| |
| |||||||
Antiviren-, Firewall- und andere Schutzprogramme: Firewall lässt sich nicht starten - "Empfohlene Einstellungen"Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
 |
08.09.2013, 20:58
| #1 |
 |  Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Hallo liebe Forumleser, ich habe seit langem das Problem mit meiner Firewall, aber ich fands eigentlich nicht besonders tragisch. Steht zwar schon im Titel, aber nochmals: Ich kann die Firewall nicht starten, bzw. sie sollte es eigentlich automatisch mit jedem Boot. Ich kann keine Option vornehmen. Immer kommt das Gleiche Bild (wird angehängt). Einmal hat mich das Problem wirklich gestört, da es mich daran gehindert hat mit einem Freund im Netzwerk zu spielen, da konnte ich das Problem mit dem Microsoft FixIt Tool reparieren. Allerdings hat das nur bis zum Herunterfahren etwas gebracht. Beim nächsten Start war das Problem erneuterweiße wieder da. Dies habe ich jetzt auch wieder probiert. Und zwar mit den auf meinem Computer schon vorhandenen Versionen 1.1 und 1.2. Eben nocheinmal die neuste Version 4.1. Garnicht gewusst, dass die inzwischen schon soviel gepatcht haben... Anscheinend arbeiten die doch dran? Seltsamerweiße haben aber alle 3 Dateien die gleiche Größe :rolleyes. Anbei schicke ich noch CBS.log, FSS und meine installieren Programme (über CCleaner). Ich hoffe auf Hilfe. Mit freundlichen Grüßen karkmar |
|
08.09.2013, 21:45
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
08.09.2013, 22:06
| #3 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Also was Viren/Trojaner angeht bin ich seit ich Malwarebytes installiert habe clean. Zumindest laut dem Programmchen.
__________________Irgentwie ist gerade ein Wunder geschehen. Ich habe gerade nochmal nachgeschaut, nach der Firewall.. Irgentwie läuft die. Kann es sein, dass der sfc scan das gefixt hat? Trotzdem hier nochmal die logs. Mit freundlichen Grüßen karkmar EDIT: Die Firewall ging übrigens schon bevor ich die Logs gemacht habe. (Ich weiß ja nich, ob Farbar Scan auch irgentwas fixt, aber eben nur zur Information.) EDIT2: Habe eben einen Neustart gemacht, um zu testen, ob die Firewall dann immernoch funktioniert. Und sie scheint zu funktionieren. Also jetzt bin ich echt verblüfft... Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013 Ran by Martin at 2013-09-08 23:01:12 Running from C:\Users\Martin\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 2013 (Version: 2013.0.3392) Adobe AIR (x32 Version: 3.5.0.1060) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4) AMD Accelerated Video Transcoding (Version: 12.10.100.30328) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.911.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.80328.2204) AMD Wireless Display v3.0 (Version: 1.0.0.10) ArchiCrypt Shredder Version 6.0.9.5654 (x32 Version: 6.0.9.5654) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.2.43) Audacity 2.0.2 (x32 Version: 2.0.2) AVG 2013 (Version: 13.0.3222) AVG 2013 (Version: 13.0.3392) AVG PC TuneUp Language Pack (de-DE) (x32 Version: 12.0.4000.108) AVG Security Toolbar (x32 Version: 14.2.0.1) Borland Delphi 6 (x32 Version: 6.0) Canon Easy-WebPrint EX (x32) Canon MG5200 series Benutzerregistrierung (x32) Canon MG5200 series MP Drivers Canon MP Navigator EX 4.0 (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2013.0328.2218.38225) Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225) Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225) Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225) CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225) CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225) CCC Help Czech (x32 Version: 2013.0328.2217.38225) CCC Help Danish (x32 Version: 2013.0328.2217.38225) CCC Help Dutch (x32 Version: 2013.0328.2217.38225) CCC Help English (x32 Version: 2013.0328.2217.38225) CCC Help Finnish (x32 Version: 2013.0328.2217.38225) CCC Help French (x32 Version: 2013.0328.2217.38225) CCC Help German (x32 Version: 2013.0328.2217.38225) CCC Help Greek (x32 Version: 2013.0328.2217.38225) CCC Help Hungarian (x32 Version: 2013.0328.2217.38225) CCC Help Italian (x32 Version: 2013.0328.2217.38225) CCC Help Japanese (x32 Version: 2013.0328.2217.38225) CCC Help Korean (x32 Version: 2013.0328.2217.38225) CCC Help Norwegian (x32 Version: 2013.0328.2217.38225) CCC Help Polish (x32 Version: 2013.0328.2217.38225) CCC Help Portuguese (x32 Version: 2013.0328.2217.38225) CCC Help Russian (x32 Version: 2013.0328.2217.38225) CCC Help Spanish (x32 Version: 2013.0328.2217.38225) CCC Help Swedish (x32 Version: 2013.0328.2217.38225) CCC Help Thai (x32 Version: 2013.0328.2217.38225) CCC Help Turkish (x32 Version: 2013.0328.2217.38225) ccc-utility64 (Version: 2013.0328.2218.38225) CCleaner (Version: 3.24) C-Media PCI Audio Device D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition devolo dLAN Cockpit (x32 Version: 3.2.0.0) devolo dLAN-Konfigurationsassistent (x32 Version: 20.0.0.0) devolo Informer (x32 Version: 28.0.0.0) dLAN Cockpit (x32 Version: 3.2.28) Dropbox (HKCU Version: 2.0.22) FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2) Google Chrome (x32 Version: 29.0.1547.66) Google Earth Plug-in (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) ICQ7.6 (x32 Version: 7.6) Internet Explorer (Enable DEP) Java 7 Update 21 (x32 Version: 7.0.210) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Java(TM) 6 Update 22 (x32 Version: 6.0.220) JavaFX 2.1.1 (x32 Version: 2.1.1) Junk Mail filter update (x32 Version: 15.4.3502.0922) KKND Krossfire (x32) LAME v3.99.3 (for Windows) (x32) Lazarus 1.0.8 (Version: 1.0.8) LogMeIn Hamachi (x32 Version: 2.1.0.294) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Fix it Center (Version: 1.0.0100) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053) Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000) Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Mozilla Maintenance Service (x32 Version: 22.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT Redists (Version: 1.0) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) MyFreeCodec (HKCU) MyPhoneExplorer (x32 Version: 1.8.4) Need For Speed™ World (x32 Version: 1.0.0.1166) Nero 8 (x32 Version: 8.0.182) Notepad++ (x32 Version: 6.2.2) OpenAL (x32) OpenOffice.org 3.3 (x32 Version: 3.3.9567) PDF Settings CS5 (x32 Version: 10.0) PunkBuster Services (x32 Version: 0.993) Remote Control Server (x32 Version: 1.8.0.0) Samsung Kies (x32 Version: 2.6.0.13064_2) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.4.0) Skype™ 6.3 (x32 Version: 6.3.107) Smart Defrag 2 (x32 Version: 2.8) Sweet Home 3D (HKCU) Sweet Home 3D version 3.5 (x32) TeamSpeak 3 Client (Version: 3.0.11.1) TeamViewer 7 (x32 Version: 7.0.15723) TmNationsForever (x32) TuneUp Utilities (x32 Version: 9.0.2000.15) TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.2000.15) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition USB Storage Driver (x32) UxStyle Core Beta (Version: 0.2.1.1) VirtualCloneDrive (x32) Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) VLC media player 2.0.1 (x32 Version: 2.0.1) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinRAR 4.11 (64-Bit) (Version: 4.11.0) XSplit (x32 Version: 1.1.1210.3101) ==================== Restore Points ========================= 10-07-2013 22:42:35 Windows Update 18-07-2013 11:06:28 Geplanter Prüfpunkt 28-07-2013 15:13:05 Geplanter Prüfpunkt 30-07-2013 10:39:52 Installed Samsung Kies 06-08-2013 18:29:40 Geplanter Prüfpunkt 13-08-2013 19:11:01 Geplanter Prüfpunkt 13-08-2013 20:02:18 Windows Update 21-08-2013 16:41:46 Geplanter Prüfpunkt 28-08-2013 20:29:01 Windows Update 31-08-2013 13:12:31 Installed Java 7 Update 25 (64-bit) 02-09-2013 18:07:29 Borland Delphi 6 wird installiert 03-09-2013 14:22:08 Installed Remote Control Server. 08-09-2013 19:33:18 Steam wird entfernt ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {04ABD286-62E2-4F9A-B48F-FA1C908545AE} - System32\Tasks\{C517C1EC-D5FD-4D53-B02C-0606AF65D825} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {1D911498-357F-4F4C-91A1-2CED39EFEE60} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation) Task: {27254F99-F164-48A6-9EED-68D25AE0006E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe Task: {28A409A1-E2B9-4842-990F-D04AEB3CB4E1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2693577240-4054724306-2718763821-1000Core => C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {2BA5B85D-ECEB-4DF3-9E57-926A73C2CA53} - System32\Tasks\{BF2817CC-4EFE-4E13-8D6D-11F9EEE56626} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {2D37590C-873C-49C3-B0A4-173F56DCEC4A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) Task: {2DEA377D-FC4D-448F-96F8-5BFB4455897C} - System32\Tasks\{9312A50F-5E5F-4E03-880D-C4760896C5EC} => C:\Users\Martin\Desktop\anno\1602.EXE [2006-02-04] (MAX DESIGN) Task: {31E9BC3E-91D7-4EBA-9010-4A2C4E4A7D68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09] (Google Inc.) Task: {35A6C710-5F86-4C35-8C08-11D145F6BB01} - System32\Tasks\{729B9950-E6AF-4BE8-8859-BAAD11DAA1CC} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {3DB6B7D8-60CB-4451-A2E6-F78E90DC213F} - System32\Tasks\{54C6E214-EED4-4146-A1FF-E4A98AFB5497} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {43E6F094-0595-4A52-8EF3-1A6FA204B3FF} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe Task: {5E7238C2-AC3E-45F0-BDDA-C1F997911552} - System32\Tasks\{FCB99D6B-C4A0-44F0-BD4D-3DD86F32BAC6} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {643DAD22-8F21-4C6D-8F42-168816AAF1FC} - System32\Tasks\{A983C55A-1A7A-42ED-8347-888C47DB2A3B} => C:\Users\Martin\Desktop\anno\1602.EXE [2006-02-04] (MAX DESIGN) Task: {78AE973C-CDE8-4895-BAFB-FF92D1D8A5E9} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Task: {83FD3FB0-CF9C-4226-AA9D-4100C9F5C8E5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2693577240-4054724306-2718763821-1000UA => C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {872E6AC2-4300-41E3-B569-2AFDFE0B2D59} - System32\Tasks\{C6B02DA7-4F1C-40BB-ACD7-E486E5DFCB89} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {894160C9-EEA4-42EA-AFB9-D956A83D2BDD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {8D72C5D6-8923-4FE9-AACA-8A59EAE2C674} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd) Task: {90092AFC-66F1-463D-B626-315F51B4DBCE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {9AF85E11-BCE7-4E86-A6EE-59603CDD39AF} - System32\Tasks\{AF025DCF-3C8F-4C2B-80AC-D7A1A915965F} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {9F89164D-AF14-4BCA-9867-418FCD4106B1} - System32\Tasks\{683FDBB6-20F1-4CC5-B138-6113E1D6837B} => C:\Users\Martin\Desktop\anno\1602.EXE [2006-02-04] (MAX DESIGN) Task: {A2DAA274-8C07-4FCB-AACF-373FB719A07D} - System32\Tasks\Flush DNS => C:\Users\Martin\Desktop\flushdns.bat [2012-07-28] () Task: {AF488799-85E1-4BBD-A2CF-90DAAC44895A} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-30] (IObit) Task: {B09B0CB7-9FA6-459D-A9E0-1E0DA7318FF4} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {BF44FF6F-4E4D-43A6-A76A-0CDFFCD4DE1F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {C87A60C8-E7CF-468C-ACED-EABF21A0BCBF} - System32\Tasks\{D3DF75EC-61ED-4263-A79E-4104D5506FDF} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {CA47E233-1810-4770-A4A6-36AECCE95906} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09] (Google Inc.) Task: {DB9EA821-F4C2-49B8-B281-F56057253195} - System32\Tasks\{70020C86-5F62-42EE-B69E-69F91F16D145} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {E70E1EB2-8BB3-459F-A218-7A99BFF9998C} - System32\Tasks\{C118DB49-F5CE-4B21-A2C0-85FF7BD7879D} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {E7FF8C4A-7CBA-43FD-8F4D-FF5DF4D4E9C3} - System32\Tasks\{5765A5E6-6D2A-4361-B2DD-FBACEDD0DD54} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {F284A250-D334-4FF7-A64B-3A5D7572C464} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit) Task: {F79E509E-F74A-4DFF-86E3-6B4571830DB8} - System32\Tasks\{3A969F19-73BC-4231-BA50-5EBD2C3A8E32} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: {FB8FCE8D-2DCB-486D-908E-505BB371E37B} - System32\Tasks\AdobeAAMUpdater-1.0-Martin-PC-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {FED42CE3-C7E4-4B5A-8E43-5BFFA5135408} - System32\Tasks\{263EFA6D-542E-4D3E-93A6-59D040419892} => C:\Users\Martin\Desktop\Dropbox\GYTE12 Braun\Programm\snake\bgi\EXETOBIN.EXE Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2012-05-12 23:39 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll 2012-08-08 14:13 - 2009-12-14 19:16 - 00107688 _____ (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll 2013-03-20 13:07 - 2013-01-02 12:38 - 00142520 _____ (Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ACShredderShellExt.dll 2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2013-03-28 22:14 - 2013-03-28 22:14 - 00217088 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll 2013-03-28 22:14 - 2013-03-28 22:14 - 00335872 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll 2013-03-28 22:17 - 2013-03-28 22:17 - 00028672 _____ (Advanced Mirco Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll 2013-07-06 09:59 - 2013-06-08 18:14 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll 2013-07-06 09:59 - 2013-06-08 18:14 - 00078656 _____ (IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SDDriverMgr.dll 2013-07-06 09:59 - 2013-05-22 18:49 - 00327040 _____ (IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\taskMgr.dll 2012-05-16 13:46 - 2010-11-20 14:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV 2012-05-12 23:42 - 2009-05-11 09:57 - 08126464 _____ (C-Media Corporation) C:\Windows\Syswow64\CMICNFG3.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Martin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Martin\AppData\Roaming\Dropbox\bin\icudt.dll 2013-02-18 19:46 - 2013-02-18 19:45 - 00156848 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll 2013-07-15 19:16 - 2013-07-15 19:16 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\icudt.dll 2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-09-03 21:07 - 2013-09-02 22:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 00167312 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 00053640 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 00120712 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 01038224 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 01628552 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 00106496 _____ (TODO: <Company name>) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll 2013-07-09 17:43 - 2013-07-09 17:43 - 03341208 _____ (Codejock Software) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll 2012-03-08 18:16 - 2012-03-08 18:16 - 00284512 _____ ( ) C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll 2013-06-14 19:58 - 2013-06-14 19:58 - 00307200 _____ ( MarkAny.) C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\Martin\Documents\Anmeldung bei Schulbanker.eml:OECustomProperty AlternateDataStreams: C:\Users\Martin\Documents\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/08/2013 09:32:51 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: RegCleanPro.exe, Version: 6.21.65.2684, Zeitstempel: 0x51a335d0 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x19a0 Startzeit der fehlerhaften Anwendung: 0xRegCleanPro.exe0 Pfad der fehlerhaften Anwendung: RegCleanPro.exe1 Pfad des fehlerhaften Moduls: RegCleanPro.exe2 Berichtskennung: RegCleanPro.exe3 Error: (09/08/2013 08:31:13 PM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe Files (x86)\RegClean Pro\RegCleanPro.exe"; Beschreibung = RegClean Pro So, Sep 08, 13 20:30; Fehler = 0x80042319). Error: (09/08/2013 05:27:27 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4859a219 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x884 Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0 Pfad der fehlerhaften Anwendung: iw3mp.exe1 Pfad des fehlerhaften Moduls: iw3mp.exe2 Berichtskennung: iw3mp.exe3 Error: (09/08/2013 02:08:41 PM) (Source: Application Hang) (User: ) Description: Programm IEXPLORE.EXE, Version 10.0.9200.16660 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 4fb8 Startzeit: 01ceac8c208497bb Endzeit: 1001 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Berichts-ID: Error: (09/07/2013 11:42:44 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (09/07/2013 11:42:03 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/07/2013 11:42:03 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/07/2013 11:42:01 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/06/2013 03:25:31 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (09/06/2013 03:24:49 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. System errors: ============= Error: (09/08/2013 09:44:34 PM) (Source: Disk) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (09/08/2013 09:44:31 PM) (Source: Disk) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (09/08/2013 09:24:21 PM) (Source: Service Control Manager) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (09/08/2013 09:23:10 PM) (Source: volmgr) (User: ) Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error: (09/08/2013 09:22:22 PM) (Source: Service Control Manager) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (09/08/2013 09:12:11 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (09/08/2013 09:12:09 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (09/08/2013 08:57:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143. Error: (09/08/2013 08:43:47 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (09/08/2013 08:43:45 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Microsoft Office Sessions: ========================= Error: (09/08/2013 09:32:51 PM) (Source: Application Error)(User: ) Description: RegCleanPro.exe6.21.65.268451a335d0unknown0.0.0.000000000c00000050000000019a001ceacca291b17f3C:\Program Files (x86)\RegClean Pro\RegCleanPro.exeunknown72989eb7-18bd-11e3-bc5f-c86000840f03 Error: (09/08/2013 08:31:13 PM) (Source: System Restore)(User: ) Description: C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe Files (x86)\RegClean Pro\RegCleanPro.exe"RegClean Pro So, Sep 08, 13 20:300x80042319 Error: (09/08/2013 05:27:27 PM) (Source: Application Error)(User: ) Description: iw3mp.exe0.0.0.04859a219unknown0.0.0.000000000c00000050000000088401ceaca7c30c7e83C:\Call of Duty 4 - Modern Warfare\iw3mp.exeunknown2adc271f-189b-11e3-8f59-c86000840f03 Error: (09/08/2013 02:08:41 PM) (Source: Application Hang)(User: ) Description: IEXPLORE.EXE10.0.9200.166604fb801ceac8c208497bb1001C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Error: (09/07/2013 11:42:44 AM) (Source: SideBySide)(User: ) Description: Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe Error: (09/07/2013 11:42:03 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe Error: (09/07/2013 11:42:03 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe Error: (09/07/2013 11:42:01 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe Error: (09/06/2013 03:25:31 PM) (Source: SideBySide)(User: ) Description: Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe Error: (09/06/2013 03:24:49 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe CodeIntegrity Errors: =================================== Date: 2013-02-10 15:02:25.006 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 15:02:24.871 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 15:02:24.740 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 15:01:20.400 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 15:01:20.264 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 15:01:20.131 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 14:55:36.806 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0_bcrypt.dll_e2f091ac" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 14:55:36.671 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0_bcrypt.dll_e2f091ac" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 14:55:36.539 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0_bcrypt.dll_e2f091ac" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-10 14:55:33.048 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46_tcpip.sys_3339bd51" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 45% Total physical RAM: 8191.12 MB Available physical RAM: 4425.31 MB Total Pagefile: 16380.42 MB Available Pagefile: 12033.76 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.76 GB) (Free:146.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1A295FB5) Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by Martin (administrator) on MARTIN-PC on 08-09-2013 23:00:09
Running from C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [itype] - c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$07e73616d687fefac2961f6cdff4f650\n. ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner64.exe [5435744 2012-10-24] (Piriform Ltd)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
MountPoints2: {77cb2ec7-e127-11e1-82bb-c86000840f03} - F:\autorun.exe
MountPoints2: {e0e34174-7c36-11e2-b011-c86000840f03} - E:\autorun.exe
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [1151152 2013-02-18] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={6ECAA321-ABC2-41C7-92A3-0C91379742DB}&mid=6b2ae66ff9e14433a89919294660e6f0-56497e0c0721a2eb77ed5468adf7a9f128dcfc5f&lang=de&ds=bm015&pr=sa&d=2013-01-17 18:17:17&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OySMnqQbC&i=26
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default
FF NewTab: google.de
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\searchplugins\dvdvideosofttb-customized-web-search.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\searchplugins\icq.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\searchplugins\rising-gods.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\Extensions\ich@maltegoetz.de
FF Extension: DownloadHelper - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: firebug - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: google - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\Extensions\google@hitachi.com.xpi
FF Extension: No Name - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Extension: (ProxTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Angry Birds) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0
CHR Extension: (Webcam Toy) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0
CHR Extension: (Google Maps) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_1
CHR Extension: (Search Box) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknehpjhljpfaghmicofickbkdagooni\1.0_0
CHR Extension: (Plants vs Zombies) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0
CHR Extension: (AVG Security Toolbar) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx
==================== Services (Whitelisted) =================
R2 ArchiCrypt Sichere Loeschzonen; C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [313408 2012-05-15] (Softwareentwicklung Remus - ArchiCrypt)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-31] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607048 2013-02-09] (TuneUp Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S4 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1154560 2009-05-19] (C-Media Inc)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 athur; system32\DRIVERS\athurx.sys [x]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S3 motandroidusb; System32\Drivers\motoandroid.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 MotDev; system32\DRIVERS\motodrv.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2099-01-13 00:05 - 2013-07-30 22:06 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ICQ
2099-01-13 00:05 - 2012-05-13 11:12 - 00003248 _____ C:\Windows\System32\Tasks\SidebarExecute
2099-01-13 00:04 - 2013-01-02 15:59 - 00000000 ____D C:\Program Files (x86)\AVG
2099-01-13 00:02 - 2099-01-13 00:06 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Mozilla
2099-01-13 00:02 - 2099-01-13 00:02 - 00000000 ____D C:\Users\Martin\AppData\Local\Mozilla
2099-01-13 00:02 - 2099-01-13 00:02 - 00000000 ____D C:\ProgramData\Mozilla
2099-01-13 00:02 - 2013-07-08 11:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2099-01-12 23:58 - 2013-09-08 17:50 - 00000000 ____D C:\ProgramData\MFAData
2099-01-12 23:49 - 2011-03-23 04:20 - 00077936 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys
2099-01-12 23:48 - 2099-01-12 23:48 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2099-01-12 23:48 - 2013-06-10 18:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2099-01-12 23:46 - 2099-01-12 23:46 - 00000000 ____D C:\Program Files (x86)\Intel
2099-01-12 23:46 - 2009-08-18 07:44 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2099-01-12 23:40 - 2013-03-19 19:06 - 00001425 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2099-01-12 23:39 - 2099-01-12 23:39 - 00000020 ___SH C:\Users\Martin\ntuser.ini
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Netzwerkumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Lokale Einstellungen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Eigene Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Druckumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Favoriten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Dokumente
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 __SHD C:\Recovery
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 ____D C:\Users\Martin\AppData\Local\VirtualStore
2099-01-12 23:39 - 2013-07-07 16:56 - 00000000 ____D C:\Users\Martin
2099-01-12 23:39 - 2013-05-16 06:52 - 00000000 ___RD C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2099-01-12 23:39 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2099-01-12 23:39 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2099-01-04 14:40 - 2013-08-16 16:41 - 00000000 ____D C:\Windows\Panther
2099-01-04 14:32 - 2013-03-20 20:07 - 00000000 ____D C:\Windows.old
2013-09-08 23:00 - 2013-09-08 23:00 - 00000000 ____D C:\FRST
2013-09-08 22:59 - 2013-09-08 22:59 - 01948988 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2013-09-08 21:55 - 2013-09-08 21:55 - 00628221 _____ C:\Users\Martin\Desktop\firewall.rar
2013-09-08 21:33 - 2013-09-08 21:33 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-08 21:26 - 2013-09-08 22:43 - 00028915 _____ C:\Windows\WindowsUpdate.log
2013-09-08 21:14 - 2013-09-08 21:14 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-09-08 21:13 - 2013-09-08 21:13 - 04009167 _____ C:\Users\Martin\Downloads\ServicesRepair.exe
2013-09-08 21:13 - 2013-09-08 21:13 - 00358609 _____ (Farbar) C:\Users\Martin\Downloads\FSS.exe
2013-09-08 21:13 - 2013-09-08 21:13 - 00003606 _____ C:\Users\Martin\Downloads\FSS.txt
2013-09-08 20:29 - 2013-09-08 20:29 - 00000000 ____D C:\Users\Martin\AppData\Local\FixItCenter
2013-09-08 20:24 - 2013-09-08 21:33 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Systweak
2013-09-08 20:24 - 2013-09-08 20:24 - 04334752 _____ (Systweak Inc ) C:\Users\Martin\Downloads\rcpsetup_2005.exe
2013-09-08 20:24 - 2013-05-27 16:01 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run (2).exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run (1).exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00000931 _____ C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2013-09-08 20:19 - 2013-09-08 20:19 - 00000000 ____D C:\Windows\MATS
2013-09-08 20:19 - 2013-09-08 20:19 - 00000000 ____D C:\Program Files\Microsoft Fix it Center
2013-09-08 20:18 - 2013-09-08 20:18 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run.exe
2013-09-08 20:06 - 2013-09-08 20:06 - 00347424 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.WindowsFirewall.RNP.139302094345324165.1.2.Run.exe
2013-09-08 20:05 - 2013-09-08 20:05 - 00347424 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.WindowsFirewall.RNP.139302094345324165.1.1.Run.exe
2013-09-08 13:11 - 2013-09-08 13:11 - 00000000 ____D C:\Users\Martin\AppData\Local\{057E767B-F939-4D79-9895-F6E7FE5568C6}
2013-09-07 23:51 - 2013-09-07 23:52 - 00000000 ____D C:\Users\Martin\AppData\Local\{2CDC0001-59ED-411D-8B36-80E6F286B3A5}
2013-09-07 11:51 - 2013-09-07 11:51 - 00000000 ____D C:\Users\Martin\AppData\Local\{53A353CC-E353-44A6-A0FA-624DAA386ABB}
2013-09-06 13:34 - 2013-09-06 13:35 - 00000000 ____D C:\Users\Martin\AppData\Local\{731B3FDE-23E4-4B0E-A0F4-32B163BB942F}
2013-09-05 12:46 - 2013-09-05 12:46 - 00000000 ____D C:\Users\Martin\AppData\Local\{9024CE5E-859E-4C2D-83EE-E69175E27179}
2013-09-04 17:26 - 2013-09-04 15:40 - 00001483 _____ C:\Users\Martin\Desktop\project1.lpr
2013-09-04 17:25 - 2013-09-04 17:25 - 00001367 _____ C:\Users\Martin\Downloads\project1 (1).lpr
2013-09-04 15:40 - 2013-09-04 15:40 - 00000000 ____D C:\Users\Martin\Downloads\backup
2013-09-04 15:30 - 2013-09-04 15:40 - 00001483 _____ C:\Users\Martin\Downloads\project1.lpr
2013-09-04 12:30 - 2013-09-04 12:30 - 00000000 ____D C:\Users\Martin\AppData\Local\{007514C1-CF2F-42F5-AF79-7B06174F2B50}
2013-09-03 21:12 - 2013-09-03 21:12 - 00000000 ____D C:\Users\Martin\AppData\Local\Steppschuh
2013-09-03 16:22 - 2013-09-03 16:22 - 00002009 _____ C:\Users\Public\Desktop\Remote Control Server.lnk
2013-09-03 16:22 - 2013-09-03 16:22 - 00000000 ____D C:\Program Files (x86)\Remote Control Server
2013-09-03 16:21 - 2013-09-03 16:21 - 02364793 _____ (Steppschuh) C:\Users\Martin\Downloads\RemoteControlServerSetup.exe
2013-09-03 13:43 - 2013-09-03 13:54 - 00090867 _____ C:\Users\Martin\Downloads\crt-120.zip
2013-09-03 10:36 - 2013-09-03 10:37 - 00000000 ____D C:\Users\Martin\AppData\Local\{964F2FDA-248A-4C65-8B22-CD5CD246273F}
2013-09-02 23:14 - 2013-09-02 23:14 - 00021648 _____ C:\Users\Martin\Downloads\Summe.7z
2013-09-02 20:10 - 2013-09-02 20:10 - 00000988 _____ C:\Users\Martin\Desktop\Delphi 6.lnk
2013-09-02 20:08 - 2013-09-02 20:08 - 00000000 ____D C:\Program Files (x86)\Borland
2013-09-02 13:26 - 2013-09-02 13:26 - 00000000 ____D C:\Users\Martin\AppData\Local\{A635738E-E27F-400A-8E41-CCA61A5CA0AF}
2013-09-01 17:13 - 2013-09-01 17:17 - 00000000 ____D C:\Users\Martin\Desktop\catalys control center
2013-09-01 10:18 - 2013-09-01 10:18 - 00000000 ____D C:\Users\Martin\AppData\Local\{152C38B8-07A0-441F-B755-504F762C13FD}
2013-08-31 21:23 - 2013-08-31 21:23 - 00000000 ____D C:\Users\Martin\Desktop\Delphi
2013-08-31 15:13 - 2013-08-31 15:13 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-31 15:13 - 2013-08-31 15:13 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-31 15:13 - 2013-08-31 15:13 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-31 15:13 - 2013-08-31 15:13 - 00000000 ____D C:\Program Files\Java
2013-08-31 15:11 - 2013-08-31 15:12 - 33150376 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u25-windows-x64.exe
2013-08-31 14:32 - 2013-08-31 14:32 - 00000000 ____D C:\Users\Martin\AppData\Local\PunkBuster
2013-08-31 14:31 - 2013-09-08 21:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-31 14:31 - 2013-09-08 20:17 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-31 14:30 - 2013-08-31 14:30 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp (2).exe
2013-08-31 10:40 - 2013-08-31 10:40 - 00000000 ____D C:\Users\Martin\AppData\Local\{DFADB0A1-32D5-44E7-94A8-44846909F6EF}
2013-08-30 14:14 - 2013-08-30 14:14 - 00000000 ____D C:\Users\Martin\AppData\Local\{B094C018-61AB-46FF-9F0D-8D7237A14703}
2013-08-29 22:00 - 2013-09-01 13:24 - 00000000 ____D C:\Users\Martin\Desktop\venice beach
2013-08-29 17:30 - 2013-08-29 17:21 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-08-29 17:21 - 2013-08-29 17:21 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp (1).exe
2013-08-29 17:21 - 2013-08-29 17:21 - 02211840 _____ C:\Users\Martin\Downloads\pbsetup.exe
2013-08-29 17:21 - 2013-08-29 17:21 - 00840264 _____ C:\Users\Martin\Downloads\pbsvc.exe
2013-08-29 17:16 - 2013-08-29 17:17 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp.exe
2013-08-29 13:21 - 2013-09-08 21:54 - 00000000 ____D C:\Users\Martin\Desktop\cod
2013-08-29 13:15 - 2013-08-29 13:16 - 00000000 ____D C:\Users\Martin\AppData\Local\{1CEC0CD5-343A-4CDB-915B-00CC9031290C}
2013-08-28 13:52 - 2013-08-28 13:53 - 00000000 ____D C:\Users\Martin\AppData\Local\{493467A8-6CF0-43E7-A29C-B741BCF0E065}
2013-08-27 16:40 - 2013-08-27 16:41 - 00000000 ____D C:\Users\Martin\AppData\Local\{BA0F9FFB-BF1C-4B9C-8625-CE3306D1BCD7}
2013-08-26 10:50 - 2013-08-26 10:51 - 00000000 ____D C:\Users\Martin\AppData\Local\{59308797-0F9B-4ADE-B950-2B77E4E1D1F8}
2013-08-25 11:33 - 2013-08-25 11:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{DD84C793-E896-4CC7-A991-C5FA3D283A86}
2013-08-24 11:00 - 2013-08-24 11:00 - 00000000 ____D C:\Users\Martin\AppData\Local\{86BA38D8-3B89-4973-AC08-62BBD43C371F}
2013-08-23 18:48 - 2013-08-23 18:48 - 00000000 ____D C:\Users\Martin\AppData\Local\{A00EFCBC-3318-4720-ABB1-447CC6B88BCD}
2013-08-22 19:22 - 2013-08-22 19:22 - 00000000 ____D C:\Users\Martin\Desktop\players
2013-08-22 19:18 - 2013-08-22 19:19 - 06343274 _____ C:\Users\Martin\Downloads\Fix.rar
2013-08-22 17:04 - 2013-08-22 17:04 - 00000000 ____D C:\ProgramData\ATI
2013-08-22 17:03 - 2013-08-22 17:03 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-08-22 16:45 - 2013-08-22 16:45 - 00792704 _____ (AMD) C:\Users\Martin\Downloads\amddriverdownloader (1).exe
2013-08-22 16:37 - 2013-08-22 16:37 - 00262398 _____ C:\Users\Martin\Documents\ts3_clientui-win64-1375773286-2013-08-22 16_37_39.474090.dmp
2013-08-22 16:34 - 2013-08-22 16:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{8552DFAB-77D1-4606-8D1D-5C1D7F072584}
2013-08-21 16:41 - 2013-08-29 22:23 - 00015587 _____ C:\Users\Martin\Desktop\stundenplan.ods
2013-08-21 13:44 - 2013-08-21 13:45 - 00000000 ____D C:\Users\Martin\AppData\Local\{B575DB12-5FCD-4911-B63E-8221DB56D123}
2013-08-20 16:34 - 2013-08-20 16:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{97CF40E1-47F0-4EB3-A898-C6C8B419BD2A}
2013-08-19 23:10 - 2013-08-19 23:11 - 00000000 ____D C:\Users\Martin\AppData\Local\{3A241B9F-29AC-42B4-8096-63CAC58EDF27}
2013-08-19 12:59 - 2013-08-19 13:00 - 00005247 _____ C:\Users\Martin\Desktop\programmliste.html
2013-08-19 11:59 - 2013-08-19 11:59 - 00000012 _____ C:\Users\Martin\Desktop\breiter.txt
2013-08-19 11:09 - 2013-08-19 11:10 - 00000000 ____D C:\Users\Martin\AppData\Local\{52EA3EDC-1E4A-4166-88A8-854E992E1371}
2013-08-18 23:08 - 2013-08-18 23:09 - 00000000 ____D C:\Users\Martin\AppData\Local\{25C9BC0E-8CB1-4CD5-A08C-F6C51AD5AE31}
2013-08-18 11:08 - 2013-08-18 11:08 - 00000000 ____D C:\Users\Martin\AppData\Local\{F22ECB69-D19D-44DC-9B97-FD7D41F6362B}
2013-08-17 15:37 - 2013-08-17 15:37 - 00000000 ____D C:\Users\Martin\AppData\Local\{F576D108-506E-4317-957A-CFBF03129D6C}
2013-08-16 18:17 - 2013-08-16 18:17 - 00000000 ____D C:\Users\Martin\AppData\Local\{22F3ACFB-E70D-4E55-A441-47A85291F3F9}
2013-08-13 22:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-13 22:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-13 22:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-13 22:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-13 22:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-13 22:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-13 22:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-13 22:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-13 22:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-13 22:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-13 22:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-13 22:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-13 22:08 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-13 22:08 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-13 22:03 - 2013-08-13 22:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-13 20:41 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-13 20:41 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 20:41 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 20:41 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 20:41 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-13 20:41 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-13 20:41 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-13 20:41 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-13 20:41 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-13 20:41 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-13 20:41 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-13 20:41 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-13 20:41 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-13 20:41 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-13 20:41 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-13 20:41 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-13 20:41 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-13 20:41 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-13 20:41 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-13 20:41 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-13 20:41 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-13 20:41 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-13 20:41 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-13 20:41 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-13 20:41 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-13 20:41 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-13 20:41 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 20:34 - 2013-08-13 20:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{D85546F5-B114-4F84-B524-407834B2D4DD}
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment (2)
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment (1)
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment
2013-08-12 12:56 - 2013-08-12 12:56 - 00000000 ____D C:\Users\Martin\AppData\Local\{8C67F221-BC0B-488D-BF7D-6765757B5F37}
2013-08-11 12:22 - 2013-08-11 12:22 - 00000000 ____D C:\Users\Martin\AppData\Local\{16797D61-BA96-4FE4-AF59-AE664C0B90F2}
2013-08-11 00:06 - 2013-08-11 00:07 - 00000000 ____D C:\Users\Martin\AppData\Local\{E835684E-59A3-4FB7-B23B-48B9E54451B4}
2013-08-10 17:08 - 2013-08-10 17:09 - 31048060 _____ C:\Users\Martin\Downloads\Infinite Flight v1.0 apkmania.com.rar
2013-08-10 10:40 - 2013-08-10 10:41 - 00000000 ____D C:\Users\Martin\AppData\Local\{77380083-0669-466A-82C6-B01C2632E641}
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\Users\Martin\AppData\Local\{EBDF9B85-AB05-4E5F-99A6-85F01652A875}
==================== One Month Modified Files and Folders =======
2099-01-13 00:02 - 2099-01-13 00:02 - 00000000 ____D C:\Users\Martin\AppData\Local\Mozilla
2099-01-13 00:02 - 2099-01-13 00:02 - 00000000 ____D C:\ProgramData\Mozilla
2099-01-12 23:48 - 2099-01-12 23:48 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2099-01-12 23:48 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2099-01-12 23:46 - 2099-01-12 23:46 - 00000000 ____D C:\Program Files (x86)\Intel
2099-01-12 23:39 - 2099-01-12 23:39 - 00000020 ___SH C:\Users\Martin\ntuser.ini
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Netzwerkumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Lokale Einstellungen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Eigene Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Druckumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Martin\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Vorlagen
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Startmenü
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Favoriten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Dokumente
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 __SHD C:\Recovery
2099-01-12 23:39 - 2099-01-12 23:39 - 00000000 ____D C:\Users\Martin\AppData\Local\VirtualStore
2099-01-12 23:39 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2099-01-12 23:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2099-01-04 14:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2099-01-04 14:40 - 2011-09-20 05:21 - 00008192 __RSH C:\BOOTSECT.BAK
2099-01-04 14:40 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2099-01-04 14:40 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-09-08 23:00 - 2013-09-08 23:00 - 00000000 ____D C:\FRST
2013-09-08 22:59 - 2013-09-08 22:59 - 01948988 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2013-09-08 22:43 - 2013-09-08 21:26 - 00028915 _____ C:\Windows\WindowsUpdate.log
2013-09-08 22:24 - 2012-10-28 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 22:19 - 2012-05-13 10:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TS3Client
2013-09-08 22:18 - 2011-12-30 18:51 - 00000000 ____D C:\Call of Duty 4 - Modern Warfare
2013-09-08 22:03 - 2012-10-09 17:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-08 22:00 - 2012-05-15 23:03 - 00007662 _____ C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2013-09-08 21:59 - 2013-08-31 14:31 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-08 21:59 - 2012-06-28 15:40 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-08 21:58 - 2012-12-01 13:36 - 00001709 _____ C:\Users\Martin\Desktop\nXs Nuketown.lnk
2013-09-08 21:55 - 2013-09-08 21:55 - 00628221 _____ C:\Users\Martin\Desktop\firewall.rar
2013-09-08 21:54 - 2013-08-29 13:21 - 00000000 ____D C:\Users\Martin\Desktop\cod
2013-09-08 21:34 - 2013-03-24 16:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2013-09-08 21:33 - 2013-09-08 21:33 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-09-08 21:33 - 2013-09-08 20:24 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Systweak
2013-09-08 21:33 - 2012-08-07 00:06 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2013-09-08 21:31 - 2009-07-14 06:45 - 00018016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-08 21:31 - 2009-07-14 06:45 - 00018016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-08 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-09-08 21:24 - 2012-10-09 17:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-08 21:24 - 2012-05-13 20:52 - 00000000 ___RD C:\Users\Martin\Desktop\Dropbox
2013-09-08 21:24 - 2012-05-13 11:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2013-09-08 21:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-08 21:14 - 2013-09-08 21:14 - 00000000 ____D C:\Users\Public\Desktop\CC Support
2013-09-08 21:13 - 2013-09-08 21:13 - 04009167 _____ C:\Users\Martin\Downloads\ServicesRepair.exe
2013-09-08 21:13 - 2013-09-08 21:13 - 00358609 _____ (Farbar) C:\Users\Martin\Downloads\FSS.exe
2013-09-08 21:13 - 2013-09-08 21:13 - 00003606 _____ C:\Users\Martin\Downloads\FSS.txt
2013-09-08 21:08 - 2013-08-02 15:22 - 00000000 ____D C:\Users\Martin\Desktop\S3 Mukke
2013-09-08 20:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-08 20:29 - 2013-09-08 20:29 - 00000000 ____D C:\Users\Martin\AppData\Local\FixItCenter
2013-09-08 20:24 - 2013-09-08 20:24 - 04334752 _____ (Systweak Inc ) C:\Users\Martin\Downloads\rcpsetup_2005.exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run (2).exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run (1).exe
2013-09-08 20:19 - 2013-09-08 20:19 - 00000931 _____ C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2013-09-08 20:19 - 2013-09-08 20:19 - 00000000 ____D C:\Windows\MATS
2013-09-08 20:19 - 2013-09-08 20:19 - 00000000 ____D C:\Program Files\Microsoft Fix it Center
2013-09-08 20:18 - 2013-09-08 20:18 - 00447792 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\FixitCenter_Run.exe
2013-09-08 20:17 - 2013-08-31 14:31 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-08 20:06 - 2013-09-08 20:06 - 00347424 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.WindowsFirewall.RNP.139302094345324165.1.2.Run.exe
2013-09-08 20:05 - 2013-09-08 20:05 - 00347424 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\MicrosoftFixit.WindowsFirewall.RNP.139302094345324165.1.1.Run.exe
2013-09-08 17:50 - 2099-01-12 23:58 - 00000000 ____D C:\ProgramData\MFAData
2013-09-08 13:15 - 2012-05-13 10:50 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2013-09-08 13:11 - 2013-09-08 13:11 - 00000000 ____D C:\Users\Martin\AppData\Local\{057E767B-F939-4D79-9895-F6E7FE5568C6}
2013-09-07 23:52 - 2013-09-07 23:51 - 00000000 ____D C:\Users\Martin\AppData\Local\{2CDC0001-59ED-411D-8B36-80E6F286B3A5}
2013-09-07 11:51 - 2013-09-07 11:51 - 00000000 ____D C:\Users\Martin\AppData\Local\{53A353CC-E353-44A6-A0FA-624DAA386ABB}
2013-09-06 17:23 - 2013-07-07 16:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-06 13:35 - 2013-09-06 13:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{731B3FDE-23E4-4B0E-A0F4-32B163BB942F}
2013-09-05 12:46 - 2013-09-05 12:46 - 00000000 ____D C:\Users\Martin\AppData\Local\{9024CE5E-859E-4C2D-83EE-E69175E27179}
2013-09-04 17:25 - 2013-09-04 17:25 - 00001367 _____ C:\Users\Martin\Downloads\project1 (1).lpr
2013-09-04 15:40 - 2013-09-04 17:26 - 00001483 _____ C:\Users\Martin\Desktop\project1.lpr
2013-09-04 15:40 - 2013-09-04 15:40 - 00000000 ____D C:\Users\Martin\Downloads\backup
2013-09-04 15:40 - 2013-09-04 15:30 - 00001483 _____ C:\Users\Martin\Downloads\project1.lpr
2013-09-04 12:30 - 2013-09-04 12:30 - 00000000 ____D C:\Users\Martin\AppData\Local\{007514C1-CF2F-42F5-AF79-7B06174F2B50}
2013-09-03 21:12 - 2013-09-03 21:12 - 00000000 ____D C:\Users\Martin\AppData\Local\Steppschuh
2013-09-03 16:22 - 2013-09-03 16:22 - 00002009 _____ C:\Users\Public\Desktop\Remote Control Server.lnk
2013-09-03 16:22 - 2013-09-03 16:22 - 00000000 ____D C:\Program Files (x86)\Remote Control Server
2013-09-03 16:21 - 2013-09-03 16:21 - 02364793 _____ (Steppschuh) C:\Users\Martin\Downloads\RemoteControlServerSetup.exe
2013-09-03 16:21 - 2012-05-13 10:18 - 00000000 ____D C:\Users\Martin\AppData\Local\Downloaded Installations
2013-09-03 13:54 - 2013-09-03 13:43 - 00090867 _____ C:\Users\Martin\Downloads\crt-120.zip
2013-09-03 10:37 - 2013-09-03 10:36 - 00000000 ____D C:\Users\Martin\AppData\Local\{964F2FDA-248A-4C65-8B22-CD5CD246273F}
2013-09-02 23:14 - 2013-09-02 23:14 - 00021648 _____ C:\Users\Martin\Downloads\Summe.7z
2013-09-02 20:10 - 2013-09-02 20:10 - 00000988 _____ C:\Users\Martin\Desktop\Delphi 6.lnk
2013-09-02 20:08 - 2013-09-02 20:08 - 00000000 ____D C:\Program Files (x86)\Borland
2013-09-02 13:26 - 2013-09-02 13:26 - 00000000 ____D C:\Users\Martin\AppData\Local\{A635738E-E27F-400A-8E41-CCA61A5CA0AF}
2013-09-01 17:17 - 2013-09-01 17:13 - 00000000 ____D C:\Users\Martin\Desktop\catalys control center
2013-09-01 13:24 - 2013-08-29 22:00 - 00000000 ____D C:\Users\Martin\Desktop\venice beach
2013-09-01 10:18 - 2013-09-01 10:18 - 00000000 ____D C:\Users\Martin\AppData\Local\{152C38B8-07A0-441F-B755-504F762C13FD}
2013-08-31 21:23 - 2013-08-31 21:23 - 00000000 ____D C:\Users\Martin\Desktop\Delphi
2013-08-31 16:00 - 2012-05-13 12:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\.minecraft
2013-08-31 15:13 - 2013-08-31 15:13 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-31 15:13 - 2013-08-31 15:13 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-31 15:13 - 2013-08-31 15:13 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-31 15:13 - 2013-08-31 15:13 - 00000000 ____D C:\Program Files\Java
2013-08-31 15:13 - 2012-06-07 17:28 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-31 15:13 - 2012-06-07 17:28 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-31 15:12 - 2013-08-31 15:11 - 33150376 _____ (Oracle Corporation) C:\Users\Martin\Downloads\jre-7u25-windows-x64.exe
2013-08-31 14:32 - 2013-08-31 14:32 - 00000000 ____D C:\Users\Martin\AppData\Local\PunkBuster
2013-08-31 14:31 - 2012-06-28 15:40 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-31 14:30 - 2013-08-31 14:30 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp (2).exe
2013-08-31 10:40 - 2013-08-31 10:40 - 00000000 ____D C:\Users\Martin\AppData\Local\{DFADB0A1-32D5-44E7-94A8-44846909F6EF}
2013-08-30 14:14 - 2013-08-30 14:14 - 00000000 ____D C:\Users\Martin\AppData\Local\{B094C018-61AB-46FF-9F0D-8D7237A14703}
2013-08-29 22:23 - 2013-08-21 16:41 - 00015587 _____ C:\Users\Martin\Desktop\stundenplan.ods
2013-08-29 22:09 - 2012-06-01 00:45 - 00001456 _____ C:\Users\Martin\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2013-08-29 22:03 - 2012-05-13 00:03 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2013-08-29 17:21 - 2013-08-29 17:30 - 00840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-08-29 17:21 - 2013-08-29 17:21 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp (1).exe
2013-08-29 17:21 - 2013-08-29 17:21 - 02211840 _____ C:\Users\Martin\Downloads\pbsetup.exe
2013-08-29 17:21 - 2013-08-29 17:21 - 00840264 _____ C:\Users\Martin\Downloads\pbsvc.exe
2013-08-29 17:17 - 2013-08-29 17:16 - 03330048 _____ C:\Users\Martin\Downloads\iw3mp.exe
2013-08-29 13:16 - 2013-08-29 13:15 - 00000000 ____D C:\Users\Martin\AppData\Local\{1CEC0CD5-343A-4CDB-915B-00CC9031290C}
2013-08-28 22:29 - 2012-11-22 21:11 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-28 13:53 - 2013-08-28 13:52 - 00000000 ____D C:\Users\Martin\AppData\Local\{493467A8-6CF0-43E7-A29C-B741BCF0E065}
2013-08-27 16:41 - 2013-08-27 16:40 - 00000000 ____D C:\Users\Martin\AppData\Local\{BA0F9FFB-BF1C-4B9C-8625-CE3306D1BCD7}
2013-08-26 10:51 - 2013-08-26 10:50 - 00000000 ____D C:\Users\Martin\AppData\Local\{59308797-0F9B-4ADE-B950-2B77E4E1D1F8}
2013-08-25 11:34 - 2013-08-25 11:33 - 00000000 ____D C:\Users\Martin\AppData\Local\{DD84C793-E896-4CC7-A991-C5FA3D283A86}
2013-08-24 11:00 - 2013-08-24 11:00 - 00000000 ____D C:\Users\Martin\AppData\Local\{86BA38D8-3B89-4973-AC08-62BBD43C371F}
2013-08-23 18:48 - 2013-08-23 18:48 - 00000000 ____D C:\Users\Martin\AppData\Local\{A00EFCBC-3318-4720-ABB1-447CC6B88BCD}
2013-08-22 19:22 - 2013-08-22 19:22 - 00000000 ____D C:\Users\Martin\Desktop\players
2013-08-22 19:19 - 2013-08-22 19:18 - 06343274 _____ C:\Users\Martin\Downloads\Fix.rar
2013-08-22 17:12 - 2012-05-20 11:56 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-08-22 17:04 - 2013-08-22 17:04 - 00000000 ____D C:\ProgramData\ATI
2013-08-22 17:03 - 2013-08-22 17:03 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-08-22 17:03 - 2012-05-13 00:04 - 00000000 ____D C:\ProgramData\AMD
2013-08-22 17:03 - 2012-05-12 23:46 - 00000000 ____D C:\Program Files\ATI Technologies
2013-08-22 16:45 - 2013-08-22 16:45 - 00792704 _____ (AMD) C:\Users\Martin\Downloads\amddriverdownloader (1).exe
2013-08-22 16:37 - 2013-08-22 16:37 - 00262398 _____ C:\Users\Martin\Documents\ts3_clientui-win64-1375773286-2013-08-22 16_37_39.474090.dmp
2013-08-22 16:34 - 2013-08-22 16:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{8552DFAB-77D1-4606-8D1D-5C1D7F072584}
2013-08-21 21:52 - 2012-10-24 18:39 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Audacity
2013-08-21 17:43 - 2012-10-24 18:39 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-21 17:11 - 2013-06-10 17:48 - 00000000 ____D C:\Users\Martin\Desktop\Bushido
2013-08-21 13:45 - 2013-08-21 13:44 - 00000000 ____D C:\Users\Martin\AppData\Local\{B575DB12-5FCD-4911-B63E-8221DB56D123}
2013-08-20 20:24 - 2013-05-14 23:24 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-20 20:24 - 2012-10-28 13:26 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 20:24 - 2012-10-28 13:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 20:24 - 2012-10-28 13:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 16:34 - 2013-08-20 16:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{97CF40E1-47F0-4EB3-A898-C6C8B419BD2A}
2013-08-19 23:11 - 2013-08-19 23:10 - 00000000 ____D C:\Users\Martin\AppData\Local\{3A241B9F-29AC-42B4-8096-63CAC58EDF27}
2013-08-19 13:00 - 2013-08-19 12:59 - 00005247 _____ C:\Users\Martin\Desktop\programmliste.html
2013-08-19 11:59 - 2013-08-19 11:59 - 00000012 _____ C:\Users\Martin\Desktop\breiter.txt
2013-08-19 11:10 - 2013-08-19 11:09 - 00000000 ____D C:\Users\Martin\AppData\Local\{52EA3EDC-1E4A-4166-88A8-854E992E1371}
2013-08-18 23:09 - 2013-08-18 23:08 - 00000000 ____D C:\Users\Martin\AppData\Local\{25C9BC0E-8CB1-4CD5-A08C-F6C51AD5AE31}
2013-08-18 11:08 - 2013-08-18 11:08 - 00000000 ____D C:\Users\Martin\AppData\Local\{F22ECB69-D19D-44DC-9B97-FD7D41F6362B}
2013-08-17 15:37 - 2013-08-17 15:37 - 00000000 ____D C:\Users\Martin\AppData\Local\{F576D108-506E-4317-957A-CFBF03129D6C}
2013-08-16 18:17 - 2013-08-16 18:17 - 00000000 ____D C:\Users\Martin\AppData\Local\{22F3ACFB-E70D-4E55-A441-47A85291F3F9}
2013-08-16 17:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 16:41 - 2099-01-04 14:40 - 00000000 ____D C:\Windows\Panther
2013-08-13 22:06 - 2009-07-14 19:58 - 00764922 _____ C:\Windows\system32\perfh007.dat
2013-08-13 22:06 - 2009-07-14 19:58 - 00171190 _____ C:\Windows\system32\perfc007.dat
2013-08-13 22:06 - 2009-07-14 07:13 - 01802550 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-13 22:04 - 2013-08-13 22:03 - 00000000 ____D C:\Windows\system32\MRT
2013-08-13 22:02 - 2012-07-20 15:07 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 20:34 - 2013-08-13 20:34 - 00000000 ____D C:\Users\Martin\AppData\Local\{D85546F5-B114-4F84-B524-407834B2D4DD}
2013-08-12 14:51 - 2012-06-09 12:27 - 00000000 ____D C:\Users\Martin\Desktop\WoW - AT
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment (2)
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment (1)
2013-08-12 13:03 - 2013-08-12 13:03 - 00650942 _____ C:\Users\Martin\Downloads\message-rfc822-attachment
2013-08-12 12:56 - 2013-08-12 12:56 - 00000000 ____D C:\Users\Martin\AppData\Local\{8C67F221-BC0B-488D-BF7D-6765757B5F37}
2013-08-11 12:22 - 2013-08-11 12:22 - 00000000 ____D C:\Users\Martin\AppData\Local\{16797D61-BA96-4FE4-AF59-AE664C0B90F2}
2013-08-11 00:07 - 2013-08-11 00:06 - 00000000 ____D C:\Users\Martin\AppData\Local\{E835684E-59A3-4FB7-B23B-48B9E54451B4}
2013-08-10 17:09 - 2013-08-10 17:08 - 31048060 _____ C:\Users\Martin\Downloads\Infinite Flight v1.0 apkmania.com.rar
2013-08-10 10:41 - 2013-08-10 10:40 - 00000000 ____D C:\Users\Martin\AppData\Local\{77380083-0669-466A-82C6-B01C2632E641}
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\Users\Martin\AppData\Local\{EBDF9B85-AB05-4E5F-99A6-85F01652A875}
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$07e73616d687fefac2961f6cdff4f650
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$07e73616d687fefac2961f6cdff4f650
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2693577240-4054724306-2718763821-1000\$07e73616d687fefac2961f6cdff4f650
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$07e73616d687fefac2961f6cdff4f650
Files to move or delete:
====================
C:\Users\Martin\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 11:59
==================== End Of Log ============================
--- --- --- --- --- --- Geändert von karkmar (08.09.2013 um 22:13 Uhr) |
|
08.09.2013, 22:14
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen"Zitat:
Lesestoff:Rootkit-Warnung Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.09.2013, 22:20
| #5 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Onlinebanking betreibe ich nicht. Habe allerdings mein Emailkonto über Windowsmail laufen. Damit könnte man ja auch schonmal ne Menge Unfug betreiben. Bis jetzt ist mir aber noch kein Schaden zu Ohren gekommen, also werde ich mit der Bereinigung zufrieden sein. Ich war es ja unwissend schon die ganze Zeit über... EDIT: Ist es eigentlich möglich, dass ich mir den Zero Access durch auf der Festplatte vorhandene Dateien wieder einhole? |
|
08.09.2013, 22:23
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Wir können die Bereinigung probieren, es kann aber sein, dass man bestimmt Fehler nicht wegbekommen kann zB lassen sich bestimmte Updates nicht installieren oder Deinste reaktivieren.
__________________ --> Firewall lässt sich nicht starten - "Empfohlene Einstellungen" |
|
08.09.2013, 22:27
| #7 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Nun, dann fangen wir mit der Bereinigung an. Ich verweise allerdings nochmal auf meinen letzten Edit, der aber zuspät kam. -> Ist es eigentlich möglich, dass ich mir den Zero Access durch auf der Festplatte vorhandene Dateien wieder einhole? Ob ja oder nein, ich möchte es trotzdem erstmal mit der Bereinigung probieren. Ich könnte ja in 2 Wochen nochmal Logs posten um nachzuschauen, ob sich wieder ein ZeroAccess eingeschlichen hat? Gruß EDIT: Ich werde mit der Bereinigung morgen fortfahren. Ich geh jetzt erstmal zu Bett. Trotzdem schonmal VIELEN DANK für die Hilfe und vor allem die sehr schnellen Antworten! |
|
08.09.2013, 22:29
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Also Bereinigung. Ok wollte ja nur ehrlich sein und darauf hinweisen, dass so etwas nicht immer erfolgreich verläuft Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.09.2013, 22:48
| #9 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Ach was solls, hab Combofix halt doch mal eben noch ausgeführt  Ist die Dropbox denn auch infiziert? EDIT: Bin jetzt allerdings aber wirklich weg. Bis morgen dann... Code:
ATTFilter ComboFix 13-09-08.02 - Martin 08.09.2013 23:37:32.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8191.6332 [GMT 2:00]
ausgeführt von:: c:\users\Martin\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SaveByclick
c:\programdata\SaveByClick\50f8330bd0197.tlb
c:\programdata\SaveByclick\settings.ini
c:\windows\IsUn0407.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\networkdlllsp.dll
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-08-08 bis 2013-09-08 ))))))))))))))))))))))))))))))
.
.
2099-01-12 22:05 . 2099-01-12 22:05 -------- d--h--w- c:\programdata\Common Files
2099-01-12 22:04 . 2013-01-02 13:59 -------- d-----w- c:\program files (x86)\AVG
2099-01-12 22:02 . 2013-07-08 09:16 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2099-01-12 21:59 . 2013-09-08 19:36 -------- d-sh--w- c:\windows\Installer
2099-01-12 21:58 . 2013-09-08 15:50 -------- d-----w- c:\programdata\MFAData
2099-01-12 21:49 . 2011-03-23 02:20 77936 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2099-01-12 21:48 . 2099-01-12 21:48 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2099-01-12 21:48 . 2013-06-10 16:16 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2099-01-12 21:46 . 2099-01-12 21:46 -------- d-----w- c:\program files (x86)\Intel
2099-01-12 21:46 . 2009-08-18 05:44 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2099-01-04 12:40 . 2013-08-16 14:41 -------- d-----w- c:\windows\Panther
2099-01-04 12:32 . 2013-03-20 18:07 -------- d-----w- C:\Windows.old
2013-09-08 21:00 . 2013-09-08 21:00 -------- d-----w- C:\FRST
2013-09-08 18:24 . 2013-05-27 14:01 20312 ----a-w- c:\windows\system32\roboot64.exe
2013-09-08 18:19 . 2013-09-08 18:19 -------- d-----w- c:\windows\MATS
2013-09-08 18:19 . 2013-09-08 18:19 -------- d-----w- c:\program files\Microsoft Fix it Center
2013-09-03 14:22 . 2013-09-03 14:22 -------- d-----w- c:\program files (x86)\Remote Control Server
2013-09-02 18:08 . 2013-09-02 18:08 -------- d-----w- c:\program files (x86)\Common Files\Delphi6
2013-09-02 18:08 . 2013-09-02 18:08 -------- d-----w- c:\program files (x86)\Borland
2013-08-31 13:13 . 2013-08-31 13:13 312232 ----a-w- c:\windows\system32\javaws.exe
2013-08-31 13:13 . 2013-08-31 13:13 189352 ----a-w- c:\windows\system32\javaw.exe
2013-08-31 13:13 . 2013-08-31 13:13 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-31 13:13 . 2013-08-31 13:13 -------- d-----w- c:\program files\Java
2013-08-31 12:31 . 2013-09-08 19:59 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-31 12:31 . 2013-09-08 18:17 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-29 15:30 . 2013-08-29 15:21 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-08-22 15:04 . 2013-08-22 15:04 -------- d-----w- c:\programdata\ATI
2013-08-22 15:03 . 2013-08-22 15:03 -------- d-----w- c:\program files (x86)\AMD AVT
2013-08-13 20:03 . 2013-08-13 20:04 -------- d-----w- c:\windows\system32\MRT
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-08 21:10 . 2012-05-30 10:29 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-09-08 19:59 . 2012-06-28 13:40 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-31 13:13 . 2012-06-07 15:28 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-31 13:13 . 2012-06-07 15:28 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-31 12:31 . 2012-06-28 13:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-20 18:24 . 2012-10-28 11:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 18:24 . 2012-10-28 11:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-20 18:24 . 2013-05-14 21:24 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-08-13 20:02 . 2012-07-20 13:07 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-07-09 23:32 . 2013-07-09 23:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-07-09 04:45 . 2013-08-13 18:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-14 17:57 . 2012-05-13 09:03 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2013-06-14 17:56 . 2013-06-14 17:56 330240 ----a-w- c:\windows\MASetupCaller.dll
2013-06-14 17:56 . 2012-05-13 09:03 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 17:45 1929392 ----a-w- c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-18 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2012-10-24 5435744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-18 1151152]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files (x86)\AMD AVT\bin\kdbsync.exe" aml
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
R3 MatSvc;Microsoft Fix it Supportcenter;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
R4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ArchiCrypt Sichere Loeschzonen;ArchiCrypt Shredder - Sichere Löschzonen Hilfsservice;c:\program files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe;c:\program files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - ArchiCryptInjector
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-03 19:04 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-28 18:24]
.
2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 15:57]
.
2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 15:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-05-11 8126464]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"MsmqIntCert"="mqrt.dll" [2010-11-20 247808]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:tabs
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Free YouTube Download - c:\users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\1m26ja9g.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-KKND Krossfire - c:\windows\IsUn0407.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2693577240-4054724306-2718763821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2693577240-4054724306-2718763821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-08 23:46:08
ComboFix-quarantined-files.txt 2013-09-08 21:46
.
Vor Suchlauf: 16 Verzeichnis(se), 157.046.054.912 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 156.939.485.184 Bytes frei
.
- - End Of File - - A4FC5CAD8012C7B2AD8F885F01E030D0
A36C5E4F47E84449FF07ED3517B43A31
|
|
08.09.2013, 22:55
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.09.2013, 12:40
| #11 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Leider hatte ich die letzte Zeit keine Zeit die Bereinigung fortzusetzen. Dies wollte ich jetzt tun. Dabei fällt mir allerdings auf, dass ich doch Malwarebytes schon habe und auch der Scan nichts gefunden hat. Oder ist dieses Programm/Tool etwas anderes? |
|
14.09.2013, 12:46
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Bitte die Anleitungen richtig lesen. Es geht hier nicht um Malwarebytes Anto-Malware sondern um Anti-Rootkit. Und ein Log vom TDSS-Killer hast du auch wohl noch nicht gemacht.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.09.2013, 13:05
| #13 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Ich war ja gerade dabei. EDIT: TDSS-Killer hat 1 Bedrohung gefunden, die ich geskipped habe. Malwarebytes hat nichts gefunden. Malwarebytes Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org
Database version: v2013.09.14.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Martin :: MARTIN-PC [administrator]
14.09.2013 13:41:24
mbar-log-2013-09-14 (13-41-24).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 330378
Time elapsed: 14 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSS-Killer Code:
ATTFilter 14:02:39.0112 4896 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:02:39.0327 4896 ============================================================
14:02:39.0327 4896 Current date / time: 2013/09/14 14:02:39.0327
14:02:39.0327 4896 SystemInfo:
14:02:39.0327 4896
14:02:39.0327 4896 OS Version: 6.1.7601 ServicePack: 1.0
14:02:39.0327 4896 Product type: Workstation
14:02:39.0327 4896 ComputerName: MARTIN-PC
14:02:39.0328 4896 UserName: Martin
14:02:39.0328 4896 Windows directory: C:\Windows
14:02:39.0328 4896 System windows directory: C:\Windows
14:02:39.0328 4896 Running under WOW64
14:02:39.0328 4896 Processor architecture: Intel x64
14:02:39.0328 4896 Number of processors: 4
14:02:39.0328 4896 Page size: 0x1000
14:02:39.0328 4896 Boot type: Normal boot
14:02:39.0328 4896 ============================================================
14:02:40.0513 4896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:02:40.0517 4896 ============================================================
14:02:40.0517 4896 \Device\Harddisk0\DR0:
14:02:40.0518 4896 MBR partitions:
14:02:40.0518 4896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
14:02:40.0518 4896 ============================================================
14:02:40.0528 4896 C: <-> \Device\Harddisk0\DR0\Partition1
14:02:40.0528 4896 ============================================================
14:02:40.0528 4896 Initialize success
14:02:40.0529 4896 ============================================================
14:03:28.0902 1984 ============================================================
14:03:28.0902 1984 Scan started
14:03:28.0902 1984 Mode: Manual; SigCheck; TDLFS;
14:03:28.0902 1984 ============================================================
14:03:29.0790 1984 ================ Scan system memory ========================
14:03:29.0790 1984 System memory - ok
14:03:29.0790 1984 ================ Scan services =============================
14:03:29.0986 1984 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:03:30.0151 1984 1394ohci - ok
14:03:30.0226 1984 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:03:30.0244 1984 ACPI - ok
14:03:30.0271 1984 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:03:30.0347 1984 AcpiPmi - ok
14:03:30.0475 1984 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:03:30.0487 1984 AdobeARMservice - ok
14:03:30.0624 1984 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:03:30.0638 1984 AdobeFlashPlayerUpdateSvc - ok
14:03:30.0687 1984 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:03:30.0709 1984 adp94xx - ok
14:03:30.0722 1984 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:03:30.0740 1984 adpahci - ok
14:03:30.0754 1984 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:03:30.0769 1984 adpu320 - ok
14:03:30.0806 1984 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:03:30.0919 1984 AeLookupSvc - ok
14:03:30.0975 1984 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:03:31.0033 1984 AFD - ok
14:03:31.0063 1984 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:03:31.0076 1984 agp440 - ok
14:03:31.0096 1984 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:03:31.0138 1984 ALG - ok
14:03:31.0165 1984 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:03:31.0178 1984 aliide - ok
14:03:31.0225 1984 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:03:31.0307 1984 AMD External Events Utility - ok
14:03:31.0311 1984 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:03:31.0323 1984 amdide - ok
14:03:31.0344 1984 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:03:31.0389 1984 AmdK8 - ok
14:03:31.0602 1984 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:03:31.0885 1984 amdkmdag - ok
14:03:31.0917 1984 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:03:31.0958 1984 amdkmdap - ok
14:03:31.0980 1984 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:03:32.0012 1984 AmdPPM - ok
14:03:32.0046 1984 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:03:32.0060 1984 amdsata - ok
14:03:32.0091 1984 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:03:32.0107 1984 amdsbs - ok
14:03:32.0125 1984 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:03:32.0137 1984 amdxata - ok
14:03:32.0176 1984 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
14:03:32.0222 1984 androidusb - ok
14:03:32.0372 1984 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
14:03:32.0443 1984 AppHostSvc - ok
14:03:32.0510 1984 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:03:32.0637 1984 AppID - ok
14:03:32.0673 1984 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:03:32.0735 1984 AppIDSvc - ok
14:03:32.0784 1984 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:03:32.0837 1984 Appinfo - ok
14:03:32.0892 1984 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:03:32.0906 1984 arc - ok
14:03:32.0970 1984 [ 57FD55F0C8F08BF715BB7A5DD73A9E60 ] ArchiCrypt Sichere Loeschzonen C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
14:03:32.0988 1984 ArchiCrypt Sichere Loeschzonen - ok
14:03:33.0009 1984 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:03:33.0023 1984 arcsas - ok
14:03:33.0050 1984 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:03:33.0101 1984 AsyncMac - ok
14:03:33.0123 1984 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:03:33.0135 1984 atapi - ok
14:03:33.0159 1984 athur - ok
14:03:33.0203 1984 [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:03:33.0250 1984 AtiHDAudioService - ok
14:03:33.0292 1984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:03:33.0356 1984 AudioEndpointBuilder - ok
14:03:33.0365 1984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:03:33.0405 1984 AudioSrv - ok
14:03:33.0561 1984 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:03:33.0668 1984 AVGIDSAgent - ok
14:03:33.0688 1984 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:03:33.0704 1984 AVGIDSDriver - ok
14:03:33.0729 1984 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:03:33.0741 1984 AVGIDSHA - ok
14:03:33.0749 1984 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:03:33.0764 1984 Avgldx64 - ok
14:03:33.0792 1984 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:03:33.0808 1984 Avgloga - ok
14:03:33.0822 1984 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:03:33.0835 1984 Avgmfx64 - ok
14:03:33.0866 1984 [ 4494718783294ECFFBA7E89D82BAE6E1 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:03:33.0878 1984 Avgrkx64 - ok
14:03:33.0911 1984 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:03:33.0926 1984 Avgtdia - ok
14:03:33.0974 1984 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
14:03:33.0986 1984 avgtp - ok
14:03:34.0013 1984 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:03:34.0028 1984 avgwd - ok
14:03:34.0073 1984 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:03:34.0122 1984 AxInstSV - ok
14:03:34.0176 1984 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:03:34.0210 1984 b06bdrv - ok
14:03:34.0269 1984 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:03:34.0301 1984 b57nd60a - ok
14:03:34.0354 1984 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:03:34.0383 1984 BDESVC - ok
14:03:34.0397 1984 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:03:34.0455 1984 Beep - ok
14:03:34.0523 1984 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:03:34.0565 1984 BFE - ok
14:03:34.0590 1984 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:03:34.0664 1984 BITS - ok
14:03:34.0696 1984 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:03:34.0724 1984 blbdrive - ok
14:03:34.0769 1984 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:03:34.0810 1984 bowser - ok
14:03:34.0838 1984 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:03:34.0893 1984 BrFiltLo - ok
14:03:34.0910 1984 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:03:34.0926 1984 BrFiltUp - ok
14:03:34.0961 1984 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:03:35.0017 1984 BridgeMP - ok
14:03:35.0061 1984 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:03:35.0077 1984 Browser - ok
14:03:35.0104 1984 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:03:35.0132 1984 Brserid - ok
14:03:35.0156 1984 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:03:35.0189 1984 BrSerWdm - ok
14:03:35.0210 1984 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:03:35.0268 1984 BrUsbMdm - ok
14:03:35.0287 1984 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:03:35.0300 1984 BrUsbSer - ok
14:03:35.0319 1984 BTCFilterService - ok
14:03:35.0338 1984 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:03:35.0372 1984 BTHMODEM - ok
14:03:35.0432 1984 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:03:35.0483 1984 bthserv - ok
14:03:35.0518 1984 catchme - ok
14:03:35.0564 1984 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:03:35.0621 1984 cdfs - ok
14:03:35.0675 1984 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:03:35.0710 1984 cdrom - ok
14:03:35.0765 1984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:03:35.0799 1984 CertPropSvc - ok
14:03:35.0832 1984 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:03:35.0870 1984 circlass - ok
14:03:35.0937 1984 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:03:35.0956 1984 CLFS - ok
14:03:36.0033 1984 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:03:36.0045 1984 clr_optimization_v2.0.50727_32 - ok
14:03:36.0102 1984 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:03:36.0113 1984 clr_optimization_v2.0.50727_64 - ok
14:03:36.0188 1984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:03:36.0199 1984 clr_optimization_v4.0.30319_32 - ok
14:03:36.0219 1984 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:03:36.0231 1984 clr_optimization_v4.0.30319_64 - ok
14:03:36.0267 1984 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:03:36.0299 1984 CmBatt - ok
14:03:36.0320 1984 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:03:36.0332 1984 cmdide - ok
14:03:36.0396 1984 [ 37A8D00251D96459DE435DB105108403 ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys
14:03:36.0459 1984 cmuda3 - ok
14:03:36.0496 1984 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:03:36.0522 1984 CNG - ok
14:03:36.0546 1984 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:03:36.0558 1984 Compbatt - ok
14:03:36.0592 1984 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:03:36.0625 1984 CompositeBus - ok
14:03:36.0643 1984 COMSysApp - ok
14:03:36.0660 1984 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:03:36.0672 1984 crcdisk - ok
14:03:36.0714 1984 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:03:36.0762 1984 CryptSvc - ok
14:03:36.0799 1984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:03:36.0849 1984 DcomLaunch - ok
14:03:36.0913 1984 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:03:36.0972 1984 defragsvc - ok
14:03:37.0174 1984 [ 141673E69CFDCF0B1531616343223EE4 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
14:03:37.0229 1984 DevoloNetworkService - ok
14:03:37.0260 1984 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:03:37.0309 1984 DfsC - ok
14:03:37.0340 1984 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:03:37.0352 1984 dg_ssudbus - ok
14:03:37.0403 1984 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:03:37.0440 1984 Dhcp - ok
14:03:37.0457 1984 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:03:37.0491 1984 discache - ok
14:03:37.0525 1984 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:03:37.0538 1984 Disk - ok
14:03:37.0571 1984 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:03:37.0604 1984 Dnscache - ok
14:03:37.0640 1984 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:03:37.0678 1984 dot3svc - ok
14:03:37.0711 1984 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:03:37.0773 1984 DPS - ok
14:03:37.0829 1984 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:03:37.0863 1984 drmkaud - ok
14:03:37.0904 1984 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:03:37.0933 1984 DXGKrnl - ok
14:03:37.0967 1984 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:03:38.0002 1984 EapHost - ok
14:03:38.0072 1984 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:03:38.0163 1984 ebdrv - ok
14:03:38.0194 1984 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:03:38.0222 1984 EFS - ok
14:03:38.0295 1984 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:03:38.0335 1984 ehRecvr - ok
14:03:38.0373 1984 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:03:38.0409 1984 ehSched - ok
14:03:38.0474 1984 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:03:38.0487 1984 ElbyCDIO - ok
14:03:38.0519 1984 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:03:38.0541 1984 elxstor - ok
14:03:38.0576 1984 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:03:38.0612 1984 ErrDev - ok
14:03:38.0649 1984 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:03:38.0700 1984 EventSystem - ok
14:03:38.0726 1984 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:03:38.0763 1984 exfat - ok
14:03:38.0776 1984 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:03:38.0832 1984 fastfat - ok
14:03:38.0884 1984 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:03:38.0908 1984 Fax - ok
14:03:38.0924 1984 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:03:38.0954 1984 fdc - ok
14:03:38.0978 1984 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:03:39.0042 1984 fdPHost - ok
14:03:39.0064 1984 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:03:39.0120 1984 FDResPub - ok
14:03:39.0141 1984 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:03:39.0174 1984 FileInfo - ok
14:03:39.0190 1984 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:03:39.0236 1984 Filetrace - ok
14:03:39.0258 1984 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:03:39.0284 1984 flpydisk - ok
14:03:39.0318 1984 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:03:39.0336 1984 FltMgr - ok
14:03:39.0386 1984 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:03:39.0417 1984 FontCache - ok
14:03:39.0480 1984 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:03:39.0490 1984 FontCache3.0.0.0 - ok
14:03:39.0517 1984 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:03:39.0531 1984 FsDepends - ok
14:03:39.0567 1984 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:03:39.0579 1984 Fs_Rec - ok
14:03:39.0605 1984 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:03:39.0623 1984 fvevol - ok
14:03:39.0668 1984 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:03:39.0681 1984 gagp30kx - ok
14:03:39.0719 1984 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:03:39.0780 1984 gpsvc - ok
14:03:39.0895 1984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:03:39.0906 1984 gupdate - ok
14:03:39.0910 1984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:03:39.0919 1984 gupdatem - ok
14:03:39.0954 1984 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:03:39.0965 1984 hamachi - ok
14:03:40.0068 1984 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:03:40.0140 1984 Hamachi2Svc - ok
14:03:40.0153 1984 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:03:40.0177 1984 hcw85cir - ok
14:03:40.0230 1984 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:03:40.0251 1984 HdAudAddService - ok
14:03:40.0289 1984 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:03:40.0326 1984 HDAudBus - ok
14:03:40.0341 1984 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:03:40.0354 1984 HidBatt - ok
14:03:40.0373 1984 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:03:40.0389 1984 HidBth - ok
14:03:40.0401 1984 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:03:40.0417 1984 HidIr - ok
14:03:40.0447 1984 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:03:40.0505 1984 hidserv - ok
14:03:40.0539 1984 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:03:40.0552 1984 HidUsb - ok
14:03:40.0587 1984 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:03:40.0652 1984 hkmsvc - ok
14:03:40.0690 1984 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:03:40.0726 1984 HomeGroupListener - ok
14:03:40.0762 1984 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:03:40.0796 1984 HomeGroupProvider - ok
14:03:40.0810 1984 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:03:40.0823 1984 HpSAMD - ok
14:03:40.0882 1984 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:03:40.0936 1984 HTTP - ok
14:03:40.0964 1984 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:03:40.0976 1984 hwpolicy - ok
14:03:41.0012 1984 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:03:41.0026 1984 i8042prt - ok
14:03:41.0051 1984 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:03:41.0070 1984 iaStorV - ok
14:03:41.0105 1984 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:03:41.0130 1984 idsvc - ok
14:03:41.0165 1984 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:03:41.0178 1984 iirsp - ok
14:03:41.0226 1984 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
14:03:41.0253 1984 IISADMIN - ok
14:03:41.0304 1984 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:03:41.0362 1984 IKEEXT - ok
14:03:41.0422 1984 [ CAA8BC6737DFA3BF1A50175CFB226788 ] InputFilter_Hid_FlexDef2b C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
14:03:41.0450 1984 InputFilter_Hid_FlexDef2b - ok
14:03:41.0480 1984 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:03:41.0492 1984 intelide - ok
14:03:41.0520 1984 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:03:41.0553 1984 intelppm - ok
14:03:41.0585 1984 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:03:41.0640 1984 IPBusEnum - ok
14:03:41.0690 1984 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:03:41.0736 1984 IpFilterDriver - ok
14:03:41.0824 1984 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:03:41.0852 1984 iphlpsvc - ok
14:03:41.0888 1984 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:03:41.0903 1984 IPMIDRV - ok
14:03:41.0926 1984 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:03:41.0972 1984 IPNAT - ok
14:03:42.0004 1984 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:03:42.0066 1984 IRENUM - ok
14:03:42.0094 1984 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:03:42.0106 1984 isapnp - ok
14:03:42.0141 1984 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:03:42.0158 1984 iScsiPrt - ok
14:03:42.0176 1984 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:03:42.0189 1984 kbdclass - ok
14:03:42.0195 1984 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:03:42.0209 1984 kbdhid - ok
14:03:42.0227 1984 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:03:42.0240 1984 KeyIso - ok
14:03:42.0280 1984 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:03:42.0294 1984 KSecDD - ok
14:03:42.0312 1984 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:03:42.0327 1984 KSecPkg - ok
14:03:42.0336 1984 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:03:42.0383 1984 ksthunk - ok
14:03:42.0430 1984 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:03:42.0482 1984 KtmRm - ok
14:03:42.0509 1984 [ 173666119D217E3739205C169E2BF0E5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:03:42.0521 1984 L1C - ok
14:03:42.0551 1984 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:03:42.0603 1984 LanmanServer - ok
14:03:42.0634 1984 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:03:42.0691 1984 LanmanWorkstation - ok
14:03:42.0732 1984 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:03:42.0767 1984 lltdio - ok
14:03:42.0783 1984 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:03:42.0842 1984 lltdsvc - ok
14:03:42.0860 1984 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:03:42.0894 1984 lmhosts - ok
14:03:42.0933 1984 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:03:42.0947 1984 LSI_FC - ok
14:03:42.0965 1984 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:03:42.0980 1984 LSI_SAS - ok
14:03:43.0000 1984 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:03:43.0013 1984 LSI_SAS2 - ok
14:03:43.0034 1984 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:03:43.0048 1984 LSI_SCSI - ok
14:03:43.0075 1984 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:03:43.0127 1984 luafv - ok
14:03:43.0217 1984 [ EC470D91EF06A59397EDC18D48899CC5 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
14:03:43.0236 1984 MatSvc - ok
14:03:43.0254 1984 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:03:43.0266 1984 MBAMProtector - ok
14:03:43.0316 1984 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:03:43.0330 1984 MBAMScheduler - ok
14:03:43.0357 1984 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:03:43.0375 1984 MBAMService - ok
14:03:43.0409 1984 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:03:43.0438 1984 Mcx2Svc - ok
14:03:43.0458 1984 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:03:43.0470 1984 megasas - ok
14:03:43.0482 1984 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:03:43.0500 1984 MegaSR - ok
14:03:43.0533 1984 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:03:43.0589 1984 MMCSS - ok
14:03:43.0605 1984 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:03:43.0638 1984 Modem - ok
14:03:43.0662 1984 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:03:43.0695 1984 monitor - ok
14:03:43.0709 1984 motandroidusb - ok
14:03:43.0718 1984 motccgp - ok
14:03:43.0723 1984 motccgpfl - ok
14:03:43.0728 1984 MotDev - ok
14:03:43.0767 1984 [ 65ED1932BCFE5003389D65F6C3EF51C8 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
14:03:43.0779 1984 MotioninJoyXFilter - ok
14:03:43.0803 1984 motmodem - ok
14:03:43.0807 1984 MotoSwitchService - ok
14:03:43.0811 1984 Motousbnet - ok
14:03:43.0842 1984 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:03:43.0855 1984 mouclass - ok
14:03:43.0885 1984 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:03:43.0919 1984 mouhid - ok
14:03:43.0994 1984 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:03:44.0043 1984 mountmgr - ok
14:03:44.0226 1984 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:03:44.0239 1984 MozillaMaintenance - ok
14:03:44.0265 1984 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:03:44.0280 1984 mpio - ok
14:03:44.0296 1984 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:03:44.0349 1984 mpsdrv - ok
14:03:44.0395 1984 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:03:44.0462 1984 MpsSvc - ok
14:03:44.0511 1984 [ CD22D2563039DDA6793F7624719363A7 ] MQAC C:\Windows\system32\drivers\mqac.sys
14:03:44.0565 1984 MQAC - ok
14:03:44.0595 1984 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:03:44.0614 1984 MRxDAV - ok
14:03:44.0655 1984 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:03:44.0698 1984 mrxsmb - ok
14:03:44.0716 1984 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:03:44.0750 1984 mrxsmb10 - ok
14:03:44.0790 1984 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:03:44.0804 1984 mrxsmb20 - ok
14:03:44.0825 1984 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:03:44.0838 1984 msahci - ok
14:03:44.0868 1984 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:03:44.0882 1984 msdsm - ok
14:03:44.0901 1984 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:03:44.0917 1984 MSDTC - ok
14:03:44.0964 1984 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:03:44.0998 1984 Msfs - ok
14:03:45.0010 1984 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:03:45.0058 1984 mshidkmdf - ok
14:03:45.0092 1984 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:03:45.0105 1984 msisadrv - ok
14:03:45.0152 1984 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:03:45.0207 1984 MSiSCSI - ok
14:03:45.0210 1984 msiserver - ok
14:03:45.0239 1984 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:03:45.0284 1984 MSKSSRV - ok
14:03:45.0327 1984 [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ C:\Windows\system32\mqsvc.exe
14:03:45.0351 1984 MSMQ - ok
14:03:45.0383 1984 [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
14:03:45.0412 1984 MSMQTriggers - ok
14:03:45.0433 1984 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:03:45.0468 1984 MSPCLOCK - ok
14:03:45.0476 1984 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:03:45.0525 1984 MSPQM - ok
14:03:45.0565 1984 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:03:45.0585 1984 MsRPC - ok
14:03:45.0606 1984 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:03:45.0619 1984 mssmbios - ok
14:03:45.0659 1984 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:03:45.0708 1984 MSTEE - ok
14:03:45.0740 1984 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:03:45.0754 1984 MTConfig - ok
14:03:45.0807 1984 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:03:45.0817 1984 MTsensor - ok
14:03:45.0844 1984 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:03:45.0857 1984 Mup - ok
14:03:45.0897 1984 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:03:45.0949 1984 napagent - ok
14:03:46.0040 1984 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:03:46.0080 1984 NativeWifiP - ok
14:03:46.0146 1984 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:03:46.0176 1984 NDIS - ok
14:03:46.0189 1984 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:03:46.0224 1984 NdisCap - ok
14:03:46.0249 1984 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:03:46.0284 1984 NdisTapi - ok
14:03:46.0318 1984 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:03:46.0365 1984 Ndisuio - ok
14:03:46.0395 1984 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:03:46.0446 1984 NdisWan - ok
14:03:46.0480 1984 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:03:46.0526 1984 NDProxy - ok
14:03:46.0639 1984 [ A0101E836D2A39682E134C47B1565256 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
14:03:46.0667 1984 Nero BackItUp Scheduler 3 - ok
14:03:46.0684 1984 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:03:46.0730 1984 NetBIOS - ok
14:03:46.0764 1984 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:03:46.0800 1984 NetBT - ok
14:03:46.0817 1984 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:03:46.0830 1984 Netlogon - ok
14:03:46.0871 1984 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:03:46.0930 1984 Netman - ok
14:03:46.0955 1984 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:03:47.0006 1984 netprofm - ok
14:03:47.0034 1984 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:03:47.0045 1984 NetTcpPortSharing - ok
14:03:47.0082 1984 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:03:47.0095 1984 nfrd960 - ok
14:03:47.0134 1984 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:03:47.0167 1984 NlaSvc - ok
14:03:47.0272 1984 [ 1FCE14E00BD3EAA214042DC41669C984 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
14:03:47.0283 1984 nlsX86cc - ok
14:03:47.0387 1984 [ 6EF0506CE1F553E9BD085645933C8686 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
14:03:47.0403 1984 NMIndexingService - ok
14:03:47.0422 1984 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:03:47.0456 1984 Npfs - ok
14:03:47.0526 1984 [ 49697C2C761ACB5C0DE99CC8FE93E95B ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
14:03:47.0538 1984 NPF_devolo - ok
14:03:47.0565 1984 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:03:47.0624 1984 nsi - ok
14:03:47.0638 1984 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:03:47.0688 1984 nsiproxy - ok
14:03:47.0738 1984 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:03:47.0789 1984 Ntfs - ok
14:03:47.0804 1984 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:03:47.0838 1984 Null - ok
14:03:47.0869 1984 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:03:47.0883 1984 nvraid - ok
14:03:47.0909 1984 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:03:47.0924 1984 nvstor - ok
14:03:47.0956 1984 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:03:47.0970 1984 nv_agp - ok
14:03:47.0995 1984 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:03:48.0028 1984 ohci1394 - ok
14:03:48.0147 1984 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:03:48.0160 1984 ose64 - ok
14:03:48.0297 1984 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:03:48.0392 1984 osppsvc - ok
14:03:48.0428 1984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:03:48.0458 1984 p2pimsvc - ok
14:03:48.0528 1984 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:03:48.0547 1984 p2psvc - ok
14:03:48.0596 1984 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:03:48.0610 1984 Parport - ok
14:03:48.0646 1984 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:03:48.0659 1984 partmgr - ok
14:03:48.0675 1984 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:03:48.0711 1984 PcaSvc - ok
14:03:48.0735 1984 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:03:48.0750 1984 pci - ok
14:03:48.0777 1984 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:03:48.0789 1984 pciide - ok
14:03:48.0813 1984 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:03:48.0829 1984 pcmcia - ok
14:03:48.0847 1984 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:03:48.0860 1984 pcw - ok
14:03:48.0884 1984 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:03:48.0950 1984 PEAUTH - ok
14:03:48.0984 1984 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:03:49.0017 1984 PerfHost - ok
14:03:49.0077 1984 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:03:49.0151 1984 pla - ok
14:03:49.0205 1984 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:03:49.0273 1984 PlugPlay - ok
14:03:49.0310 1984 PnkBstrA - ok
14:03:49.0324 1984 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:03:49.0357 1984 PNRPAutoReg - ok
14:03:49.0383 1984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:03:49.0399 1984 PNRPsvc - ok
14:03:49.0441 1984 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:03:49.0494 1984 PolicyAgent - ok
14:03:49.0539 1984 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:03:49.0591 1984 Power - ok
14:03:49.0656 1984 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:03:49.0690 1984 PptpMiniport - ok
14:03:49.0714 1984 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:03:49.0740 1984 Processor - ok
14:03:49.0777 1984 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:03:49.0793 1984 ProfSvc - ok
14:03:49.0805 1984 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:03:49.0818 1984 ProtectedStorage - ok
14:03:49.0865 1984 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:03:49.0920 1984 Psched - ok
14:03:49.0974 1984 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:03:50.0013 1984 ql2300 - ok
14:03:50.0031 1984 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:03:50.0045 1984 ql40xx - ok
14:03:50.0070 1984 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:03:50.0113 1984 QWAVE - ok
14:03:50.0128 1984 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:03:50.0175 1984 QWAVEdrv - ok
14:03:50.0188 1984 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:03:50.0222 1984 RasAcd - ok
14:03:50.0254 1984 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:03:50.0288 1984 RasAgileVpn - ok
14:03:50.0306 1984 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:03:50.0355 1984 RasAuto - ok
14:03:50.0394 1984 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:03:50.0446 1984 Rasl2tp - ok
14:03:50.0480 1984 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:03:50.0540 1984 RasMan - ok
14:03:50.0564 1984 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:03:50.0600 1984 RasPppoe - ok
14:03:50.0611 1984 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:03:50.0645 1984 RasSstp - ok
14:03:50.0678 1984 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:03:50.0734 1984 rdbss - ok
14:03:50.0750 1984 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:03:50.0766 1984 rdpbus - ok
14:03:50.0783 1984 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:03:50.0817 1984 RDPCDD - ok
14:03:50.0828 1984 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:03:50.0882 1984 RDPENCDD - ok
14:03:50.0887 1984 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:03:50.0921 1984 RDPREFMP - ok
14:03:50.0951 1984 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:03:50.0983 1984 RDPWD - ok
14:03:51.0012 1984 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:03:51.0028 1984 rdyboost - ok
14:03:51.0072 1984 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:03:51.0118 1984 RemoteAccess - ok
14:03:51.0155 1984 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:03:51.0206 1984 RemoteRegistry - ok
14:03:51.0254 1984 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
14:03:51.0302 1984 RMCAST - ok
14:03:51.0326 1984 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:03:51.0361 1984 RpcEptMapper - ok
14:03:51.0402 1984 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:03:51.0416 1984 RpcLocator - ok
14:03:51.0455 1984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:03:51.0492 1984 RpcSs - ok
14:03:51.0534 1984 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:03:51.0588 1984 rspndr - ok
14:03:51.0616 1984 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:03:51.0629 1984 SamSs - ok
14:03:51.0656 1984 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:03:51.0670 1984 sbp2port - ok
14:03:51.0686 1984 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:03:51.0742 1984 SCardSvr - ok
14:03:51.0774 1984 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:03:51.0818 1984 scfilter - ok
14:03:51.0869 1984 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:03:51.0943 1984 Schedule - ok
14:03:51.0976 1984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:03:52.0009 1984 SCPolicySvc - ok
14:03:52.0047 1984 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:03:52.0074 1984 SDRSVC - ok
14:03:52.0106 1984 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:03:52.0140 1984 secdrv - ok
14:03:52.0168 1984 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:03:52.0202 1984 seclogon - ok
14:03:52.0233 1984 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:03:52.0269 1984 SENS - ok
14:03:52.0285 1984 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:03:52.0299 1984 SensrSvc - ok
14:03:52.0316 1984 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:03:52.0329 1984 Serenum - ok
14:03:52.0347 1984 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:03:52.0361 1984 Serial - ok
14:03:52.0383 1984 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:03:52.0396 1984 sermouse - ok
14:03:52.0435 1984 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:03:52.0487 1984 SessionEnv - ok
14:03:52.0522 1984 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:03:52.0567 1984 sffdisk - ok
14:03:52.0587 1984 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:03:52.0613 1984 sffp_mmc - ok
14:03:52.0627 1984 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:03:52.0656 1984 sffp_sd - ok
14:03:52.0678 1984 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:03:52.0692 1984 sfloppy - ok
14:03:52.0771 1984 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:03:52.0827 1984 SharedAccess - ok
14:03:52.0866 1984 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:03:52.0905 1984 ShellHWDetection - ok
14:03:52.0931 1984 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:03:52.0944 1984 SiSRaid2 - ok
14:03:52.0956 1984 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:03:52.0970 1984 SiSRaid4 - ok
14:03:53.0027 1984 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:03:53.0039 1984 SkypeUpdate - ok
14:03:53.0076 1984 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:03:53.0086 1984 SmartDefragDriver - ok
14:03:53.0111 1984 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:03:53.0164 1984 Smb - ok
14:03:53.0229 1984 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:03:53.0258 1984 SNMPTRAP - ok
14:03:53.0273 1984 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:03:53.0285 1984 spldr - ok
14:03:53.0332 1984 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:03:53.0370 1984 Spooler - ok
14:03:53.0453 1984 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:03:53.0567 1984 sppsvc - ok
14:03:53.0594 1984 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:03:53.0662 1984 sppuinotify - ok
14:03:53.0704 1984 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:03:53.0755 1984 srv - ok
14:03:53.0792 1984 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:03:53.0829 1984 srv2 - ok
14:03:53.0868 1984 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:03:53.0898 1984 srvnet - ok
14:03:53.0945 1984 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
14:03:53.0975 1984 ssadbus - ok
14:03:53.0996 1984 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
14:03:54.0027 1984 ssadmdfl - ok
14:03:54.0052 1984 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
14:03:54.0082 1984 ssadmdm - ok
14:03:54.0109 1984 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
14:03:54.0125 1984 ssadserd - ok
14:03:54.0182 1984 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
14:03:54.0195 1984 sscdbus - ok
14:03:54.0248 1984 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
14:03:54.0259 1984 sscdmdfl - ok
14:03:54.0321 1984 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
14:03:54.0333 1984 sscdmdm - ok
14:03:54.0385 1984 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:03:54.0439 1984 SSDPSRV - ok
14:03:54.0465 1984 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:03:54.0500 1984 SstpSvc - ok
14:03:54.0544 1984 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:03:54.0558 1984 ssudmdm - ok
14:03:54.0592 1984 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:03:54.0604 1984 stexstor - ok
14:03:54.0658 1984 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:03:54.0699 1984 stisvc - ok
14:03:54.0736 1984 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:03:54.0748 1984 swenum - ok
14:03:54.0872 1984 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:03:54.0900 1984 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:03:54.0900 1984 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:03:54.0928 1984 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:03:54.0988 1984 swprv - ok
14:03:55.0057 1984 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:03:55.0132 1984 SysMain - ok
14:03:55.0163 1984 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:03:55.0183 1984 TabletInputService - ok
14:03:55.0226 1984 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:03:55.0275 1984 TapiSrv - ok
14:03:55.0311 1984 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:03:55.0358 1984 TBS - ok
14:03:55.0413 1984 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:03:55.0467 1984 Tcpip - ok
14:03:55.0496 1984 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:03:55.0533 1984 TCPIP6 - ok
14:03:55.0575 1984 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:03:55.0604 1984 tcpipreg - ok
14:03:55.0634 1984 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:03:55.0664 1984 TDPIPE - ok
14:03:55.0689 1984 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:03:55.0702 1984 TDTCP - ok
14:03:55.0729 1984 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:03:55.0763 1984 tdx - ok
14:03:55.0861 1984 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:03:55.0934 1984 TeamViewer7 - ok
14:03:55.0970 1984 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:03:55.0983 1984 TermDD - ok
14:03:56.0029 1984 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:03:56.0086 1984 TermService - ok
14:03:56.0116 1984 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:03:56.0154 1984 Themes - ok
14:03:56.0189 1984 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:03:56.0223 1984 THREADORDER - ok
14:03:56.0237 1984 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:03:56.0288 1984 TrkWks - ok
14:03:56.0344 1984 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:03:56.0399 1984 TrustedInstaller - ok
14:03:56.0433 1984 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:03:56.0467 1984 tssecsrv - ok
14:03:56.0515 1984 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:03:56.0546 1984 TsUsbFlt - ok
14:03:56.0632 1984 [ E78BFED571B62D4D8B299902939C1D95 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
14:03:56.0652 1984 TuneUp.Defrag - ok
14:03:56.0706 1984 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:03:56.0761 1984 tunnel - ok
14:03:56.0793 1984 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:03:56.0806 1984 uagp35 - ok
14:03:56.0838 1984 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:03:56.0875 1984 udfs - ok
14:03:56.0893 1984 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:03:56.0907 1984 UI0Detect - ok
14:03:56.0931 1984 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:03:56.0944 1984 uliagpkx - ok
14:03:56.0987 1984 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:03:57.0020 1984 umbus - ok
14:03:57.0034 1984 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:03:57.0047 1984 UmPass - ok
14:03:57.0101 1984 [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
14:03:57.0113 1984 UnsignedThemes - ok
14:03:57.0150 1984 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:03:57.0190 1984 upnphost - ok
14:03:57.0204 1984 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:03:57.0219 1984 usbccgp - ok
14:03:57.0277 1984 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:03:57.0294 1984 usbcir - ok
14:03:57.0321 1984 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:03:57.0345 1984 usbehci - ok
14:03:57.0375 1984 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:03:57.0410 1984 usbhub - ok
14:03:57.0428 1984 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:03:57.0441 1984 usbohci - ok
14:03:57.0468 1984 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:03:57.0497 1984 usbprint - ok
14:03:57.0525 1984 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:03:57.0541 1984 usbscan - ok
14:03:57.0564 1984 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:03:57.0580 1984 USBSTOR - ok
14:03:57.0608 1984 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:03:57.0639 1984 usbuhci - ok
14:03:57.0672 1984 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
14:03:57.0685 1984 uxpatch - ok
14:03:57.0694 1984 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:03:57.0729 1984 UxSms - ok
14:03:57.0771 1984 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:03:57.0784 1984 VaultSvc - ok
14:03:57.0802 1984 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
14:03:57.0833 1984 VClone - ok
14:03:57.0859 1984 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:03:57.0871 1984 vdrvroot - ok
14:03:57.0919 1984 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:03:57.0976 1984 vds - ok
14:03:58.0011 1984 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:03:58.0027 1984 vga - ok
14:03:58.0038 1984 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:03:58.0085 1984 VgaSave - ok
14:03:58.0123 1984 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:03:58.0139 1984 vhdmp - ok
14:03:58.0182 1984 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:03:58.0194 1984 viaide - ok
14:03:58.0204 1984 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:03:58.0217 1984 volmgr - ok
14:03:58.0250 1984 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:03:58.0269 1984 volmgrx - ok
14:03:58.0283 1984 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:03:58.0300 1984 volsnap - ok
14:03:58.0325 1984 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:03:58.0341 1984 vsmraid - ok
14:03:58.0402 1984 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:03:58.0488 1984 VSS - ok
14:03:58.0596 1984 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
14:03:58.0623 1984 vToolbarUpdater14.2.0 - ok
14:03:58.0642 1984 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:03:58.0693 1984 vwifibus - ok
14:03:58.0740 1984 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:03:58.0772 1984 vwififlt - ok
14:03:58.0819 1984 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:03:58.0879 1984 W32Time - ok
14:03:58.0957 1984 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
14:03:58.0991 1984 W3SVC - ok
14:03:59.0015 1984 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:03:59.0038 1984 WacomPen - ok
14:03:59.0094 1984 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:03:59.0143 1984 WANARP - ok
14:03:59.0161 1984 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:03:59.0194 1984 Wanarpv6 - ok
14:03:59.0212 1984 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
14:03:59.0228 1984 WAS - ok
14:03:59.0287 1984 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:03:59.0331 1984 wbengine - ok
14:03:59.0345 1984 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:03:59.0365 1984 WbioSrvc - ok
14:03:59.0398 1984 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:03:59.0422 1984 wcncsvc - ok
14:03:59.0430 1984 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:03:59.0444 1984 WcsPlugInService - ok
14:03:59.0459 1984 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:03:59.0471 1984 Wd - ok
14:03:59.0515 1984 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:03:59.0543 1984 Wdf01000 - ok
14:03:59.0555 1984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:03:59.0593 1984 WdiServiceHost - ok
14:03:59.0597 1984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:03:59.0615 1984 WdiSystemHost - ok
14:03:59.0648 1984 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:03:59.0688 1984 WebClient - ok
14:03:59.0715 1984 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:03:59.0774 1984 Wecsvc - ok
14:03:59.0790 1984 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:03:59.0847 1984 wercplsupport - ok
14:03:59.0893 1984 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:03:59.0929 1984 WerSvc - ok
14:03:59.0968 1984 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:04:00.0001 1984 WfpLwf - ok
14:04:00.0018 1984 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:04:00.0031 1984 WIMMount - ok
14:04:00.0109 1984 WinDefend - ok
14:04:00.0113 1984 WinHttpAutoProxySvc - ok
14:04:00.0190 1984 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:04:00.0227 1984 Winmgmt - ok
14:04:00.0292 1984 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:04:00.0362 1984 WinRM - ok
14:04:00.0407 1984 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:04:00.0423 1984 WinUsb - ok
14:04:00.0471 1984 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:04:00.0520 1984 Wlansvc - ok
14:04:00.0636 1984 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:04:00.0692 1984 wlidsvc - ok
14:04:00.0714 1984 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:04:00.0742 1984 WmiAcpi - ok
14:04:00.0772 1984 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:04:00.0811 1984 wmiApSrv - ok
14:04:00.0844 1984 WMPNetworkSvc - ok
14:04:00.0853 1984 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:04:00.0867 1984 WPCSvc - ok
14:04:00.0903 1984 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:04:00.0920 1984 WPDBusEnum - ok
14:04:00.0948 1984 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:04:00.0995 1984 ws2ifsl - ok
14:04:01.0035 1984 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:04:01.0071 1984 wscsvc - ok
14:04:01.0075 1984 WSearch - ok
14:04:01.0152 1984 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:04:01.0226 1984 wuauserv - ok
14:04:01.0251 1984 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:04:01.0265 1984 WudfPf - ok
14:04:01.0282 1984 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:04:01.0317 1984 WUDFRd - ok
14:04:01.0348 1984 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:04:01.0380 1984 wudfsvc - ok
14:04:01.0410 1984 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:04:01.0427 1984 WwanSvc - ok
14:04:01.0455 1984 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
14:04:01.0466 1984 xusb21 - ok
14:04:01.0489 1984 ================ Scan global ===============================
14:04:01.0513 1984 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:04:01.0546 1984 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
14:04:01.0554 1984 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
14:04:01.0585 1984 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:04:01.0626 1984 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:04:01.0631 1984 [Global] - ok
14:04:01.0632 1984 ================ Scan MBR ==================================
14:04:01.0645 1984 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:04:02.0088 1984 \Device\Harddisk0\DR0 - ok
14:04:02.0089 1984 ================ Scan VBR ==================================
14:04:02.0091 1984 [ 330D1329B1E4F839412877113BBB92E6 ] \Device\Harddisk0\DR0\Partition1
14:04:02.0093 1984 \Device\Harddisk0\DR0\Partition1 - ok
14:04:02.0093 1984 ============================================================
14:04:02.0093 1984 Scan finished
14:04:02.0093 1984 ============================================================
14:04:02.0102 6648 Detected object count: 1
14:04:02.0102 6648 Actual detected object count: 1
14:04:17.0264 6648 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:04:17.0264 6648 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:04:23.0172 5996 Deinitialize success
|
|
14.09.2013, 13:07
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" Hat MBAR wirklich nichts gefunden oder hast du nur das letzte Log ohne Funde gepostet?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.09.2013, 13:16
| #15 |
| | Firewall lässt sich nicht starten - "Empfohlene Einstellungen" MBAR hat wirklich nichts gefunden. Was hätte ich davon, ein altes log zu posten? Übrigens hatte ich dieses Rootkit-Tool auch noch nie benutzt. EDIT: Ich kanns nochmal durchlaufen lassen? EDIT2: BTW steht ja auch Datum/Uhrzeit im log drin. |
|
| Themen zu Firewall lässt sich nicht starten - "Empfohlene Einstellungen" |
| arbeiten, automatisch, bild, cbs.log, ccleaner, computer, dateien, einstellungen, firewall, freund, gen, größe, herunterfahren, installieren, microsoft, netzwerk, neuste, problem, programme, schei, spiele, spielen, starte, starten, tool, versionen, wirklich |
Firewall lässt sich nicht starten - "Empfohlene Einstellungen"
Linear-Darstellung
