie Google und YouTube sind gesperrt