Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GVU Win7 64 Bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.05.2013, 12:23   #1
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hallo Leute,

Ich habe mir leider, wie auch immer, auch den GVU Trojaner eingefangen.

System - Win7 64Bit

Mein Avast hat kurz Alarm geschlagen, dann war es aber leider schon zu spät.
  • Windows normal Boot --> Fenster mit Videoquelle auswählen --> GVU Meldung bzw. Fenster.
  • Windows im abgesichertem + Netzwerk --> Pc fährt sofort herunter
  • Windows im abgesichterm + Eingae (mit Explorer.exe) --> Keine Probleme soweit.

Habe schon gelesen das ihr immer einen OTL log haben wollte:

Code:
ATTFilter
OTL logfile created on: 13.05.2013 13:04:58 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Patrick\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,97% Memory free
15,81 Gb Paging File | 14,32 Gb Available in Paging File | 90,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,47 Gb Total Space | 142,66 Gb Free Space | 59,83% Space Free | Partition Type: NTFS
Drive E: | 14,44 Gb Total Space | 4,66 Gb Free Space | 32,25% Space Free | Partition Type: NTFS
 
Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.03.25 23:44:18 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.15 23:31:49 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.10.01 20:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.10.01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012.03.29 07:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.03.29 07:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.03.29 07:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.03.29 07:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.03.19 13:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.01.21 08:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.01.21 08:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.01.21 08:35:08 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.01.10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.05.20 16:03:06 | 000,038,926 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.27 03:29:42 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe -- (SandraAgentSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.01.09 16:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.12.04 17:51:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 17:51:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.12.04 17:51:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.03.26 00:26:40 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.03.25 22:51:16 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.20 01:45:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012.03.19 13:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.03.12 14:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.03.09 20:41:16 | 000,685,160 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.12.06 05:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.05.20 16:03:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 80 0F 65 1A 3A CE 01  [binary data]
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.15 23:20:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 22:58:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 22:21:11 | 000,000,000 | ---D | M]
 
[2013.04.15 22:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions
[2013.04.15 22:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [Akamai NetSession Interface] C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [AmazonMP3DownloaderHelper] C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34DCF1F2-A47D-41AC-ADA3-4721043A00D9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42231763-BD2C-488B-BA32-59446A99D185}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{558C1633-B83A-4FDB-AEFF-BFDFAC0D9237}: DhcpNameServer = 149.201.10.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3231A1F-4CE3-4007-942C-CFB82ABC96DA}: DhcpNameServer = 192.168.10.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat (Sftware                                                     )
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.04.12 11:19:49 | 000,000,122 | ---- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.13 13:04:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013.05.13 12:54:06 | 000,000,000 | ---D | C] -- C:\sata
[2013.05.09 23:12:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Amazon
[2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Amazon MP3
[2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.05.09 23:12:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Program Files
[2013.05.03 09:07:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.04.30 15:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FH-Aachen OpenVPN
[2013.04.30 15:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FH-Aachen OpenVPN
[2013.04.25 11:23:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.04.21 22:38:04 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Adobe
[2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.04.21 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Benutzerdefinierte Office-Vorlagen
[2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Word Recovery
[2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Word Recovery
[2013.04.21 21:25:20 | 000,000,000 | ---D | C] -- C:\TokensBackup
[2013.04.21 21:23:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\KMSpico.v2
[2013.04.21 21:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.04.21 21:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word
[2013.04.21 21:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair Word 2.0
[2013.04.21 21:02:18 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TeamViewer
[2013.04.21 21:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.04.16 22:49:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TS3Client
[2013.04.16 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.04.16 22:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2013.04.16 12:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.04.16 12:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.16 12:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.04.16 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.16 12:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.04.16 12:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.04.16 12:10:55 | 000,054,272 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.16 12:10:55 | 000,048,128 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.16 12:10:54 | 028,992,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2013.04.16 12:10:54 | 023,460,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.04.16 12:10:54 | 009,605,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2013.04.16 12:10:54 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2013.04.16 12:10:54 | 008,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2013.04.16 12:10:54 | 007,795,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2013.04.16 12:10:54 | 006,120,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2013.04.16 12:10:54 | 003,749,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2013.04.16 12:10:54 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.16 12:10:54 | 002,866,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2013.04.16 12:10:54 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.16 12:10:54 | 000,591,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2013.04.16 12:10:54 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2013.04.16 12:10:54 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2013.04.16 12:10:54 | 000,518,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2013.04.16 12:10:54 | 000,509,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.04.16 12:10:54 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.04.16 12:10:54 | 000,439,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.04.16 12:10:54 | 000,434,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2013.04.16 12:10:54 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.04.16 12:10:54 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.04.16 12:10:54 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.04.16 12:10:54 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.04.16 12:10:54 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.04.16 12:10:54 | 000,386,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2013.04.16 12:10:54 | 000,325,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.04.16 12:10:54 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.04.16 12:10:54 | 000,276,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.04.16 12:10:54 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.04.16 12:10:54 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.16 12:10:54 | 000,236,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2013.04.16 12:10:54 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2013.04.16 12:10:54 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.16 12:10:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2013.04.16 12:10:54 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2013.04.16 12:10:54 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.04.16 12:10:54 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.04.16 12:10:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.04.16 12:10:54 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2013.04.16 12:10:54 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2013.04.16 12:10:54 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.04.16 12:10:53 | 026,166,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.04.16 12:10:53 | 019,739,136 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.04.16 12:10:53 | 016,069,632 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.04.16 12:10:53 | 013,715,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.04.16 12:10:53 | 010,857,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.04.16 12:10:53 | 007,646,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013.04.16 12:10:53 | 007,552,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013.04.16 12:10:53 | 006,200,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.04.16 12:10:53 | 005,954,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013.04.16 12:10:53 | 005,888,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2013.04.16 12:10:53 | 005,062,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013.04.16 12:10:53 | 004,958,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013.04.16 12:10:53 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2013.04.16 12:10:53 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2013.04.16 12:10:53 | 000,958,464 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013.04.16 12:10:53 | 000,791,552 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013.04.16 12:10:53 | 000,512,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013.04.16 12:10:53 | 000,496,128 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.04.16 12:10:53 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2013.04.16 12:10:53 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.04.16 12:10:53 | 000,356,352 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.04.16 12:10:53 | 000,328,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.04.16 12:10:53 | 000,235,520 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.04.16 12:10:53 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.04.16 12:10:53 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.04.16 12:10:53 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.04.16 12:10:53 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.04.16 12:10:53 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2013.04.16 12:10:53 | 000,071,680 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013.04.16 12:10:53 | 000,070,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013.04.16 12:10:53 | 000,070,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013.04.16 12:10:53 | 000,065,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\atisamu32.dll
[2013.04.16 12:10:53 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.04.16 12:10:53 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.04.16 12:10:53 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.04.16 12:10:53 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.04.16 12:10:53 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.04.16 12:10:53 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.04.16 12:10:53 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.04.16 12:10:53 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.04.16 12:10:53 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.04.16 12:10:53 | 000,032,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmpfd.sys
[2013.04.16 12:10:53 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013.04.16 12:10:53 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.04.16 12:10:53 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.04.16 12:10:53 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.04.16 11:47:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Dropbox
[2013.04.16 11:47:00 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.04.16 11:46:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013.04.16 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Diagnostics
[2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel Corporation
[2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013.04.16 10:37:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013.04.16 10:37:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Dell
[2013.04.16 10:34:14 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2013.04.16 10:34:14 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2013.04.16 10:22:04 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2013.04.16 10:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013.04.16 10:17:40 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.04.16 10:17:40 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2013.04.16 00:22:43 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles
[2013.04.16 00:22:20 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel
[2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Roaming
[2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2013.04.16 00:21:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013.04.16 00:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav
[2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\ATI
[2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\ATI
[2013.04.16 00:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2013.04.16 00:11:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\SystemRequirementsLab
[2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.16 00:11:14 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.16 00:11:14 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.16 00:11:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.16 00:11:12 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.16 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.15 23:58:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2013.04.15 23:58:23 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013.04.15 23:58:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2013.04.15 23:58:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013.04.15 23:58:23 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013.04.15 23:58:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013.04.15 23:58:23 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013.04.15 23:58:23 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2013.04.15 23:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.04.15 23:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.04.15 23:57:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.04.15 23:57:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.04.15 23:57:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.04.15 23:57:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.04.15 23:57:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.04.15 23:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.04.15 23:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.04.15 23:57:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.04.15 23:57:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.04.15 23:57:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.04.15 23:57:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.04.15 23:57:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.04.15 23:57:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.04.15 23:57:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.04.15 23:57:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.04.15 23:57:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.04.15 23:57:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.04.15 23:57:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.04.15 23:57:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.04.15 23:57:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.04.15 23:57:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.04.15 23:57:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.04.15 23:56:59 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.04.15 23:56:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.04.15 23:56:59 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.04.15 23:56:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.04.15 23:56:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.04.15 23:56:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.04.15 23:56:59 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.04.15 23:56:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.04.15 23:56:58 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.04.15 23:56:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.04.15 23:56:58 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.04.15 23:56:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.04.15 23:56:58 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.04.15 23:56:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.04.15 23:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.04.15 23:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.04.15 23:56:57 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.04.15 23:56:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.04.15 23:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.04.15 23:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.04.15 23:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.04.15 23:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.04.15 23:56:56 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.04.15 23:56:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.04.15 23:56:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.04.15 23:56:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.04.15 23:56:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.04.15 23:56:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.04.15 23:56:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.04.15 23:56:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.04.15 23:56:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.04.15 23:56:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.04.15 23:56:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.04.15 23:56:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.04.15 23:56:55 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.04.15 23:56:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.04.15 23:56:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.04.15 23:56:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.04.15 23:56:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.04.15 23:56:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.04.15 23:56:55 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.04.15 23:56:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.04.15 23:56:54 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.04.15 23:56:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.04.15 23:56:54 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.04.15 23:56:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.04.15 23:56:54 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.04.15 23:56:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.04.15 23:56:54 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.04.15 23:56:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.04.15 23:56:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.04.15 23:56:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.04.15 23:56:53 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.04.15 23:56:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.04.15 23:56:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.04.15 23:56:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.04.15 23:56:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.04.15 23:56:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.04.15 23:56:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.04.15 23:56:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.04.15 23:56:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.04.15 23:56:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.04.15 23:56:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.04.15 23:56:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.04.15 23:56:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.04.15 23:56:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.04.15 23:56:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.04.15 23:56:51 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.04.15 23:56:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.04.15 23:56:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.04.15 23:56:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.04.15 23:56:51 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.04.15 23:56:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.04.15 23:56:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.04.15 23:56:50 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.04.15 23:56:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.04.15 23:56:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.04.15 23:56:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.04.15 23:56:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.04.15 23:56:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.04.15 23:56:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.04.15 23:56:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.04.15 23:56:49 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.04.15 23:56:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.04.15 23:56:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.04.15 23:56:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.04.15 23:56:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.04.15 23:56:48 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.04.15 23:56:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.04.15 23:56:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.04.15 23:56:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.04.15 23:56:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.04.15 23:56:19 | 000,000,000 | ---D | C] -- C:\AMD
[2013.04.15 23:54:14 | 000,685,160 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.04.15 23:54:14 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013.04.15 23:54:14 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013.04.15 23:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.04.15 23:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.04.15 23:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2013.04.15 23:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2013.04.15 23:50:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Programs
[2013.04.15 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.04.15 23:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.04.15 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.04.15 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft Help
[2013.04.15 23:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.04.15 23:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.04.15 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.04.15 23:39:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.04.15 23:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013.04.15 23:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013.04.15 23:36:46 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Macromedia
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Adobe
[2013.04.15 23:34:54 | 000,000,000 | ---D | C] -- C:\Vorformat
[2013.04.15 23:33:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013.04.15 23:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013.04.15 23:33:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.04.15 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\InstallShield
[2013.04.15 23:31:49 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.15 23:31:49 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.15 23:31:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.04.15 23:31:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.15 23:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.04.15 23:28:56 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013.04.15 23:28:54 | 000,000,000 | ---D | C] -- C:\temp
[2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Deployment
[2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Apps
[2013.04.15 23:20:32 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.04.15 23:20:32 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.04.15 23:20:32 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.04.15 23:20:32 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.04.15 23:20:32 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.04.15 23:20:32 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.04.15 23:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.04.15 23:20:31 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.15 23:20:18 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.04.15 23:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.15 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.15 22:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Mozilla
[2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Mozilla
[2013.04.15 22:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.04.15 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.04.15 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\WinRAR
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.15 22:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.04.15 22:54:04 | 000,000,000 | ---D | C] -- C:\Intel
[2013.04.15 22:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013.04.15 22:53:47 | 000,211,280 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2013.04.15 22:53:29 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2013.04.15 22:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013.04.15 22:53:26 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2013.04.15 22:53:26 | 000,791,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2013.04.15 22:53:26 | 000,358,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2013.04.15 22:53:26 | 000,020,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2013.04.15 22:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2013.04.15 22:52:08 | 000,000,000 | ---D | C] -- C:\Dell Driver
[2013.04.15 22:51:30 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Akamai
[2013.04.15 22:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.04.15 22:46:20 | 000,000,000 | -HSD | C] -- C:\Boot
[2013.04.15 22:32:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.15 22:32:18 | 000,000,000 | ---D | C] -- C:\Dell
[2013.04.15 21:51:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Searches
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.15 21:49:54 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Identities
[2013.04.15 21:49:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Contacts
[2013.04.15 21:49:51 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\VirtualStore
[2013.04.15 21:49:49 | 000,000,000 | --SD | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Videos
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Saved Games
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Pictures
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Music
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Links
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Favorites
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Downloads
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Documents
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Desktop
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Vorlagen
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Verlauf
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Temporary Internet Files
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Startmenü
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\SendTo
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Recent
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Netzwerkumgebung
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Lokale Einstellungen
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Videos
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Musik
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Eigene Dateien
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Bilder
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Druckumgebung
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Cookies
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Anwendungsdaten
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Anwendungsdaten
[2013.04.15 21:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Patrick\AppData
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Temp
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Center Programs
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.04.15 21:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.04.15 21:46:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.07.14 01:12:11 | 000,130,560 | ---- | C] (Sftware                                                     ) -- C:\Users\Patrick\AppData\Roaming\skype.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.13 13:06:07 | 001,614,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.13 13:06:07 | 000,697,170 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.13 13:06:07 | 000,652,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.13 13:06:07 | 000,147,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.13 13:06:07 | 000,120,918 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013.05.13 13:01:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.13 13:01:48 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.13 12:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.13 12:18:19 | 000,000,162 | -H-- | M] () -- C:\Users\Patrick\Desktop\~$inal-3.odt
[2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
[2013.05.07 16:27:19 | 005,423,019 | ---- | M] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3
[2013.05.07 16:24:01 | 005,373,282 | ---- | M] () -- C:\Users\Patrick\Desktop\natural born jane.mp3
[2013.05.07 16:21:25 | 005,756,968 | ---- | M] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3
[2013.05.07 16:20:45 | 005,032,227 | ---- | M] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3
[2013.05.03 09:07:03 | 592,718,937 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.05.01 19:14:24 | 000,129,024 | ---- | M] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG
[2013.04.30 15:51:13 | 000,016,106 | ---- | M] () -- C:\Users\Patrick\Desktop\mcfit kram.odt
[2013.04.30 15:26:29 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk
[2013.04.30 15:04:43 | 000,000,345 | ---- | M] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3
[2013.04.28 15:53:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.28 11:02:13 | 004,016,640 | ---- | M] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar
[2013.04.27 13:17:19 | 003,735,300 | ---- | M] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3
[2013.04.27 12:58:49 | 004,745,507 | ---- | M] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3
[2013.04.27 12:58:17 | 005,807,959 | ---- | M] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3
[2013.04.26 23:25:36 | 000,210,023 | ---- | M] () -- C:\Users\Patrick\Desktop\bild2.jpg
[2013.04.26 19:01:06 | 000,279,378 | ---- | M] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg
[2013.04.26 17:48:24 | 001,947,404 | ---- | M] () -- C:\Users\Patrick\Desktop\bild.jpg
[2013.04.25 11:36:49 | 000,003,640 | ---- | M] () -- C:\Users\Patrick\Desktop\sven paddel.ods
[2013.04.24 12:13:58 | 000,441,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.23 19:49:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.04.21 22:47:39 | 000,205,728 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.pdf
[2013.04.21 22:46:46 | 000,444,316 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.odt
[2013.04.21 22:37:29 | 000,206,545 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-2.pdf
[2013.04.21 22:26:07 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.04.21 22:21:11 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.04.21 22:17:46 | 000,192,849 | ---- | M] () -- C:\Users\Patrick\Desktop\marc kniese.pdf
[2013.04.21 21:13:34 | 000,001,117 | ---- | M] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk
[2013.04.21 21:01:31 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.16 12:12:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.04.16 11:47:53 | 000,001,003 | ---- | M] () -- C:\Users\Patrick\Desktop\Dropbox.lnk
[2013.04.16 11:47:10 | 000,001,013 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.16 10:45:24 | 013,479,936 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb
[2013.04.16 10:41:19 | 000,001,108 | ---- | M] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk
[2013.04.16 10:35:52 | 001,639,602 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.16 00:22:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2013.04.16 00:11:10 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.16 00:11:09 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.16 00:11:09 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.16 00:11:09 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.15 23:33:22 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
[2013.04.15 23:31:49 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.15 23:31:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.15 23:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.15 22:53:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013.04.15 22:46:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.04.15 22:31:48 | 000,182,856 | ---- | M] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf
[2013.04.15 22:30:23 | 011,711,800 | ---- | M] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe
[2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.13 12:18:19 | 000,000,162 | -H-- | C] () -- C:\Users\Patrick\Desktop\~$inal-3.odt
[2013.05.13 11:13:19 | 000,000,004 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
[2013.05.07 16:27:14 | 005,423,019 | ---- | C] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3
[2013.05.07 16:23:57 | 005,373,282 | ---- | C] () -- C:\Users\Patrick\Desktop\natural born jane.mp3
[2013.05.07 16:21:20 | 005,756,968 | ---- | C] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3
[2013.05.07 16:20:39 | 005,032,227 | ---- | C] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3
[2013.05.03 09:07:03 | 592,718,937 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.05.01 19:14:23 | 000,129,024 | ---- | C] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG
[2013.04.30 15:51:10 | 000,016,106 | ---- | C] () -- C:\Users\Patrick\Desktop\mcfit kram.odt
[2013.04.30 15:26:29 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk
[2013.04.30 15:03:52 | 000,000,345 | ---- | C] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3
[2013.04.28 15:53:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.28 11:02:13 | 004,016,640 | ---- | C] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar
[2013.04.27 13:17:11 | 003,735,300 | ---- | C] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3
[2013.04.27 12:58:38 | 004,745,507 | ---- | C] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3
[2013.04.27 12:57:52 | 005,807,959 | ---- | C] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3
[2013.04.26 23:25:36 | 000,210,023 | ---- | C] () -- C:\Users\Patrick\Desktop\bild2.jpg
[2013.04.26 19:01:06 | 000,279,378 | ---- | C] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg
[2013.04.26 17:48:23 | 001,947,404 | ---- | C] () -- C:\Users\Patrick\Desktop\bild.jpg
[2013.04.26 17:46:15 | 004,922,282 | ---- | C] () -- C:\Users\Patrick\Desktop\Pixlromatic.air
[2013.04.25 11:36:45 | 000,003,640 | ---- | C] () -- C:\Users\Patrick\Desktop\sven paddel.ods
[2013.04.23 19:49:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.04.21 22:47:39 | 000,205,728 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.pdf
[2013.04.21 22:46:45 | 000,444,316 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.odt
[2013.04.21 22:37:28 | 000,206,545 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-2.pdf
[2013.04.21 22:21:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.21 22:21:11 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.04.21 22:17:46 | 000,192,849 | ---- | C] () -- C:\Users\Patrick\Desktop\marc kniese.pdf
[2013.04.21 21:13:34 | 000,001,117 | ---- | C] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk
[2013.04.21 21:01:31 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.04.21 21:01:31 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.16 22:49:16 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.04.16 12:12:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.16 12:12:12 | 000,002,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Umschaltbare Grafik.lnk
[2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2013.04.16 12:10:54 | 017,226,240 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2013.04.16 12:10:54 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2013.04.16 12:10:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013.04.16 12:10:54 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2013.04.16 12:10:54 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2013.04.16 12:10:54 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2013.04.16 12:10:54 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2013.04.16 12:10:54 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.04.16 12:10:54 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2013.04.16 12:10:54 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2013.04.16 12:10:54 | 000,018,660 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.04.16 12:10:54 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.04.16 12:10:54 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2013.04.16 12:10:53 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2013.04.16 12:10:53 | 002,427,392 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.04.16 12:10:53 | 002,425,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.04.16 12:10:53 | 000,601,728 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.04.16 12:10:53 | 000,221,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.04.16 12:10:53 | 000,208,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.04.16 12:10:53 | 000,192,378 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.04.16 12:10:53 | 000,164,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.04.16 12:10:53 | 000,162,150 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013.04.16 12:10:53 | 000,157,713 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.04.16 12:10:53 | 000,148,461 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.04.16 12:10:53 | 000,147,116 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013.04.16 12:10:53 | 000,146,125 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.04.16 12:10:53 | 000,146,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.04.16 12:10:53 | 000,144,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.04.16 12:10:53 | 000,144,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.04.16 12:10:53 | 000,143,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.04.16 12:10:53 | 000,143,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.04.16 12:10:53 | 000,142,797 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.04.16 12:10:53 | 000,142,606 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.04.16 12:10:53 | 000,142,079 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.04.16 12:10:53 | 000,141,854 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.04.16 12:10:53 | 000,141,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.04.16 12:10:53 | 000,141,297 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.04.16 12:10:53 | 000,140,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.04.16 12:10:53 | 000,140,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.04.16 12:10:53 | 000,139,901 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.04.16 12:10:53 | 000,136,850 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.04.16 12:10:53 | 000,136,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.04.16 12:10:53 | 000,136,261 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.04.16 12:10:53 | 000,131,674 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.04.16 12:10:53 | 000,125,306 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.04.16 12:10:53 | 000,123,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.04.16 12:10:53 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2013.04.16 12:10:53 | 000,037,533 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.04.16 12:10:53 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013.04.16 11:47:53 | 000,001,003 | ---- | C] () -- C:\Users\Patrick\Desktop\Dropbox.lnk
[2013.04.16 11:47:10 | 000,001,013 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.16 10:41:19 | 000,001,108 | ---- | C] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk
[2013.04.16 00:22:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2013.04.16 00:00:59 | 001,639,602 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.16 00:00:02 | 013,479,936 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb
[2013.04.15 23:37:41 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013.04.15 23:33:23 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
[2013.04.15 23:31:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.15 23:20:32 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.04.15 23:20:32 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.04.15 23:20:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.04.15 22:58:17 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.15 22:53:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013.04.15 22:46:21 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013.04.15 22:46:20 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2013.04.15 22:31:45 | 000,182,856 | ---- | C] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf
[2013.04.15 22:28:24 | 011,711,800 | ---- | C] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe
[2013.04.15 21:50:03 | 000,001,409 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.04.15 21:50:00 | 000,001,443 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.15 21:48:26 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.04.15 21:48:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.04.15 21:46:57 | 2070,691,839 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.05.09 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon
[2013.05.13 12:56:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013.04.15 23:28:57 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013.04.21 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TeamViewer
[2013.04.26 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9A78FF1A

< End of report >
         
Ich danke vorab, wenn ihr noch was brauchen solltet ich reiche Alles flott nach.

Alt 13.05.2013, 12:52   #2
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hi,
wer sein System nicht aktuell hält, muss sich nicht wundern, fehlene Win-Updates zb


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat
(Sftware                                                     )
[2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
:files
C:\Users\Patrick\AppData\Roaming\skype.dat
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 13.05.2013, 13:04   #3
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hier der neue log.

Upload auch erfolgreich.

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Patrick\AppData\Roaming\skype.dat deleted successfully.
C:\Users\Patrick\AppData\Roaming\skype.dat moved successfully.
C:\Users\Patrick\AppData\Roaming\skype.ini moved successfully.
========== FILES ==========
File\Folder C:\Users\Patrick\AppData\Roaming\skype.dat not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Patrick
->Temp folder emptied: 734168292 bytes
->Temporary Internet Files folder emptied: 40060645 bytes
->Java cache emptied: 475253 bytes
->FireFox cache emptied: 389496588 bytes
->Flash cache emptied: 30283 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2165039452 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 9780292957 bytes
 
Total Files Cleaned = 12.502,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05132013_135723

Files\Folders moved on Reboot...
C:\Users\Patrick\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
__________________

Alt 13.05.2013, 13:16   #4
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Normaler Modus geht? dann bitte folgenes:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.05.2013, 14:33   #5
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hey hier der nächste Log aus dem normal Modus

Code:
ATTFilter
15:30:58.0944 3660  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:30:59.0093 3660  ============================================================
15:30:59.0093 3660  Current date / time: 2013/05/13 15:30:59.0093
15:30:59.0093 3660  SystemInfo:
15:30:59.0093 3660  
15:30:59.0093 3660  OS Version: 6.1.7600 ServicePack: 0.0
15:30:59.0093 3660  Product type: Workstation
15:30:59.0093 3660  ComputerName: PATRICK-PC
15:30:59.0093 3660  UserName: Patrick
15:30:59.0093 3660  Windows directory: C:\Windows
15:30:59.0093 3660  System windows directory: C:\Windows
15:30:59.0093 3660  Running under WOW64
15:30:59.0093 3660  Processor architecture: Intel x64
15:30:59.0093 3660  Number of processors: 8
15:30:59.0093 3660  Page size: 0x1000
15:30:59.0093 3660  Boot type: Normal boot
15:30:59.0094 3660  ============================================================
15:30:59.0326 3660  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:30:59.0330 3660  ============================================================
15:30:59.0330 3660  \Device\Harddisk0\DR0:
15:30:59.0330 3660  MBR partitions:
15:30:59.0330 3660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0x1DCF0000
15:30:59.0330 3660  ============================================================
15:30:59.0331 3660  C: <-> \Device\Harddisk0\DR0\Partition1
15:30:59.0331 3660  ============================================================
15:30:59.0331 3660  Initialize success
15:30:59.0331 3660  ============================================================
15:31:31.0325 2504  ============================================================
15:31:31.0326 2504  Scan started
15:31:31.0326 2504  Mode: Manual; SigCheck; TDLFS; 
15:31:31.0326 2504  ============================================================
15:31:31.0425 2504  ================ Scan system memory ========================
15:31:31.0425 2504  System memory - ok
15:31:31.0426 2504  ================ Scan services =============================
15:31:31.0447 2504  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
15:31:31.0490 2504  1394ohci - ok
15:31:31.0495 2504  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
15:31:31.0506 2504  ACPI - ok
15:31:31.0509 2504  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
15:31:31.0520 2504  AcpiPmi - ok
15:31:31.0524 2504  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:31.0531 2504  AdobeARMservice - ok
15:31:31.0543 2504  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:31.0551 2504  AdobeFlashPlayerUpdateSvc - ok
15:31:31.0558 2504  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:31:31.0571 2504  adp94xx - ok
15:31:31.0576 2504  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:31:31.0587 2504  adpahci - ok
15:31:31.0590 2504  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:31:31.0599 2504  adpu320 - ok
15:31:31.0603 2504  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:31:31.0629 2504  AeLookupSvc - ok
15:31:31.0636 2504  [ B9384E03479D2506BC924C16A3DB87BC ] AFD             C:\Windows\system32\drivers\afd.sys
15:31:31.0666 2504  AFD - ok
15:31:31.0669 2504  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
15:31:31.0676 2504  agp440 - ok
15:31:31.0679 2504  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:31:31.0689 2504  ALG - ok
15:31:31.0692 2504  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
15:31:31.0698 2504  aliide - ok
15:31:31.0702 2504  [ 6B86F165C7D518CDB70804D82AC3ACD5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:31:31.0718 2504  AMD External Events Utility - ok
15:31:31.0721 2504  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
15:31:31.0727 2504  amdide - ok
15:31:31.0730 2504  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:31:31.0739 2504  AmdK8 - ok
15:31:31.0813 2504  [ 116176D9B55DDA2C5494DF5611E246A7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:31:31.0931 2504  amdkmdag - ok
15:31:31.0938 2504  [ 29A5ACBF46308BD283A5F0D93C4686B5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:31:31.0954 2504  amdkmdap - ok
15:31:31.0957 2504  [ FFCB1F4FEAC8AB77887031F8AD0D7C06 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
15:31:31.0971 2504  amdkmpfd - ok
15:31:31.0974 2504  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:31:31.0984 2504  AmdPPM - ok
15:31:31.0987 2504  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
15:31:31.0995 2504  amdsata - ok
15:31:31.0999 2504  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:31:32.0007 2504  amdsbs - ok
15:31:32.0010 2504  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
15:31:32.0016 2504  amdxata - ok
15:31:32.0020 2504  [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
15:31:32.0030 2504  AMPPAL - ok
15:31:32.0034 2504  [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
15:31:32.0042 2504  AMPPALP - ok
15:31:32.0052 2504  [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:31:32.0064 2504  AMPPALR3 - ok
15:31:32.0067 2504  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
15:31:32.0081 2504  AppID - ok
15:31:32.0083 2504  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:31:32.0109 2504  AppIDSvc - ok
15:31:32.0111 2504  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
15:31:32.0137 2504  Appinfo - ok
15:31:32.0141 2504  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:31:32.0151 2504  AppMgmt - ok
15:31:32.0155 2504  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:31:32.0162 2504  arc - ok
15:31:32.0165 2504  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:31:32.0172 2504  arcsas - ok
15:31:32.0180 2504  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:31:32.0186 2504  aspnet_state - ok
15:31:32.0188 2504  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:31:32.0194 2504  aswFsBlk - ok
15:31:32.0197 2504  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:31:32.0203 2504  aswMonFlt - ok
15:31:32.0206 2504  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
15:31:32.0211 2504  aswRdr - ok
15:31:32.0214 2504  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:31:32.0219 2504  aswRvrt - ok
15:31:32.0230 2504  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:31:32.0246 2504  aswSnx - ok
15:31:32.0252 2504  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:31:32.0261 2504  aswSP - ok
15:31:32.0264 2504  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:31:32.0269 2504  aswTdi - ok
15:31:32.0273 2504  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:31:32.0280 2504  aswVmm - ok
15:31:32.0283 2504  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:32.0308 2504  AsyncMac - ok
15:31:32.0310 2504  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
15:31:32.0316 2504  atapi - ok
15:31:32.0325 2504  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:31:32.0357 2504  AudioEndpointBuilder - ok
15:31:32.0363 2504  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:31:32.0393 2504  AudioSrv - ok
15:31:32.0396 2504  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:31:32.0401 2504  avast! Antivirus - ok
15:31:32.0404 2504  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:31:32.0417 2504  AxInstSV - ok
15:31:32.0424 2504  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:31:32.0437 2504  b06bdrv - ok
15:31:32.0442 2504  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:32.0454 2504  b57nd60a - ok
15:31:32.0459 2504  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:31:32.0468 2504  BBSvc - ok
15:31:32.0472 2504  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:31:32.0481 2504  BBUpdate - ok
15:31:32.0484 2504  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:31:32.0494 2504  BDESVC - ok
15:31:32.0497 2504  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:31:32.0521 2504  Beep - ok
15:31:32.0531 2504  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
15:31:32.0563 2504  BFE - ok
15:31:32.0572 2504  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
15:31:32.0608 2504  BITS - ok
15:31:32.0611 2504  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:32.0620 2504  blbdrive - ok
15:31:32.0623 2504  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:31:32.0649 2504  bowser - ok
15:31:32.0651 2504  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:31:32.0662 2504  BrFiltLo - ok
15:31:32.0664 2504  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:31:32.0675 2504  BrFiltUp - ok
15:31:32.0678 2504  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
15:31:32.0705 2504  Browser - ok
15:31:32.0709 2504  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:31:32.0721 2504  Brserid - ok
15:31:32.0724 2504  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:32.0735 2504  BrSerWdm - ok
15:31:32.0737 2504  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:32.0748 2504  BrUsbMdm - ok
15:31:32.0750 2504  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:32.0760 2504  BrUsbSer - ok
15:31:32.0762 2504  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:31:32.0774 2504  BthEnum - ok
15:31:32.0776 2504  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:31:32.0788 2504  BTHMODEM - ok
15:31:32.0791 2504  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:31:32.0803 2504  BthPan - ok
15:31:32.0810 2504  [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:31:32.0827 2504  BTHPORT - ok
15:31:32.0830 2504  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:31:32.0855 2504  bthserv - ok
15:31:32.0859 2504  [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:31:32.0865 2504  BTHSSecurityMgr - ok
15:31:32.0868 2504  [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:31:32.0879 2504  BTHUSB - ok
15:31:32.0883 2504  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:31:32.0908 2504  cdfs - ok
15:31:32.0912 2504  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:31:32.0922 2504  cdrom - ok
15:31:32.0925 2504  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:31:32.0951 2504  CertPropSvc - ok
15:31:32.0954 2504  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:31:32.0965 2504  circlass - ok
15:31:32.0970 2504  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:31:32.0981 2504  CLFS - ok
15:31:32.0984 2504  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:32.0990 2504  clr_optimization_v2.0.50727_32 - ok
15:31:32.0993 2504  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:32.0999 2504  clr_optimization_v2.0.50727_64 - ok
15:31:33.0005 2504  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:33.0012 2504  clr_optimization_v4.0.30319_32 - ok
15:31:33.0015 2504  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:33.0022 2504  clr_optimization_v4.0.30319_64 - ok
15:31:33.0024 2504  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:33.0042 2504  CmBatt - ok
15:31:33.0044 2504  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
15:31:33.0051 2504  cmdide - ok
15:31:33.0057 2504  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:31:33.0074 2504  CNG - ok
15:31:33.0076 2504  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:31:33.0082 2504  Compbatt - ok
15:31:33.0085 2504  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:31:33.0096 2504  CompositeBus - ok
15:31:33.0098 2504  COMSysApp - ok
15:31:33.0104 2504  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:31:33.0114 2504  cphs - ok
15:31:33.0117 2504  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:31:33.0123 2504  crcdisk - ok
15:31:33.0128 2504  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:31:33.0156 2504  CryptSvc - ok
15:31:33.0163 2504  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
15:31:33.0181 2504  CSC - ok
15:31:33.0189 2504  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
15:31:33.0205 2504  CscService - ok
15:31:33.0213 2504  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:31:33.0245 2504  DcomLaunch - ok
15:31:33.0250 2504  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:31:33.0278 2504  defragsvc - ok
15:31:33.0281 2504  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:31:33.0307 2504  DfsC - ok
15:31:33.0312 2504  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:31:33.0328 2504  Dhcp - ok
15:31:33.0331 2504  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:31:33.0356 2504  discache - ok
15:31:33.0358 2504  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:31:33.0365 2504  Disk - ok
15:31:33.0369 2504  [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:31:33.0396 2504  Dnscache - ok
15:31:33.0401 2504  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
15:31:33.0428 2504  dot3svc - ok
15:31:33.0432 2504  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
15:31:33.0459 2504  DPS - ok
15:31:33.0462 2504  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:31:33.0471 2504  drmkaud - ok
15:31:33.0481 2504  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:31:33.0517 2504  DXGKrnl - ok
15:31:33.0520 2504  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:31:33.0547 2504  EapHost - ok
15:31:33.0573 2504  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:31:33.0615 2504  ebdrv - ok
15:31:33.0618 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
15:31:33.0629 2504  EFS - ok
15:31:33.0637 2504  [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:31:33.0652 2504  ehRecvr - ok
15:31:33.0655 2504  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:31:33.0665 2504  ehSched - ok
15:31:33.0673 2504  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:31:33.0686 2504  elxstor - ok
15:31:33.0688 2504  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
15:31:33.0697 2504  ErrDev - ok
15:31:33.0702 2504  [ F37415F77CDD8AFD4F611BC125764C9E ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:31:33.0709 2504  ETD - ok
15:31:33.0716 2504  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:31:33.0745 2504  EventSystem - ok
15:31:33.0753 2504  [ 52AE29A233832E0C704FD7FC534AF9FB ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:31:33.0765 2504  EvtEng - ok
15:31:33.0769 2504  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:31:33.0796 2504  exfat - ok
15:31:33.0800 2504  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:31:33.0827 2504  fastfat - ok
15:31:33.0835 2504  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
15:31:33.0851 2504  Fax - ok
15:31:33.0853 2504  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:31:33.0863 2504  fdc - ok
15:31:33.0865 2504  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:31:33.0890 2504  fdPHost - ok
15:31:33.0893 2504  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:31:33.0917 2504  FDResPub - ok
15:31:33.0920 2504  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:31:33.0927 2504  FileInfo - ok
15:31:33.0929 2504  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:31:33.0954 2504  Filetrace - ok
15:31:33.0956 2504  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:33.0965 2504  flpydisk - ok
15:31:33.0970 2504  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:31:33.0979 2504  FltMgr - ok
15:31:33.0991 2504  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
15:31:34.0028 2504  FontCache - ok
15:31:34.0031 2504  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:34.0036 2504  FontCache3.0.0.0 - ok
15:31:34.0039 2504  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:31:34.0045 2504  FsDepends - ok
15:31:34.0048 2504  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:31:34.0054 2504  Fs_Rec - ok
15:31:34.0058 2504  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:31:34.0069 2504  fvevol - ok
15:31:34.0072 2504  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:31:34.0079 2504  gagp30kx - ok
15:31:34.0089 2504  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
15:31:34.0110 2504  gpsvc - ok
15:31:34.0112 2504  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:31:34.0121 2504  hcw85cir - ok
15:31:34.0127 2504  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:31:34.0141 2504  HdAudAddService - ok
15:31:34.0144 2504  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:34.0156 2504  HDAudBus - ok
15:31:34.0158 2504  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:31:34.0168 2504  HidBatt - ok
15:31:34.0171 2504  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:31:34.0183 2504  HidBth - ok
15:31:34.0185 2504  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:31:34.0197 2504  HidIr - ok
15:31:34.0199 2504  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:31:34.0224 2504  hidserv - ok
15:31:34.0227 2504  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:31:34.0236 2504  HidUsb - ok
15:31:34.0239 2504  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:31:34.0265 2504  hkmsvc - ok
15:31:34.0269 2504  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:31:34.0281 2504  HomeGroupListener - ok
15:31:34.0285 2504  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:31:34.0297 2504  HomeGroupProvider - ok
15:31:34.0300 2504  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
15:31:34.0307 2504  HpSAMD - ok
15:31:34.0315 2504  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:31:34.0347 2504  HTTP - ok
15:31:34.0350 2504  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:31:34.0356 2504  hwpolicy - ok
15:31:34.0359 2504  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:34.0369 2504  i8042prt - ok
15:31:34.0376 2504  [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:31:34.0388 2504  iaStor - ok
15:31:34.0396 2504  [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
15:31:34.0408 2504  iaStorA - ok
15:31:34.0415 2504  [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:31:34.0420 2504  IAStorDataMgrSvc - ok
15:31:34.0422 2504  [ 711241EA1BA9DB44F34D03D2AD00ED08 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
15:31:34.0427 2504  iaStorF - ok
15:31:34.0433 2504  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
15:31:34.0445 2504  iaStorV - ok
15:31:34.0455 2504  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:34.0472 2504  idsvc - ok
15:31:34.0475 2504  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:31:34.0481 2504  iirsp - ok
15:31:34.0491 2504  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
15:31:34.0525 2504  IKEEXT - ok
15:31:34.0531 2504  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:31:34.0543 2504  IntcDAud - ok
15:31:34.0551 2504  [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:31:34.0564 2504  Intel(R) Capability Licensing Service Interface - ok
15:31:34.0567 2504  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
15:31:34.0573 2504  intelide - ok
15:31:34.0666 2504  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
15:31:34.0830 2504  intelkmd - ok
15:31:34.0835 2504  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:31:34.0844 2504  intelppm - ok
15:31:34.0847 2504  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:31:34.0872 2504  IPBusEnum - ok
15:31:34.0875 2504  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:34.0901 2504  IpFilterDriver - ok
15:31:34.0908 2504  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:31:34.0939 2504  iphlpsvc - ok
15:31:34.0942 2504  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:31:34.0951 2504  IPMIDRV - ok
15:31:34.0954 2504  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:31:34.0980 2504  IPNAT - ok
15:31:34.0983 2504  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:31:34.0994 2504  IRENUM - ok
15:31:34.0997 2504  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
15:31:35.0003 2504  isapnp - ok
15:31:35.0007 2504  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:35.0016 2504  iScsiPrt - ok
15:31:35.0019 2504  [ 7A4D015FF432645C55C162DADAEA143E ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:31:35.0024 2504  iusb3hcs - ok
15:31:35.0030 2504  [ 5D6164479F6F900ACD287FDC6935532E ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:31:35.0038 2504  iusb3hub - ok
15:31:35.0048 2504  [ 9F5687C7EFA906E4F33586D393F7C257 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:31:35.0061 2504  iusb3xhc - ok
15:31:35.0065 2504  [ D22982C269775BCBDDA8A0F82A9ADE9E ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:31:35.0072 2504  jhi_service - ok
15:31:35.0075 2504  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:35.0081 2504  kbdclass - ok
15:31:35.0084 2504  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:35.0093 2504  kbdhid - ok
15:31:35.0095 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
15:31:35.0105 2504  KeyIso - ok
15:31:35.0108 2504  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:31:35.0115 2504  KSecDD - ok
15:31:35.0118 2504  [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:31:35.0125 2504  KSecPkg - ok
15:31:35.0128 2504  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:31:35.0152 2504  ksthunk - ok
15:31:35.0158 2504  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:31:35.0187 2504  KtmRm - ok
15:31:35.0192 2504  [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:31:35.0220 2504  LanmanServer - ok
15:31:35.0223 2504  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:35.0251 2504  LanmanWorkstation - ok
15:31:35.0255 2504  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:31:35.0280 2504  lltdio - ok
15:31:35.0285 2504  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:31:35.0313 2504  lltdsvc - ok
15:31:35.0316 2504  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:31:35.0341 2504  lmhosts - ok
15:31:35.0346 2504  [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:31:35.0354 2504  LMS - ok
15:31:35.0358 2504  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:31:35.0366 2504  LSI_FC - ok
15:31:35.0369 2504  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:31:35.0376 2504  LSI_SAS - ok
15:31:35.0379 2504  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:31:35.0386 2504  LSI_SAS2 - ok
15:31:35.0390 2504  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:31:35.0398 2504  LSI_SCSI - ok
15:31:35.0401 2504  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:31:35.0426 2504  luafv - ok
15:31:35.0430 2504  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:31:35.0441 2504  Mcx2Svc - ok
15:31:35.0444 2504  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:31:35.0450 2504  megasas - ok
15:31:35.0455 2504  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:31:35.0465 2504  MegaSR - ok
15:31:35.0468 2504  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:31:35.0474 2504  MEIx64 - ok
15:31:35.0476 2504  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:31:35.0503 2504  MMCSS - ok
15:31:35.0506 2504  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:31:35.0531 2504  Modem - ok
15:31:35.0533 2504  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:31:35.0544 2504  monitor - ok
15:31:35.0547 2504  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:31:35.0553 2504  mouclass - ok
15:31:35.0555 2504  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:31:35.0564 2504  mouhid - ok
15:31:35.0568 2504  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:31:35.0575 2504  mountmgr - ok
15:31:35.0578 2504  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:31:35.0587 2504  MozillaMaintenance - ok
15:31:35.0591 2504  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
15:31:35.0600 2504  mpio - ok
15:31:35.0603 2504  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:31:35.0628 2504  mpsdrv - ok
15:31:35.0638 2504  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:31:35.0673 2504  MpsSvc - ok
15:31:35.0677 2504  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:31:35.0690 2504  MRxDAV - ok
15:31:35.0694 2504  [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:35.0719 2504  mrxsmb - ok
15:31:35.0724 2504  [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:35.0751 2504  mrxsmb10 - ok
15:31:35.0754 2504  [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:35.0779 2504  mrxsmb20 - ok
15:31:35.0782 2504  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
15:31:35.0788 2504  msahci - ok
15:31:35.0792 2504  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
15:31:35.0800 2504  msdsm - ok
15:31:35.0804 2504  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:31:35.0815 2504  MSDTC - ok
15:31:35.0820 2504  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:31:35.0844 2504  Msfs - ok
15:31:35.0847 2504  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:31:35.0871 2504  mshidkmdf - ok
15:31:35.0873 2504  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
15:31:35.0880 2504  msisadrv - ok
15:31:35.0883 2504  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:31:35.0910 2504  MSiSCSI - ok
15:31:35.0913 2504  msiserver - ok
15:31:35.0915 2504  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:31:35.0939 2504  MSKSSRV - ok
15:31:35.0942 2504  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:35.0966 2504  MSPCLOCK - ok
15:31:35.0969 2504  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:31:35.0993 2504  MSPQM - ok
15:31:35.0998 2504  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:31:36.0008 2504  MsRPC - ok
15:31:36.0012 2504  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:36.0018 2504  mssmbios - ok
15:31:36.0021 2504  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:31:36.0046 2504  MSTEE - ok
15:31:36.0048 2504  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:31:36.0057 2504  MTConfig - ok
15:31:36.0060 2504  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:31:36.0067 2504  Mup - ok
15:31:36.0072 2504  [ 4D02A9A4AAE43280D8631F232AAD79BC ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:31:36.0081 2504  MyWiFiDHCPDNS - ok
15:31:36.0087 2504  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
15:31:36.0118 2504  napagent - ok
15:31:36.0123 2504  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:31:36.0138 2504  NativeWifiP - ok
15:31:36.0148 2504  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:31:36.0167 2504  NDIS - ok
15:31:36.0170 2504  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:36.0195 2504  NdisCap - ok
15:31:36.0197 2504  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:36.0221 2504  NdisTapi - ok
15:31:36.0223 2504  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:36.0248 2504  Ndisuio - ok
15:31:36.0251 2504  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:36.0277 2504  NdisWan - ok
15:31:36.0280 2504  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:31:36.0304 2504  NDProxy - ok
15:31:36.0307 2504  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:31:36.0331 2504  NetBIOS - ok
15:31:36.0335 2504  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:31:36.0363 2504  NetBT - ok
15:31:36.0365 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
15:31:36.0375 2504  Netlogon - ok
15:31:36.0381 2504  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:31:36.0410 2504  Netman - ok
15:31:36.0413 2504  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0421 2504  NetMsmqActivator - ok
15:31:36.0423 2504  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0430 2504  NetPipeActivator - ok
15:31:36.0436 2504  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:31:36.0467 2504  netprofm - ok
15:31:36.0477 2504  [ 618C55B392238B9467F9113E13525C49 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
15:31:36.0497 2504  netr28ux - ok
15:31:36.0500 2504  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0506 2504  NetTcpActivator - ok
15:31:36.0508 2504  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0515 2504  NetTcpPortSharing - ok
15:31:36.0597 2504  [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
15:31:36.0717 2504  NETwNs64 - ok
15:31:36.0722 2504  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:31:36.0728 2504  nfrd960 - ok
15:31:36.0734 2504  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:31:36.0762 2504  NlaSvc - ok
15:31:36.0765 2504  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:31:36.0790 2504  Npfs - ok
15:31:36.0792 2504  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:31:36.0819 2504  nsi - ok
15:31:36.0821 2504  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:31:36.0846 2504  nsiproxy - ok
15:31:36.0861 2504  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:31:36.0889 2504  Ntfs - ok
15:31:36.0891 2504  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:31:36.0916 2504  Null - ok
15:31:36.0920 2504  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
15:31:36.0928 2504  nvraid - ok
15:31:36.0931 2504  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
15:31:36.0939 2504  nvstor - ok
15:31:36.0942 2504  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
15:31:36.0950 2504  nv_agp - ok
15:31:36.0953 2504  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:31:36.0962 2504  ohci1394 - ok
15:31:36.0966 2504  [ A2FF28F46E52911D4B7A32EBA5AE64BB ] OpenVPNService  C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe
15:31:36.0970 2504  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
15:31:36.0970 2504  OpenVPNService - detected UnsignedFile.Multi.Generic (1)
15:31:36.0974 2504  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:36.0983 2504  ose64 - ok
15:31:37.0021 2504  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:31:37.0091 2504  osppsvc - ok
15:31:37.0099 2504  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:31:37.0111 2504  p2pimsvc - ok
15:31:37.0117 2504  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:31:37.0131 2504  p2psvc - ok
15:31:37.0134 2504  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:31:37.0143 2504  Parport - ok
15:31:37.0146 2504  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:31:37.0152 2504  partmgr - ok
15:31:37.0156 2504  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:31:37.0171 2504  PcaSvc - ok
15:31:37.0175 2504  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
15:31:37.0183 2504  pci - ok
15:31:37.0185 2504  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
15:31:37.0191 2504  pciide - ok
15:31:37.0195 2504  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:31:37.0204 2504  pcmcia - ok
15:31:37.0207 2504  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:31:37.0214 2504  pcw - ok
15:31:37.0221 2504  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:31:37.0252 2504  PEAUTH - ok
15:31:37.0264 2504  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:31:37.0288 2504  PeerDistSvc - ok
15:31:37.0298 2504  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:31:37.0310 2504  PerfHost - ok
15:31:37.0326 2504  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
15:31:37.0367 2504  pla - ok
15:31:37.0373 2504  [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:31:37.0403 2504  PlugPlay - ok
15:31:37.0406 2504  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:31:37.0416 2504  PNRPAutoReg - ok
15:31:37.0420 2504  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:31:37.0432 2504  PNRPsvc - ok
15:31:37.0439 2504  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:31:37.0469 2504  PolicyAgent - ok
15:31:37.0474 2504  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:31:37.0502 2504  Power - ok
15:31:37.0506 2504  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:31:37.0531 2504  PptpMiniport - ok
15:31:37.0534 2504  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:31:37.0543 2504  Processor - ok
15:31:37.0548 2504  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:31:37.0576 2504  ProfSvc - ok
15:31:37.0578 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:37.0588 2504  ProtectedStorage - ok
15:31:37.0592 2504  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:31:37.0617 2504  Psched - ok
15:31:37.0632 2504  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:31:37.0658 2504  ql2300 - ok
15:31:37.0661 2504  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:31:37.0669 2504  ql40xx - ok
15:31:37.0674 2504  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:31:37.0689 2504  QWAVE - ok
15:31:37.0692 2504  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:31:37.0705 2504  QWAVEdrv - ok
15:31:37.0707 2504  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:31:37.0731 2504  RasAcd - ok
15:31:37.0734 2504  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:31:37.0758 2504  RasAgileVpn - ok
15:31:37.0761 2504  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:31:37.0788 2504  RasAuto - ok
15:31:37.0791 2504  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:37.0816 2504  Rasl2tp - ok
15:31:37.0822 2504  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
15:31:37.0852 2504  RasMan - ok
15:31:37.0855 2504  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:37.0880 2504  RasPppoe - ok
15:31:37.0883 2504  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:31:37.0909 2504  RasSstp - ok
15:31:37.0914 2504  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:31:37.0941 2504  rdbss - ok
15:31:37.0944 2504  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:31:37.0955 2504  rdpbus - ok
15:31:37.0958 2504  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:37.0982 2504  RDPCDD - ok
15:31:37.0987 2504  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:31:37.0997 2504  RDPDR - ok
15:31:38.0000 2504  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:31:38.0024 2504  RDPENCDD - ok
15:31:38.0027 2504  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:31:38.0051 2504  RDPREFMP - ok
15:31:38.0055 2504  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:31:38.0083 2504  RDPWD - ok
15:31:38.0087 2504  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:31:38.0096 2504  rdyboost - ok
15:31:38.0100 2504  [ C480D028012881E0136962A49379688D ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:31:38.0107 2504  RegSrvc - ok
15:31:38.0110 2504  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:31:38.0136 2504  RemoteAccess - ok
15:31:38.0140 2504  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:31:38.0168 2504  RemoteRegistry - ok
15:31:38.0172 2504  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:38.0184 2504  RFCOMM - ok
15:31:38.0187 2504  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:31:38.0215 2504  RpcEptMapper - ok
15:31:38.0217 2504  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:31:38.0227 2504  RpcLocator - ok
15:31:38.0234 2504  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
15:31:38.0264 2504  RpcSs - ok
15:31:38.0267 2504  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:31:38.0292 2504  rspndr - ok
15:31:38.0301 2504  [ C5CD940EFFADE1F6246730BCA14E9FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:31:38.0314 2504  RTL8167 - ok
15:31:38.0317 2504  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
15:31:38.0325 2504  s3cap - ok
15:31:38.0328 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
15:31:38.0337 2504  SamSs - ok
15:31:38.0341 2504  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\Sandra.sys
15:31:38.0347 2504  SANDRA - ok
15:31:38.0349 2504  [ B00311766F85D9E988C8630158D0904B ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe
15:31:38.0354 2504  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
15:31:38.0354 2504  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
15:31:38.0357 2504  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
15:31:38.0365 2504  sbp2port - ok
15:31:38.0369 2504  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:31:38.0396 2504  SCardSvr - ok
15:31:38.0399 2504  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:31:38.0423 2504  scfilter - ok
15:31:38.0434 2504  [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule        C:\Windows\system32\schedsvc.dll
15:31:38.0472 2504  Schedule - ok
15:31:38.0475 2504  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:31:38.0500 2504  SCPolicySvc - ok
15:31:38.0504 2504  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:31:38.0515 2504  SDRSVC - ok
15:31:38.0518 2504  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:31:38.0542 2504  secdrv - ok
15:31:38.0544 2504  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
15:31:38.0570 2504  seclogon - ok
15:31:38.0573 2504  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:31:38.0600 2504  SENS - ok
15:31:38.0602 2504  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:31:38.0613 2504  SensrSvc - ok
15:31:38.0615 2504  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:31:38.0623 2504  Serenum - ok
15:31:38.0626 2504  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:31:38.0636 2504  Serial - ok
15:31:38.0638 2504  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:31:38.0647 2504  sermouse - ok
15:31:38.0653 2504  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
15:31:38.0681 2504  SessionEnv - ok
15:31:38.0683 2504  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:31:38.0694 2504  sffdisk - ok
15:31:38.0696 2504  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:31:38.0707 2504  sffp_mmc - ok
15:31:38.0710 2504  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:31:38.0721 2504  sffp_sd - ok
15:31:38.0723 2504  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:31:38.0732 2504  sfloppy - ok
15:31:38.0737 2504  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:31:38.0766 2504  SharedAccess - ok
15:31:38.0772 2504  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:31:38.0789 2504  ShellHWDetection - ok
15:31:38.0792 2504  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:31:38.0799 2504  SiSRaid2 - ok
15:31:38.0801 2504  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:31:38.0809 2504  SiSRaid4 - ok
15:31:38.0812 2504  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:31:38.0838 2504  Smb - ok
15:31:38.0843 2504  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:31:38.0854 2504  SNMPTRAP - ok
15:31:38.0856 2504  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:31:38.0862 2504  spldr - ok
15:31:38.0869 2504  [ 89E8550C5862999FCF482EA562B0E98E ] Spooler         C:\Windows\System32\spoolsv.exe
15:31:38.0885 2504  Spooler - ok
15:31:38.0913 2504  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:31:38.0958 2504  sppsvc - ok
15:31:38.0962 2504  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:31:38.0988 2504  sppuinotify - ok
15:31:38.0994 2504  [ EC8F67289105BF270498095F14963464 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:31:39.0021 2504  srv - ok
15:31:39.0027 2504  [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:31:39.0055 2504  srv2 - ok
15:31:39.0059 2504  [ 26E84D3649019C3244622E654DFCD75B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:31:39.0085 2504  srvnet - ok
15:31:39.0089 2504  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:31:39.0117 2504  SSDPSRV - ok
15:31:39.0120 2504  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:31:39.0146 2504  SstpSvc - ok
15:31:39.0149 2504  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:31:39.0155 2504  stexstor - ok
15:31:39.0162 2504  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
15:31:39.0181 2504  stisvc - ok
15:31:39.0184 2504  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
15:31:39.0190 2504  storflt - ok
15:31:39.0193 2504  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
15:31:39.0199 2504  storvsc - ok
15:31:39.0201 2504  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:31:39.0207 2504  swenum - ok
15:31:39.0214 2504  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:31:39.0245 2504  swprv - ok
15:31:39.0260 2504  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
15:31:39.0293 2504  SysMain - ok
15:31:39.0296 2504  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:31:39.0311 2504  TabletInputService - ok
15:31:39.0314 2504  [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
15:31:39.0321 2504  tap0901 - ok
15:31:39.0327 2504  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:31:39.0356 2504  TapiSrv - ok
15:31:39.0359 2504  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:31:39.0385 2504  TBS - ok
15:31:39.0402 2504  [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:31:39.0433 2504  Tcpip - ok
15:31:39.0449 2504  [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:31:39.0475 2504  TCPIP6 - ok
15:31:39.0478 2504  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:31:39.0503 2504  tcpipreg - ok
15:31:39.0506 2504  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:31:39.0531 2504  TDPIPE - ok
15:31:39.0533 2504  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:31:39.0558 2504  TDTCP - ok
15:31:39.0561 2504  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:31:39.0587 2504  tdx - ok
15:31:39.0615 2504  [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
15:31:39.0658 2504  TeamViewer8 - ok
15:31:39.0661 2504  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:31:39.0668 2504  TermDD - ok
15:31:39.0677 2504  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
15:31:39.0710 2504  TermService - ok
15:31:39.0713 2504  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:31:39.0727 2504  Themes - ok
15:31:39.0729 2504  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:31:39.0754 2504  THREADORDER - ok
15:31:39.0757 2504  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:31:39.0785 2504  TrkWks - ok
15:31:39.0789 2504  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:31:39.0799 2504  TrustedInstaller - ok
15:31:39.0803 2504  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:39.0828 2504  tssecsrv - ok
15:31:39.0831 2504  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:31:39.0858 2504  tunnel - ok
15:31:39.0860 2504  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
15:31:39.0866 2504  TurboB - ok
15:31:39.0870 2504  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:31:39.0876 2504  TurboBoost - ok
15:31:39.0879 2504  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:31:39.0886 2504  uagp35 - ok
15:31:39.0891 2504  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:31:39.0919 2504  udfs - ok
15:31:39.0924 2504  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:31:39.0936 2504  UI0Detect - ok
15:31:39.0939 2504  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
15:31:39.0946 2504  uliagpkx - ok
15:31:39.0948 2504  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:31:39.0958 2504  umbus - ok
15:31:39.0960 2504  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:31:39.0970 2504  UmPass - ok
15:31:39.0974 2504  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:31:39.0986 2504  UmRdpService - ok
15:31:39.0992 2504  [ 0DFC9713D117B349E41A2A477448107A ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:31:40.0002 2504  UNS - ok
15:31:40.0008 2504  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:31:40.0038 2504  upnphost - ok
15:31:40.0041 2504  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:40.0051 2504  usbccgp - ok
15:31:40.0054 2504  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
15:31:40.0066 2504  usbcir - ok
15:31:40.0068 2504  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:31:40.0078 2504  usbehci - ok
15:31:40.0083 2504  [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:31:40.0096 2504  usbhub - ok
15:31:40.0099 2504  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:31:40.0108 2504  usbohci - ok
15:31:40.0110 2504  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:31:40.0122 2504  usbprint - ok
15:31:40.0125 2504  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:40.0134 2504  USBSTOR - ok
15:31:40.0137 2504  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:31:40.0146 2504  usbuhci - ok
15:31:40.0150 2504  [ D501E12614B00A3252073101D6A1A74B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:31:40.0162 2504  usbvideo - ok
15:31:40.0165 2504  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:31:40.0191 2504  UxSms - ok
15:31:40.0193 2504  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
15:31:40.0203 2504  VaultSvc - ok
15:31:40.0206 2504  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
15:31:40.0213 2504  vdrvroot - ok
15:31:40.0219 2504  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
15:31:40.0235 2504  vds - ok
15:31:40.0238 2504  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:40.0249 2504  vga - ok
15:31:40.0252 2504  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:31:40.0277 2504  VgaSave - ok
15:31:40.0281 2504  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
15:31:40.0290 2504  vhdmp - ok
15:31:40.0292 2504  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
15:31:40.0299 2504  viaide - ok
15:31:40.0303 2504  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
15:31:40.0312 2504  vmbus - ok
15:31:40.0314 2504  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
15:31:40.0323 2504  VMBusHID - ok
15:31:40.0327 2504  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
15:31:40.0334 2504  volmgr - ok
15:31:40.0339 2504  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:31:40.0349 2504  volmgrx - ok
15:31:40.0354 2504  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
15:31:40.0365 2504  volsnap - ok
15:31:40.0368 2504  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:31:40.0376 2504  vsmraid - ok
15:31:40.0391 2504  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
15:31:40.0419 2504  VSS - ok
15:31:40.0422 2504  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:31:40.0433 2504  vwifibus - ok
15:31:40.0436 2504  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:31:40.0448 2504  vwififlt - ok
15:31:40.0450 2504  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:31:40.0461 2504  vwifimp - ok
15:31:40.0467 2504  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:31:40.0497 2504  W32Time - ok
15:31:40.0501 2504  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:31:40.0510 2504  WacomPen - ok
15:31:40.0513 2504  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:31:40.0538 2504  WANARP - ok
15:31:40.0541 2504  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:31:40.0565 2504  Wanarpv6 - ok
15:31:40.0579 2504  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
15:31:40.0605 2504  wbengine - ok
15:31:40.0609 2504  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:31:40.0625 2504  WbioSrvc - ok
15:31:40.0631 2504  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:31:40.0649 2504  wcncsvc - ok
15:31:40.0651 2504  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:31:40.0662 2504  WcsPlugInService - ok
15:31:40.0665 2504  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:31:40.0672 2504  Wd - ok
15:31:40.0679 2504  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:31:40.0694 2504  Wdf01000 - ok
15:31:40.0697 2504  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:31:40.0712 2504  WdiServiceHost - ok
15:31:40.0714 2504  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:31:40.0729 2504  WdiSystemHost - ok
15:31:40.0733 2504  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
15:31:40.0749 2504  WebClient - ok
15:31:40.0754 2504  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:31:40.0783 2504  Wecsvc - ok
15:31:40.0786 2504  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:31:40.0813 2504  wercplsupport - ok
15:31:40.0817 2504  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:31:40.0844 2504  WerSvc - ok
15:31:40.0847 2504  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:31:40.0871 2504  WfpLwf - ok
15:31:40.0874 2504  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:31:40.0880 2504  WIMMount - ok
15:31:40.0882 2504  WinDefend - ok
15:31:40.0886 2504  WinHttpAutoProxySvc - ok
15:31:40.0894 2504  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:31:40.0920 2504  Winmgmt - ok
15:31:40.0938 2504  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:31:40.0987 2504  WinRM - ok
15:31:40.0992 2504  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:31:41.0003 2504  WinUsb - ok
15:31:41.0014 2504  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:31:41.0036 2504  Wlansvc - ok
15:31:41.0039 2504  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:41.0048 2504  WmiAcpi - ok
15:31:41.0053 2504  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:31:41.0064 2504  wmiApSrv - ok
15:31:41.0067 2504  WMPNetworkSvc - ok
15:31:41.0070 2504  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:31:41.0080 2504  WPCSvc - ok
15:31:41.0083 2504  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:31:41.0096 2504  WPDBusEnum - ok
15:31:41.0099 2504  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:31:41.0124 2504  ws2ifsl - ok
15:31:41.0127 2504  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:31:41.0142 2504  wscsvc - ok
15:31:41.0144 2504  WSearch - ok
15:31:41.0166 2504  [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:31:41.0217 2504  wuauserv - ok
15:31:41.0221 2504  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:31:41.0246 2504  WudfPf - ok
15:31:41.0249 2504  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:41.0276 2504  WUDFRd - ok
15:31:41.0279 2504  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:31:41.0307 2504  wudfsvc - ok
15:31:41.0312 2504  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:31:41.0328 2504  WwanSvc - ok
15:31:41.0352 2504  [ 118C018DF1C53B94F8C06D2CABBBDA52 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:31:41.0390 2504  ZeroConfigService - ok
15:31:41.0399 2504  ================ Scan global ===============================
15:31:41.0401 2504  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:31:41.0406 2504  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:31:41.0413 2504  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:31:41.0418 2504  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:31:41.0424 2504  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:31:41.0428 2504  [Global] - ok
15:31:41.0429 2504  ================ Scan MBR ==================================
15:31:41.0430 2504  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:31:41.0506 2504  \Device\Harddisk0\DR0 - ok
15:31:41.0506 2504  ================ Scan VBR ==================================
15:31:41.0508 2504  [ 175FE97A0E25D6719FEDF43103783AF9 ] \Device\Harddisk0\DR0\Partition1
15:31:41.0509 2504  \Device\Harddisk0\DR0\Partition1 - ok
15:31:41.0509 2504  ============================================================
15:31:41.0509 2504  Scan finished
15:31:41.0509 2504  ============================================================
15:31:41.0514 3884  Detected object count: 2
15:31:41.0514 3884  Actual detected object count: 2
15:31:53.0439 3884  OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
15:31:53.0439 3884  OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:31:53.0440 3884  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:31:53.0440 3884  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:32:31.0396 5416  Deinitialize success
         


Alt 13.05.2013, 14:39   #6
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> GVU Win7 64 Bit

Alt 13.05.2013, 17:57   #7
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Code:
ATTFilter
ComboFix 13-05-12.01 - Patrick 13.05.2013  18:45:21.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.8094.6031 [GMT 2:00]
ausgeführt von:: c:\users\Patrick\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-13 bis 2013-05-13  ))))))))))))))))))))))))))))))
.
.
2013-05-13 16:48 . 2013-05-13 16:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-13 11:57 . 2013-05-13 12:04	--------	d-----w-	C:\_OTL
2013-05-13 10:54 . 2013-05-13 10:58	--------	d-----w-	C:\sata
2013-05-08 03:38 . 2013-05-08 03:38	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{06193A66-B976-4018-9CA0-C24C2B27AE86}\offreg.dll
2013-04-30 13:26 . 2013-04-30 13:26	--------	d-----w-	c:\program files (x86)\FH-Aachen OpenVPN
2013-04-25 09:23 . 2013-04-25 09:23	--------	d--h--w-	c:\programdata\CanonBJ
2013-04-25 09:23 . 2009-07-14 01:40	84992	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2013-04-21 20:21 . 2013-04-21 20:21	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-04-21 19:29 . 2013-04-21 19:29	--------	d-----w-	c:\program files (x86)\Stellar Phoenix Word Recovery
2013-04-21 19:25 . 2013-04-21 19:25	--------	d-----w-	C:\TokensBackup
2013-04-21 19:13 . 2013-04-21 19:13	--------	d-----w-	c:\program files (x86)\Remo Repair Word 2.0
2013-04-21 19:01 . 2013-04-21 19:01	--------	d-----w-	c:\program files (x86)\TeamViewer
2013-04-16 20:49 . 2013-04-16 20:49	--------	d-----w-	c:\program files (x86)\TeamSpeak 3 Client
2013-04-16 10:14 . 2013-04-16 10:14	--------	d-----w-	c:\programdata\Blizzard Entertainment
2013-04-16 10:13 . 2013-04-16 10:13	--------	d-----w-	c:\programdata\ATI
2013-04-16 10:12 . 2013-04-16 10:12	0	----a-w-	c:\windows\ativpsrm.bin
2013-04-16 10:12 . 2013-04-16 10:12	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2013-04-16 10:12 . 2013-04-16 10:12	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-04-16 10:12 . 2013-04-16 10:12	--------	d-----w-	c:\program files (x86)\AMD APP
2013-04-16 10:12 . 2013-04-16 10:12	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2013-04-16 10:11 . 2013-04-16 10:12	--------	d-----w-	c:\program files (x86)\ATI Technologies
2013-04-16 10:11 . 2013-04-16 10:11	--------	d-----w-	c:\program files\ATI
2013-04-16 10:11 . 2013-04-16 10:12	--------	d-----w-	c:\program files\ATI Technologies
2013-04-16 08:40 . 2013-04-16 08:41	--------	d-----w-	c:\program files (x86)\Common Files\Intel Corporation
2013-04-16 08:37 . 2012-05-17 09:46	53248	----a-w-	c:\windows\SysWow64\CSVer.dll
2013-04-16 08:34 . 2012-11-19 10:10	652344	----a-w-	c:\windows\system32\drivers\iaStorA.sys
2013-04-16 08:34 . 2012-11-19 10:10	28216	----a-w-	c:\windows\system32\drivers\iaStorF.sys
2013-04-16 08:22 . 2012-02-01 14:16	568600	----a-w-	c:\windows\system32\drivers\iaStor.sys
2013-04-16 08:18 . 2013-04-16 08:18	--------	d-----w-	c:\program files (x86)\Common Files\Intel
2013-04-16 08:17 . 2011-12-06 03:23	331264	----a-w-	c:\windows\system32\drivers\IntcDAud.sys
2013-04-16 08:17 . 2011-12-06 03:22	14848	----a-w-	c:\windows\system32\IntcDAuC.dll
2013-04-15 22:22 . 2013-04-15 22:22	--------	d--h--w-	c:\windows\system32\WLANProfiles
2013-04-15 22:22 . 2013-04-15 22:22	--------	d-----w-	c:\users\Public\Roaming
2013-04-15 22:22 . 2013-04-15 22:22	--------	d-----w-	c:\users\Default\Roaming
2013-04-15 22:21 . 2013-04-16 08:18	--------	d-----w-	c:\program files\Common Files\Intel
2013-04-15 22:21 . 2013-04-15 22:21	--------	d-----w-	c:\program files (x86)\Cisco
2013-04-15 22:11 . 2013-04-15 22:11	--------	d-----w-	c:\program files (x86)\SystemRequirementsLab
2013-04-15 22:11 . 2013-04-15 22:11	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-04-15 22:11 . 2013-04-15 22:11	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-04-15 22:11 . 2013-04-15 22:11	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-04-15 22:11 . 2013-04-15 22:11	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-15 22:11 . 2013-04-15 22:11	--------	d-----w-	c:\program files (x86)\Java
2013-04-15 21:58 . 2009-11-25 19:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2013-04-15 21:58 . 2009-11-25 19:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2013-04-15 21:58 . 2009-11-25 19:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2013-04-15 21:58 . 2009-11-25 19:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2013-04-15 21:58 . 2009-11-25 19:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2013-04-15 21:58 . 2009-11-25 19:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2013-04-15 21:58 . 2009-11-25 19:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2013-04-15 21:58 . 2009-11-25 19:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2013-04-15 21:58 . 2009-11-25 19:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2013-04-15 21:58 . 2009-11-25 19:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2013-04-15 21:56 . 2008-05-30 12:11	4991496	----a-w-	c:\windows\system32\D3DX9_38.dll
2013-04-15 21:54 . 2012-03-09 18:41	74344	----a-w-	c:\windows\system32\RtNicProp64.dll
2013-04-15 21:54 . 2012-03-09 18:41	685160	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2013-04-15 21:54 . 2012-03-09 18:41	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2013-04-15 21:54 . 2013-04-15 21:54	--------	d-----w-	c:\program files (x86)\Realtek
2013-04-15 21:51 . 2013-04-15 21:51	--------	d-----w-	c:\program files\SiSoftware
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\program files\Common Files\DESIGNER
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\program files\Microsoft.NET
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\program files\Microsoft SQL Server
2013-04-15 21:42 . 2013-04-15 21:42	--------	d-----w-	c:\windows\PCHEALTH
2013-04-15 21:39 . 2013-04-15 21:39	--------	d-----w-	c:\program files\Microsoft Analysis Services
2013-04-15 21:39 . 2013-04-15 21:39	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-04-15 21:39 . 2013-04-15 21:42	--------	d-----w-	c:\program files\Microsoft Office
2013-04-15 21:39 . 2013-04-15 21:43	--------	d-----w-	c:\programdata\Microsoft Help
2013-04-15 21:39 . 2013-04-15 21:39	--------	d-----r-	C:\MSOCache
2013-04-15 21:37 . 2012-01-21 01:23	15128	----a-w-	c:\windows\system32\drivers\IntelMEFWVer.dll
2013-04-15 21:37 . 2013-04-16 10:13	--------	d-----w-	c:\programdata\Intel
2013-04-15 21:36 . 2013-04-15 21:36	--------	d-----w-	c:\program files (x86)\Common Files\postureAgent
2013-04-15 21:36 . 2011-11-10 15:04	60184	----a-w-	c:\windows\system32\drivers\HECIx64.sys
2013-04-15 21:34 . 2013-04-15 21:36	--------	d-----w-	C:\Vorformat
2013-04-15 21:33 . 2013-04-15 22:22	--------	d-----w-	c:\program files\Intel
2013-04-15 21:33 . 2013-04-16 08:22	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2013-04-15 21:31 . 2013-04-15 21:31	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-15 21:31 . 2013-04-15 21:31	691592	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-15 21:31 . 2013-04-15 21:31	--------	d-----w-	c:\windows\SysWow64\Macromed
2013-04-15 21:31 . 2013-04-15 21:31	--------	d-----w-	c:\windows\system32\Macromed
2013-04-15 21:28 . 2013-04-15 21:51	--------	d-----w-	C:\temp
2013-04-15 21:20 . 2013-03-06 22:33	70992	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-04-15 21:20 . 2013-03-06 22:33	68920	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-04-15 21:20 . 2013-03-06 22:33	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-04-15 21:20 . 2013-03-06 22:33	377920	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-04-15 21:20 . 2013-03-06 22:33	178624	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-04-15 21:20 . 2013-03-06 22:33	1025808	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-04-15 21:20 . 2013-03-06 22:33	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-04-15 21:20 . 2013-03-06 22:33	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-04-15 21:20 . 2013-03-06 22:32	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-04-15 21:20 . 2013-03-06 22:32	41664	----a-w-	c:\windows\avastSS.scr
2013-04-15 21:20 . 2013-04-15 21:20	--------	d-----w-	c:\program files\AVAST Software
2013-04-15 21:19 . 2013-04-15 21:20	--------	d-----w-	c:\programdata\AVAST Software
2013-04-15 21:10 . 2013-03-19 03:50	9311288	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{06193A66-B976-4018-9CA0-C24C2B27AE86}\mpengine.dll
2013-04-15 20:59 . 2013-04-15 20:59	--------	d-----w-	c:\program files\Dell
2013-04-15 20:58 . 2013-04-15 20:58	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-04-15 20:55 . 2013-04-15 20:55	--------	d-----w-	c:\program files\WinRAR
2013-04-15 20:54 . 2013-04-15 20:54	--------	d-----w-	C:\Intel
2013-04-15 20:53 . 2013-04-15 20:53	--------	d-----w-	c:\program files\Elantech
2013-04-15 20:53 . 2013-01-09 14:49	211280	----a-w-	c:\windows\system32\drivers\ETD.sys
2013-04-15 20:53 . 2013-04-16 10:12	--------	d-----w-	c:\program files (x86)\Intel
2013-04-15 20:53 . 2012-12-04 15:50	41984	----a-w-	c:\windows\system32\drivers\USB3Ver.dll
2013-04-15 20:53 . 2012-12-04 15:51	791608	----a-w-	c:\windows\system32\drivers\iusb3xhc.sys
2013-04-15 20:53 . 2012-12-04 15:51	20024	----a-w-	c:\windows\system32\drivers\iusb3hcs.sys
2013-04-15 20:53 . 2012-12-04 15:51	358456	----a-w-	c:\windows\system32\drivers\iusb3hub.sys
2013-04-15 20:53 . 2009-07-14 23:51	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2013-04-15 20:53 . 2013-04-15 21:40	--------	d-----w-	c:\programdata\Dell
2013-04-15 20:52 . 2013-04-15 21:29	--------	d-----w-	C:\Dell Driver
2013-04-15 20:46 . 2013-04-15 19:49	--------	d-----w-	c:\windows\Panther
2013-04-15 20:46 . 2013-04-15 20:46	--------	d-----w-	C:\Boot
2013-04-15 20:32 . 2013-04-21 20:21	--------	d-sh--w-	c:\windows\Installer
2013-04-15 20:32 . 2013-04-15 20:32	--------	d-----w-	C:\Dell
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Patrick\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-12-21 291280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-26 636032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
c:\users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-4-10 27151288]
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 aswVmm;aswVmm; [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe [2009-03-27 71832]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-19 32896]
S0 aswRvrt;aswRvrt; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-11-19 652344]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-11-19 28216]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 20024]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-25 235520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-01-21 161560]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-21 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-03-29 2669840]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys [2013-01-09 211280]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-19 14745600]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 358456]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 791608]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-03-09 685160]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 20484541
*Deregistered* - 20484541
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-15 21:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2013-01-09 2774864]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.10.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\cezli77n.default\
FF - ExtSQL: 2013-04-15 23:20; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AmazonMP3DownloaderHelper - c:\users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-13  18:49:58
ComboFix-quarantined-files.txt  2013-05-13 16:49
.
Vor Suchlauf: 15 Verzeichnis(se), 165.725.724.672 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 165.232.914.432 Bytes frei
.
- - End Of File - - 421DD02EE71BFC6E98F637C05E920930
         

Alt 13.05.2013, 18:04   #8
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.05.2013, 19:09   #9
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.13.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Patrick :: PATRICK-PC [Administrator]

Schutz: Aktiviert

13.05.2013 19:53:52
mbam-log-2013-05-13 (19-53-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 318056
Laufzeit: 11 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\_OTL\MovedFiles.zip (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\05132013_135723\C_Users\Patrick\AppData\Roaming\skype.dat (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 13.05.2013, 19:10   #10
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.05.2013, 19:24   #11
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.04.2013 6,00 MB 11.7.700.169
Adobe Reader XI (11.0.02) - Deutsch Adobe Systems Incorporated 21.04.2013 133 MB 11.0.02
Akamai NetSession Interface Akamai Technologies, Inc 15.04.2013 unbekannt
Amazon MP3-Downloader 1.0.18 Amazon Services LLC 09.05.2013 1.0.18
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 16.04.2013 26,2 MB 3.0.868.0
avast! Free Antivirus AVAST Software 15.04.2013 8.0.1483.0
Bing Bar Microsoft Corporation 17.04.2013 464 KB 7.1.391.0 unnötig
CCleaner Piriform 23.04.2013 4.01
Dell Touchpad ELAN Microelectronic Corp. 15.04.2013 11.3.5.4
Dropbox Dropbox, Inc. 16.04.2013 2.0.6
FH-Aachen OpenVPN 2.2.0 30.04.2013 2.2.0
Intel(R) Control Center Intel Corporation 16.04.2013 1.2.1.1007
Intel(R) Display Audio Driver Intel Corporation 16.04.2013 6.14.00.3090
Intel(R) Management Engine Components Intel Corporation 15.04.2013 8.0.1.1399
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel Corporation 16.04.2013 5,30 MB 15.1.0.0096
Intel(R) Rapid Storage Technology Intel Corporation 16.04.2013 11.7.0.1013
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 15.04.2013 1.0.7.248
Intel® PROSet/Wireless WiFi-Software Intel Corporation 16.04.2013 181 MB 15.01.1000.0927
Intel® Trusted Connect Service Client Intel Corporation 15.04.2013 10,6 MB 1.23.219.2
Java 7 Update 17 Oracle 16.04.2013 129 MB 7.0.170
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 13.05.2013 19,2 MB 1.75.0.1300
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.04.2013 38,8 MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 16.04.2013 2,93 MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 16.04.2013 51,9 MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 16.04.2013 10,6 MB 4.0.30319
Microsoft Office Professional Plus 2013 Microsoft Corporation 15.04.2013 15.0.4420.1017
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.04.2013 708 KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.04.2013 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.04.2013 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.04.2013 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 13,6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 11,0 MB 10.0.30319
Mozilla Firefox 20.0.1 (x86 de) Mozilla 15.04.2013 44,7 MB 20.0.1
Mozilla Maintenance Service Mozilla 15.04.2013 217 KB 20.0.1 unbekannt
Quickset64 Dell Inc. 15.04.2013 10,7 MB 10.15.017
Realtek Ethernet Controller All-In-One Windows Driver Realtek 15.04.2013 7.54.309.2012
Remo Repair Word Remo Software 21.04.2013 19,9 MB 2.0.0.24 unbekannt
SiSoftware Sandra Lite 2013.SP3 SiSoftware 15.04.2013 98,6 MB 19.40.2013.5
Skype™ 6.3 Skype Technologies S.A. 13.05.2013 20,9 MB 6.3.107
Stellar Phoenix Word Recovery Stellar Information Systems Ltd. 21.04.2013 11,9 MB 4.1.0.0 unnötig
System Requirements Lab for Intel Husdawg, LLC 16.04.2013 1,02 MB 4.5.13.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 16.04.2013 3.0.10
TeamViewer 8 TeamViewer 21.04.2013 8.0.17396
WinRAR 4.20 (64-Bit) win.rar GmbH 15.04.2013 4.20.0
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 15.04.2013 13,2 MB 2.1.23.0



rest ist wohl nötig

Alt 13.05.2013, 19:34   #12
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



welcher "rest" da ist nich mal die Hälfte beschriftet :-(
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.05.2013, 19:40   #13
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



Hupsala Da ist wohl was schief gegangen

Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.04.2013 6,00 MB 11.7.700.169 nötig
Adobe Reader XI (11.0.02) - Deutsch Adobe Systems Incorporated 21.04.2013 133 MB 11.0.02 nötig
Akamai NetSession Interface Akamai Technologies, Inc 15.04.2013 unbekannt
Amazon MP3-Downloader 1.0.18 Amazon Services LLC 09.05.2013 1.0.18 //nicht zwingend
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 16.04.2013 26,2 MB 3.0.868.0 nötig
avast! Free Antivirus AVAST Software 15.04.2013 8.0.1483.0 nötig
Bing Bar Microsoft Corporation 17.04.2013 464 KB 7.1.391.0 unnötig
CCleaner Piriform 23.04.2013 4.01 nötig
Dell Touchpad ELAN Microelectronic Corp. 15.04.2013 11.3.5.4 nötig
Dropbox Dropbox, Inc. 16.04.2013 2.0.6 nötig
FH-Aachen OpenVPN 2.2.0 30.04.2013 2.2.0 nötig
Intel(R) Control Center Intel Corporation 16.04.2013 1.2.1.1007 nötig
Intel(R) Display Audio Driver Intel Corporation 16.04.2013 6.14.00.3090 nötig
Intel(R) Management Engine Components Intel Corporation 15.04.2013 8.0.1.1399 unbekannt
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel Corporation 16.04.2013 5,30 MB 15.1.0.0096 nötig
Intel(R) Rapid Storage Technology Intel Corporation 16.04.2013 11.7.0.1013 nötig
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 15.04.2013 1.0.7.248 nötig
Intel® PROSet/Wireless WiFi-Software Intel Corporation 16.04.2013 181 MB 15.01.1000.0927 nötig
Intel® Trusted Connect Service Client Intel Corporation 15.04.2013 10,6 MB 1.23.219.2 unbekannt
Java 7 Update 17 Oracle 16.04.2013 129 MB 7.0.170 nötig
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 13.05.2013 19,2 MB 1.75.0.1300 nötig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.04.2013 38,8 MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 16.04.2013 2,93 MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 16.04.2013 51,9 MB 4.0.30319 unbekannt
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 16.04.2013 10,6 MB 4.0.30319 // Net Framework 4 --- denk ich nötig für einige programme
Microsoft Office Professional Plus 2013 Microsoft Corporation 15.04.2013 15.0.4420.1017 nötig
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.04.2013 708 KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.04.2013 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.04.2013 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.04.2013 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 13,6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 11,0 MB 10.0.30319 /// Visual kram denk ich nötig? Aber eher unbekannt
Mozilla Firefox 20.0.1 (x86 de) Mozilla 15.04.2013 44,7 MB 20.0.1 nötig
Mozilla Maintenance Service Mozilla 15.04.2013 217 KB 20.0.1 unbekannt
Quickset64 Dell Inc. 15.04.2013 10,7 MB 10.15.017 nötig
Realtek Ethernet Controller All-In-One Windows Driver Realtek 15.04.2013 7.54.309.2012 nötig
Remo Repair Word Remo Software 21.04.2013 19,9 MB 2.0.0.24 unbekannt
SiSoftware Sandra Lite 2013.SP3 SiSoftware 15.04.2013 98,6 MB 19.40.2013.5 nötig
Skype™ 6.3 Skype Technologies S.A. 13.05.2013 20,9 MB 6.3.107 nötig
Stellar Phoenix Word Recovery Stellar Information Systems Ltd. 21.04.2013 11,9 MB 4.1.0.0 unnötig
System Requirements Lab for Intel Husdawg, LLC 16.04.2013 1,02 MB 4.5.13.0 unbekannt
TeamSpeak 3 Client TeamSpeak Systems GmbH 16.04.2013 3.0.10 nötig
TeamViewer 8 TeamViewer 21.04.2013 8.0.17396 nötig
WinRAR 4.20 (64-Bit) win.rar GmbH 15.04.2013 4.20.0 nötig
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 15.04.2013 13,2 MB 2.1.23.0 nötig

Alt 13.05.2013, 19:47   #14
markusg
/// Malware-holic
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:

Bing
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Stellar

Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.05.2013, 12:06   #15
paddy2812
 
GVU Win7 64 Bit - Standard

GVU Win7 64 Bit



wird gleich gemacht chef danke

Antwort

Themen zu GVU Win7 64 Bit
adobe, akamai, antivirus, aswrvrt.sys, autorun, avast, bho, bingbar, firefox, flash player, format, helper, igdpmd64.sys, installation, log, logfile, mausklick, mozilla, netzwerk, programme, realtek, registry, scan, senden, software, teamspeak, trojaner, win7 64, windows, windows xp, wscript.exe



Ähnliche Themen: GVU Win7 64 Bit


  1. Win7 Malwareprobleme
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (5)
  2. Div. Bluescreens bei Win7 und Win7-Installation nach durchgeb. Netzteil
    Alles rund um Windows - 24.11.2013 (8)
  3. Win7 32 bit auf 64bit win7 updeaten
    Alles rund um Windows - 08.09.2013 (10)
  4. GVU Trojaner Win7
    Log-Analyse und Auswertung - 18.08.2013 (9)
  5. Gvu/bka 2.12 win7
    Log-Analyse und Auswertung - 30.07.2013 (1)
  6. gvu trojaner auf win7
    Plagegeister aller Art und deren Bekämpfung - 29.06.2013 (21)
  7. Win7 GVU Sperre
    Log-Analyse und Auswertung - 18.02.2013 (10)
  8. GVU Trojaner in Win7
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (3)
  9. Win7 32-bit: GVU 2.07 mit Kamera
    Log-Analyse und Auswertung - 05.11.2012 (45)
  10. GVU Trojaner Win7
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (11)
  11. und noch ein GVU (Win7)
    Log-Analyse und Auswertung - 25.09.2012 (21)
  12. Win7 64-bit GVU 2.07
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (3)
  13. Win7 GVU 2.07 Trojaner
    Plagegeister aller Art und deren Bekämpfung - 15.09.2012 (13)
  14. BKA Trojaner Win7
    Plagegeister aller Art und deren Bekämpfung - 14.09.2012 (17)
  15. Bundestrojahner und WIN7
    Plagegeister aller Art und deren Bekämpfung - 02.08.2012 (3)
  16. Verschlüsselungstrojaner Win7
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (1)
  17. Ist Win7 Starter genau so sicher wie das normale Win7?
    Alles rund um Windows - 28.07.2011 (2)

Zum Thema GVU Win7 64 Bit - Hallo Leute, Ich habe mir leider, wie auch immer, auch den GVU Trojaner eingefangen. System - Win7 64Bit Mein Avast hat kurz Alarm geschlagen, dann war es aber leider schon - GVU Win7 64 Bit...
Archiv
Du betrachtest: GVU Win7 64 Bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.