Trojaner-Board - GVU Trojaner auf Windows7 64bit

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - GVU Trojaner auf Windows7 64bit (https://www.trojaner-board.de/136326-gvu-trojaner-windows7-64bit.html)

Sorry hatte ich überlesen. Hier also noch einmal der log scan für alle user

Code:

OTL logfile created on: 6/11/2013 9:41:32 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free

3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files (x86)

Drive C: | 100.00 Mb Total Space | 75.83 Mb Free Space | 75.83% Space Free | Partition Type: NTFS

Drive D: | 14.83 Gb Total Space | 14.83 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Drive I: | 458.95 Gb Total Space | 54.76 Gb Free Space | 11.93% Space Free | Partition Type: NTFS

Drive J: | 459.46 Gb Total Space | 82.12 Gb Free Space | 17.87% Space Free | Partition Type: NTFS

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011/06/20 03:19:12 | 000,229,888 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto] -- I:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe -- (Samsung Network Fax Server)

SRV:64bit: - [2011/01/10 09:48:32 | 000,231,280 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)

SRV:64bit: - [2011/01/10 09:47:54 | 000,109,936 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Home Server\esClient.exe -- (esClient)

SRV:64bit: - [2011/01/10 09:47:42 | 000,489,840 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Home Server\WHSConnector.exe -- (WHSConnector)

SRV:64bit: - [2009/07/28 11:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto] -- I:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- I:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2013/05/21 02:16:14 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- I:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/05/15 09:26:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- I:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/04/10 11:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) [Auto] -- I:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)

SRV - [2013/03/25 10:01:30 | 004,561,152 | ---- | M] () [Auto] -- I:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)

SRV - [2013/02/28 12:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- I:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/02/25 18:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2013/01/18 02:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012/10/02 07:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- I:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- I:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/05/08 04:12:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012/05/08 04:12:43 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012/01/11 08:11:20 | 000,040,960 | ---- | M] () [Auto] -- I:\Users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)

SRV - [2011/05/19 10:05:22 | 000,081,784 | ---- | M] (AVM Berlin) [Auto] -- I:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe -- (avmident)

SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 06:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- I:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/01/06 09:06:20 | 000,085,096 | ---- | M] (Autodesk) [On_Demand] -- I:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)

SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto] -- I:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009/08/12 18:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- I:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)

SRV - [2009/08/07 00:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- I:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)

SRV - [2009/08/06 13:18:54 | 000,311,592 | ---- | M] () [Auto] -- I:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009/07/28 15:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand] -- I:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- I:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012/12/13 07:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/05/08 04:12:43 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012/05/08 04:12:43 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011/10/11 09:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011/04/05 07:31:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- I:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)

DRV:64bit: - [2009/07/18 01:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- I:\Windows\System32\drivers\jraid.sys -- (JRAID)

DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)

DRV:64bit: - [2009/07/13 17:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- I:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/06/12 17:49:36 | 000,041,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\System32\Drivers\qd262x64.sys -- (ioatdma2) Intel(R)

DRV:64bit: - [2009/06/12 17:49:32 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\System32\Drivers\qd162x64.sys -- (ioatdma1)

DRV:64bit: - [2009/06/12 06:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\e1y62x64.sys -- (e1yexpress) Intel(R)

DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- I:\Windows\System32\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/02 07:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- I:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/02 07:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- I:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/02 07:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- I:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2008/09/23 05:19:04 | 000,034,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\gwfilt64.sys -- (gwfilt64)

DRV:64bit: - [2007/04/11 11:30:04 | 000,043,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\IAMTVE.sys -- (IAMTVE) Driver for Intel(R)

DRV:64bit: - [2007/04/11 11:29:58 | 000,051,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\IAMTXPE.sys -- (IAMTXPE) Driver for Intel(R)

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7721&r=17360110cn06973h54b75ph8045l6s

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7721&r=17360110cn06973h54b75ph8045l6s

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

IE - HKU\BE.ST_ON_I\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7721&r=17360110cn06973h54b75ph8045l6s

IE - HKU\BE.ST_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\BE.ST_ON_I\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - Reg Error: Key error. File not found

IE - HKU\BE.ST_ON_I\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found

IE - HKU\BE.ST_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\BE.ST_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

 

 

 

 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16749

FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBG&o=15132&locale=de_DE&apn_uid=183CEB53-CDBB-423B-B977-0C103B673CA4&apn_ptnrs=RN&apn_sauid=A47A6612-49D1-4781-B19C-2E9BA3E15B93&apn_dtid=YYYYYYYYDE&q="

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: I:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: I:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: I:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: I:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: I:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: I:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: I:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: I:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\cas.de/CASBrowserPlugin: I:\Program Files (x86)\CAS-Software\CAS PIA\npCASBrowserPlugin.dll (CAS Software AG)

 

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/21 02:16:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/21 02:16:12 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions\mail@gutscheinrausch.de [2012/01/11 08:11:24 | 000,000,000 | ---D | M]

 

[2010/01/04 11:03:35 | 000,000,000 | ---D | M] (No name found) -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Extensions

[2013/04/16 02:11:57 | 000,000,000 | ---D | M] (No name found) -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions

[2012/04/25 08:50:41 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions\2020Player_IKEA@2020Technologies.com

[2013/04/16 02:11:57 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions\fb_add_on@avm.de

[2012/01/11 08:11:24 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions\mail@gutscheinrausch.de

[2011/12/28 03:58:59 | 000,000,000 | ---D | M] (No name found) -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\wi2ccqdc.Server2Go\extensions

[2011/12/28 03:58:59 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\wi2ccqdc.Server2Go\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012/01/11 08:11:22 | 000,002,689 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\askcom.xml

[2012/01/11 08:11:22 | 000,001,131 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\conduit.xml

[2012/01/11 08:11:22 | 000,002,188 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\{36D0CAC9-1383-4AB3-BA29-766822FECC23}.xml

[2012/01/11 08:11:22 | 000,001,870 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\{3C0DACF0-EADE-4838-B1F8-6E6C255CC0C4}.xml

[2012/01/11 08:11:22 | 000,002,077 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\{B9D6FFD2-F2A2-4A67-93D1-AEEBD87BF638}.xml

[2013/05/21 02:16:15 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files (x86)\Mozilla Firefox\extensions

[2013/05/21 02:16:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- I:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2013/05/21 02:16:15 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2013/05/21 02:16:15 | 000,000,000 | ---D | M] (Default) -- I:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

File not found (No name found) -- 

[2011/11/10 00:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012/01/11 08:11:22 | 000,001,625 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml

 

O1 HOSTS File: ([2011/07/08 05:13:54 | 000,002,952 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 192.168.1.217  HPSTORAGE  #Windows Home Server#

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 localhost 

O1 - Hosts: ::1 localhost 

O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com 

O1 - Hosts: 127.0.0.1 adobeereg.com 

O1 - Hosts: 127.0.0.1 activate.adobe.com 

O1 - Hosts: 127.0.0.1 practivate.adobe.com 

O1 - Hosts: 127.0.0.1 ereg.adobe.com 

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 

O1 - Hosts: 127.0.0.1 wip3.adobe.com 

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com 

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com 

O1 - Hosts: 127.0.0.1 3dns.adobe.com 

O1 - Hosts: 127.0.0.1 3dns-1.adobe.com 

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com 

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com 

O1 - Hosts: 127.0.0.1 3dns-4.adobe.com 

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com 

O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com 

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com 

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com 

O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com 

O1 - Hosts: 45 more lines...

O2:64bit: - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - I:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - I:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - I:\Program Files (x86)\Freeware.de\prxtbFre0.dll (Conduit Ltd.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (ST-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - I:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - I:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - I:\Program Files (x86)\Freeware.de\prxtbFre0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (ST-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - I:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - I:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\BE.ST_ON_I\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - I:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)

O3:64bit: - HKU\BE.ST_ON_I\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - I:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\BE.ST_ON_I\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - I:\Program Files (x86)\Freeware.de\prxtbFre0.dll (Conduit Ltd.)

O3 - HKU\BE.ST_ON_I\..\Toolbar\WebBrowser: (ST-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - I:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0]  File not found

O4:64bit: - HKLM..\Run: [CDAServer] I:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()

O4:64bit: - HKLM..\Run: [IAAnotif] I:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] I:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [Ocs_SM] I:\Users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)

O4:64bit: - HKLM..\Run: [RtHDVCpl] I:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AdobeCS5ServiceManager]  File not found

O4 - HKLM..\Run: [APSDaemon] I:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] I:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [ArcSoft Connection Service] I:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avgnt] I:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [BackupManagerTray] I:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [BingDesktop] I:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)

O4 - HKLM..\Run: [EgisTecLiveUpdate] I:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [facemoods] I:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)

O4 - HKLM..\Run: [FreePDF Assistant] I:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)

O4 - HKLM..\Run: [Hotkey Utility] I:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

O4 - HKLM..\Run: [JMB36X IDE Setup] I:\Windows\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [LexwareInfoService] I:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)

O4 - HKLM..\Run: [PlayMovie] I:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [SfWinStartInfo] I:\Program Files (x86)\SFirm\sfWinStartupInfo.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)

O4 - HKLM..\Run: [SwitchBoard]  File not found

O4 - HKU\BE.ST_ON_I..\Run: [Akamai NetSession Interface] I:\Users\BE.ST\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

O4 - HKU\BE.ST_ON_I..\Run: [Device Detector]  File not found

O4 - HKU\BE.ST_ON_I..\Run: [MobileDocuments]  File not found

O4 - HKU\LocalService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\NetworkService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\UpdatusUser_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\LocalService_ON_I..\RunOnce: [mctadmin]  File not found

O4 - HKU\NetworkService_ON_I..\RunOnce: [mctadmin]  File not found

O4 - HKU\UpdatusUser_ON_I..\RunOnce: [mctadmin]  File not found

O4 - HKU\UpdatusUser_ON_I..\RunOnce: [ScrSav] I:\Program Files (x86)\Acer\Screensaver\run_Acer.exe ()

O4 - Startup: I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk ()

O4 - Startup: I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ()

O4 - Startup: I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\BE.ST_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - I:\Users\BE.ST\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - I:\Users\BE.ST\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13:64bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15:64bit: - BE.ST_ON_I\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - I:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKU\BE.ST_ON_I Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKU\BE.ST_ON_I Winlogon: Shell - (C:\Users\BE.ST\AppData\Roaming\skype.dat) - I:\Users\BE.ST\AppData\Roaming\skype.dat ()

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/07/28 04:22:55 | 000,000,000 | ---D | M] - I:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

 

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/06/10 20:38:16 | 000,000,000 | ---D | C] -- I:\_OTL

[2013/05/21 02:16:10 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\Mozilla Firefox

[2013/05/16 02:12:45 | 000,000,000 | ---D | C] -- I:\Users\BE.ST\AppData\Local\Telekom

[2013/05/16 02:12:37 | 000,000,000 | ---D | C] -- I:\Users\BE.ST\AppData\Roaming\Telekom

[2013/05/15 11:08:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mshtmled.dll

[2013/05/15 11:08:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\mshtmled.dll

[2013/05/15 11:08:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\inetcpl.cpl

[2013/05/15 11:08:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\inetcpl.cpl

[2013/05/15 11:08:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll

[2013/05/15 11:08:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\url.dll

[2013/05/15 11:08:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\url.dll

[2013/05/15 11:08:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieui.dll

[2013/05/15 11:08:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieUnatt.exe

[2013/05/15 11:08:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieUnatt.exe

[2013/05/15 11:08:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript9.dll

[2013/05/15 11:08:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeeds.dll

[2013/05/15 11:08:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\msfeeds.dll

[2013/05/15 11:08:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript9.dll

[2013/05/15 11:08:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript.dll

[2013/05/15 11:08:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript.dll

[2013/05/15 11:08:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\vbscript.dll

[2013/05/15 04:15:37 | 001,930,752 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\authui.dll

[2013/05/15 04:15:37 | 001,796,096 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\authui.dll

[2013/05/15 04:15:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\shdocvw.dll

[2013/05/15 04:15:37 | 000,111,448 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\consent.exe

[2013/05/15 04:15:34 | 000,265,064 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\drivers\dxgmms1.sys

[2013/05/15 04:15:34 | 000,144,384 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\cdd.dll

[2012/01/11 08:10:31 | 000,507,904 | ---- | C] (www.download-sponsor.de) -- I:\Program Files\Downloader-fuer-SETUP_A1-Faktura-Plus.exe

[2011/12/28 05:04:13 | 000,077,236 | ---- | C] (AppWork UG (haftungsbeschränkt)) -- I:\Program Files\jDownloaderWebInstaller09581.exe

[2011/12/28 03:56:40 | 019,298,464 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- I:\Program Files\FreeYouTubeToMP3Converter.exe

[2011/02/23 08:58:58 | 001,228,416 | ---- | C] (Adobe Systems Incorporated) -- I:\Program Files\DesignPremium_CS5_LS4.exe

[2009/08/14 22:24:31 | 000,036,136 | ---- | C] (Oberon Media) -- I:\ProgramData\FullRemove.exe

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/06/11 12:58:08 | 000,000,004 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\skype.ini

[2013/06/11 12:58:07 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat

[2013/06/11 12:55:36 | 000,001,104 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/06/11 12:55:16 | 000,000,344 | ---- | M] () -- I:\Windows\tasks\RegistryBooster.job

[2013/06/11 12:54:42 | 529,928,191 | -HS- | M] () -- I:\hiberfil.sys

[2013/06/11 07:00:56 | 000,003,344 | ---- | M] () -- I:\bootsqm.dat

[2013/06/10 09:53:00 | 000,001,108 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/06/10 09:26:00 | 000,000,884 | ---- | M] () -- I:\Windows\tasks\Adobe Flash Player Updater.job

[2013/06/10 09:22:42 | 000,009,920 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/06/10 09:22:42 | 000,009,920 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/05/24 05:40:44 | 000,571,532 | ---- | M] () -- I:\Users\BE.ST\Desktop\Materialzertifikat.pdf

[2013/05/21 02:17:23 | 000,002,048 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013/05/16 02:12:37 | 000,001,144 | ---- | M] () -- I:\Users\BE.ST\Desktop\Mediencenter.lnk

[2013/05/16 02:12:37 | 000,001,136 | ---- | M] () -- I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk

[2013/05/16 01:48:58 | 005,090,400 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT

[2013/05/15 11:11:19 | 000,832,646 | ---- | M] () -- I:\Windows\System32\perfh007.dat

[2013/05/15 11:11:19 | 000,787,358 | ---- | M] () -- I:\Windows\System32\perfh009.dat

[2013/05/15 11:11:19 | 000,199,222 | ---- | M] () -- I:\Windows\System32\perfc007.dat

[2013/05/15 11:11:19 | 000,172,010 | ---- | M] () -- I:\Windows\System32\perfc009.dat

[2013/05/15 09:26:14 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerApp.exe

[2013/05/15 09:26:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerCPLApp.cpl

 
 ========== Files Created - No Company Name ==========

 

[2013/06/11 07:00:56 | 000,003,344 | ---- | C] () -- I:\bootsqm.dat

[2013/06/10 09:54:53 | 000,000,004 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\skype.ini

[2013/05/24 05:40:44 | 000,571,532 | ---- | C] () -- I:\Users\BE.ST\Desktop\Materialzertifikat.pdf

[2013/05/16 02:12:37 | 000,001,144 | ---- | C] () -- I:\Users\BE.ST\Desktop\Mediencenter.lnk

[2013/05/16 02:12:37 | 000,001,136 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk

[2013/05/16 02:12:37 | 000,001,130 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk

[2012/11/21 08:39:53 | 000,000,322 | ---- | C] () -- I:\Windows\{5D13EC8D-F5A8-47FB-8273-BF969C208F8D}_WiseFW.ini

[2012/10/17 03:21:32 | 000,149,880 | ---- | C] () -- I:\Windows\Wiainst64.exe

[2012/09/25 08:27:01 | 000,000,029 | ---- | C] () -- I:\Windows\hbcikrnl.ini.lock

[2012/09/25 08:18:45 | 000,000,061 | ---- | C] () -- I:\Windows\Setup_tmp.ini

[2012/09/21 02:20:59 | 000,004,096 | -H-- | C] () -- I:\Users\BE.ST\AppData\Local\keyfile3.drm

[2012/08/03 04:36:49 | 000,024,939 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\Microsoft Excel 97-2003.ADR

[2012/06/08 03:12:33 | 000,022,433 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR

[2012/06/08 03:09:12 | 000,021,883 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\Tabulatorgetrennte Werte (DOS).ADR

[2012/02/14 10:24:07 | 000,000,127 | ---- | C] () -- I:\Windows\APDatabaseUI.INI

[2012/01/20 08:43:30 | 000,000,120 | ---- | C] () -- I:\Windows\APSqlServerUI.INI

[2012/01/16 14:33:20 | 003,535,391 | ---- | C] () -- I:\Program Files\druck7.zip

[2012/01/15 06:52:47 | 000,000,600 | ---- | C] () -- I:\Users\BE.ST\AppData\Local\PUTTY.RND

[2012/01/11 08:13:02 | 000,000,030 | ---- | C] () -- I:\Windows\ehc190.dat

[2012/01/11 08:11:23 | 000,338,432 | ---- | C] () -- I:\Windows\SysWow64\sqlite36_engine.dll

[2012/01/11 02:27:41 | 000,137,216 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\skype.dat

[2011/12/16 03:13:55 | 000,000,302 | ---- | C] () -- I:\Windows\{EF79E2B2-35E7-431B-A51F-8B507F9C647D}_WiseFW.ini

[2011/09/27 06:17:26 | 000,198,144 | ---- | C] () -- I:\Windows\SysWow64\LXPrnUtil10.dll

[2011/09/27 06:16:20 | 000,304,128 | ---- | C] () -- I:\Windows\SysWow64\LxDNT100.dll

[2011/09/27 06:14:14 | 000,133,120 | ---- | C] () -- I:\Windows\SysWow64\LxDNTvmc100.dll

[2011/09/27 06:13:58 | 000,069,120 | ---- | C] () -- I:\Windows\SysWow64\LxDNTvm100.dll

[2011/07/27 13:36:33 | 000,000,000 | ---- | C] () -- I:\Users\BE.ST\AppData\Roaming\wklnhst.dat

[2011/06/24 03:07:33 | 000,252,928 | ---- | C] () -- I:\Windows\SysWow64\DShowRdpFilter.dll

[2011/02/23 08:58:59 | 2328,442,292 | ---- | C] () -- I:\Program Files\DesignPremium_CS5_LS4.7z

[2011/02/22 12:17:14 | 000,091,352 | ---- | C] () -- I:\Program Files\Install Lightroom 3.exe

[2011/02/22 12:17:08 | 000,641,407 | R--- | C] () -- I:\Program Files\Lightroom 3 ReadMe.pdf

[2011/02/01 07:48:08 | 003,507,314 | ---- | C] () -- I:\Program Files\VFF_FkS_CD(2).zip

[2010/07/25 03:26:07 | 001,971,358 | ---- | C] () -- I:\Windows\SysWow64\PerfStringBackup.INI

[2010/07/24 07:23:43 | 000,000,056 | -H-- | C] () -- I:\Windows\SysWow64\ezsidmv.dat

[2010/07/22 03:34:29 | 000,000,144 | ---- | C] () -- I:\Windows\Pcfk32.INI

[2010/07/05 10:06:16 | 000,000,809 | ---- | C] () -- I:\Windows\CADSymbols.ini

[2010/04/01 02:05:40 | 000,000,026 | ---- | C] () -- I:\Windows\WINCMD.INI

[2010/01/21 10:29:41 | 000,009,216 | ---- | C] () -- I:\Users\BE.ST\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/04 11:26:34 | 000,022,016 | ---- | C] () -- I:\Windows\SysWow64\Docobj.dll

[2010/01/04 11:03:17 | 000,000,000 | ---- | C] () -- I:\Windows\nsreg.dat

[2010/01/04 10:53:02 | 000,000,503 | ---- | C] () -- I:\Windows\ODBCINST.ini

[2010/01/04 10:01:02 | 000,000,553 | ---- | C] () -- I:\Windows\ODBC.INI

[2009/11/17 11:11:26 | 000,303,104 | ---- | C] () -- I:\Windows\SysWow64\dnt27VC8.dll

[2009/11/17 11:09:36 | 000,143,360 | ---- | C] () -- I:\Windows\SysWow64\dntvmc27VC8.dll

[2009/11/17 11:09:20 | 000,086,016 | ---- | C] () -- I:\Windows\SysWow64\dntvm27VC8.dll

[2009/08/14 22:19:15 | 000,146,432 | ---- | C] () -- I:\Windows\SysWow64\APOMngr.DLL

[2009/08/14 22:19:15 | 000,072,704 | ---- | C] () -- I:\Windows\SysWow64\CmdRtr.DLL

[2009/08/14 22:02:55 | 000,000,000 | ---- | C] () -- I:\Windows\ativpsrm.bin

[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat

[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- I:\Windows\SysWow64\NOISE.DAT

[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- I:\Windows\SysWow64\dssec.dat

[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin

[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- I:\Windows\SysWow64\ir32_32.dll

[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- I:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\SysWow64\mlang.dat

[2008/10/07 04:13:30 | 000,197,912 | ---- | C] () -- I:\Windows\SysWow64\physxcudart_20.dll

[2008/10/07 04:13:22 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelSwedish.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelSpanish.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelPortugese.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelKorean.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelJapanese.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelGerman.dll

[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- I:\Windows\SysWow64\AgCPanelFrench.dll

[2005/07/22 23:55:00 | 000,021,747 | ---- | C] () -- I:\Windows\MSTMON_S.INI

[2005/07/22 23:55:00 | 000,019,253 | ---- | C] () -- I:\Windows\MSUMLT_S.INI

[2002/10/21 12:46:42 | 000,053,248 | ---- | C] () -- I:\Windows\SysWow64\pagesync.dll

[2001/12/12 08:41:36 | 000,041,472 | ---- | C] () -- I:\Windows\SysWow64\W32btstp.dll

[2001/12/12 08:41:36 | 000,025,088 | ---- | C] () -- I:\Windows\SysWow64\W32btxlt.dll

[2001/02/14 11:09:16 | 000,045,056 | ---- | C] () -- I:\Windows\SysWow64\CHFXGer.dll

[2000/10/25 12:15:00 | 000,017,920 | ---- | C] () -- I:\Windows\SysWow64\Implode.dll

[1999/09/21 19:00:00 | 000,100,352 | ---- | C] () -- I:\Windows\SysWow64\pg32conv.dll

 
 ========== LOP Check ==========

 

[2013/04/04 04:26:41 | 000,000,000 | ---D | M] -- I:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2010/01/04 09:45:37 | 000,000,000 | ---D | M] -- I:\ProgramData\ACD Systems

[2009/08/14 22:43:32 | 000,000,000 | ---D | M] -- I:\ProgramData\Acer

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten

[2011/07/28 04:24:00 | 000,000,000 | ---D | M] -- I:\ProgramData\Autodesk

[2009/08/14 22:31:42 | 000,000,000 | ---D | M] -- I:\ProgramData\BackupManager

[2012/09/25 08:28:43 | 000,000,000 | ---D | M] -- I:\ProgramData\bbwin

[2012/02/03 03:44:35 | 000,000,000 | ---D | M] -- I:\ProgramData\BTrieve

[2012/12/12 09:45:34 | 000,000,000 | ---D | M] -- I:\ProgramData\Cached Installations

[2010/01/18 10:27:04 | 000,000,000 | ---D | M] -- I:\ProgramData\CanonBJ

[2012/01/20 08:31:25 | 000,000,000 | ---D | M] -- I:\ProgramData\cobra

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente

[2009/08/14 22:57:20 | 000,000,000 | ---D | M] -- I:\ProgramData\EgisTec

[2011/10/21 06:48:37 | 000,000,000 | ---D | M] -- I:\ProgramData\elsterformular

[2009/08/14 22:55:13 | 000,000,000 | ---D | M] -- I:\ProgramData\eSobi

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten

[2010/01/08 05:41:02 | 000,000,000 | ---D | M] -- I:\ProgramData\FreePDF

[2010/01/04 10:32:04 | 000,000,000 | ---D | M] -- I:\ProgramData\IMSI

[2013/06/10 02:30:49 | 000,000,000 | ---D | M] -- I:\ProgramData\Lexware

[2010/01/04 09:02:38 | 000,000,000 | ---D | M] -- I:\ProgramData\OEM

[2010/07/24 07:11:05 | 000,000,000 | ---D | M] -- I:\ProgramData\Panasonic

[2010/03/26 02:27:17 | 000,000,000 | ---D | M] -- I:\ProgramData\Partner

[2013/02/11 08:37:38 | 000,000,000 | ---D | M] -- I:\ProgramData\regid.1986-12.com.adobe

[2012/10/17 03:22:19 | 000,000,000 | ---D | M] -- I:\ProgramData\Samsung

[2012/09/25 08:18:45 | 000,000,000 | ---D | M] -- I:\ProgramData\SFirm LOGS

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü

[2011/07/19 01:21:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Temp

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen

[2012/11/02 04:06:47 | 000,000,000 | ---D | M] -- I:\ProgramData\Windows Home Server

[2010/02/13 17:36:07 | 000,000,000 | ---D | M] -- I:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}

[2011/12/10 17:34:26 | 000,000,000 | ---D | M] -- I:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2011/01/20 04:11:04 | 000,000,000 | -H-D | M] -- I:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

[2013/06/11 12:55:16 | 000,000,344 | ---- | M] () -- I:\Windows\Tasks\RegistryBooster.job

[2013/05/06 02:00:51 | 000,032,632 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2011/12/21 13:08:54 | 000,000,000 | -HSD | M] -- I:\$Recycle.Bin

[2012/01/11 08:13:59 | 000,000,000 | ---D | M] -- I:\A1-Faktura-Plus

[2011/01/08 11:59:26 | 000,000,000 | -HSD | M] -- I:\ArcBackupDeviceInfo

[2011/07/28 04:22:55 | 000,000,000 | ---D | M] -- I:\Autodesk

[2011/01/12 14:42:28 | 000,000,000 | ---D | M] -- I:\backupLS4B2010

[2009/10/28 05:57:49 | 000,000,000 | ---D | M] -- I:\book

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\Dokumente und Einstellungen

[2009/08/14 22:07:20 | 000,000,000 | ---D | M] -- I:\Intel

[2010/01/05 09:25:43 | 000,000,000 | ---D | M] -- I:\Lexware

[2010/02/01 05:06:21 | 000,000,000 | RH-D | M] -- I:\MSOCache

[2010/01/04 09:02:35 | 000,000,000 | -H-D | M] -- I:\OEM

[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- I:\PerfLogs

[2013/04/04 04:26:20 | 000,000,000 | R--D | M] -- I:\Program Files

[2013/05/21 02:17:21 | 000,000,000 | R--D | M] -- I:\Program Files (x86)

[2013/05/16 04:25:33 | 000,000,000 | ---D | M] -- I:\ProgramData

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\Programme

[2010/01/04 09:01:58 | 000,000,000 | -HSD | M] -- I:\Recovery

[2013/06/11 15:26:59 | 000,000,000 | -HSD | M] -- I:\System Volume Information

[2011/07/28 05:52:53 | 000,000,000 | R--D | M] -- I:\Users

[2013/06/11 05:19:54 | 000,000,000 | ---D | M] -- I:\Windows

[2012/01/21 03:57:15 | 000,000,000 | ---D | M] -- I:\Windows Home Server-Treiber für Wiederherstellung

[2013/06/10 20:38:16 | 000,000,000 | ---D | M] -- I:\_OTL

 
 < %PROGRAMFILES%\*.exe >

[2011/02/23 14:25:38 | 001,228,416 | ---- | M] (Adobe Systems Incorporated) -- I:\Program Files\DesignPremium_CS5_LS4.exe

[2012/01/11 08:10:32 | 000,507,904 | ---- | M] (www.download-sponsor.de) -- I:\Program Files\Downloader-fuer-SETUP_A1-Faktura-Plus.exe

[2011/12/28 03:57:02 | 019,298,464 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- I:\Program Files\FreeYouTubeToMP3Converter.exe

[2010/11/18 16:41:34 | 000,091,352 | ---- | M] () -- I:\Program Files\Install Lightroom 3.exe

[2011/12/28 05:04:13 | 000,077,236 | ---- | M] (AppWork UG (haftungsbeschränkt)) -- I:\Program Files\jDownloaderWebInstaller09581.exe

 

Invalid Environment Variable: %LOCALAPPDATA%\*.exe

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: AGP440.SYS  >

[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\System32\drivers\AGP440.sys

[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\System32\drivers\atapi.sys

[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- I:\Windows\SysWOW64\cngaudit.dll

[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- I:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- I:\Windows\System32\cngaudit.dll

[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- I:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe

[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe

[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe

[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- I:\Windows\explorer.exe

[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- I:\Windows\SysWOW64\explorer.exe

[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2009/08/07 00:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- I:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2009/08/07 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- I:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

[2009/08/07 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- I:\Windows Home Server-Treiber für Wiederherstellung\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys

[2009/08/07 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- I:\Windows\System32\(SYSTEM RESERVED)\Windows Home Server-Treiber für Wiederherstellung\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys

[2009/08/07 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- I:\Windows\System32\drivers\iaStor.sys

[2009/08/07 00:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- I:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- I:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- I:\Windows\System32\drivers\iaStorV.sys

[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- I:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011/03/11 02:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- I:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- I:\Windows\System32\netlogon.dll

[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- I:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- I:\Windows\SysWOW64\netlogon.dll

[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- I:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- I:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- I:\Windows\System32\drivers\nvstor.sys

[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- I:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- I:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- I:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- I:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- I:\Windows\SysWOW64\scecli.dll

[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- I:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- I:\Windows\System32\scecli.dll

[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- I:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- I:\Windows\SysWOW64\user32.dll

[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- I:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- I:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- I:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- I:\Windows\System32\user32.dll

[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- I:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- I:\Windows\SysWOW64\userinit.exe

[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- I:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- I:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- I:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- I:\Windows\System32\userinit.exe

[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- I:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- I:\Windows\System32\winlogon.exe

[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- I:\Windows\System32\drivers\ws2ifsl.sys

[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- I:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 

Invalid Environment Variable: %USERPROFILE%\*.*

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll

 

Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 120 bytes -> I:\ProgramData\Temp:F7F48F12

< End of report >

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

:OTL

O20 - HKU\BE.ST_ON_I Winlogon: Shell - (C:\Users\BE.ST\AppData\Roaming\skype.dat) - I:\Users\BE.ST\AppData\Roaming\skype.dat ()

:Files

:Commands

[EMPTYFLASH] 

[emptytemp]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

Hier der log

Code:

========== OTL ==========

Registry value HKEY_USERS\BE.ST_ON_I\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\BE.ST\AppData\Roaming\skype.dat deleted successfully.

I:\Users\BE.ST\AppData\Roaming\skype.dat moved successfully.

========== FILES ==========

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: All Users

 

User: BE.ST

->Temp folder emptied: 1610810482 bytes

->Temporary Internet Files folder emptied: 168368750 bytes

->Java cache emptied: 23995198 bytes

->FireFox cache emptied: 461268062 bytes

->Flash cache emptied: 42196 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 41620 bytes

 

User: Default User

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 41620 bytes

 

Total Flash Files Cleaned = 2,160.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: BE.ST

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes

 

Total Files Cleaned = 0.00 mb

 

 

OTLPE by OldTimer - Version 3.1.48.0 log created on 06122013_001611

und windows ist auch wieder normal gestartet mit ein paar Verbindungsmeldungen, da der Rechner noch nicht wieder mit dem Internet verbunden ist.

ok.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

ok, TDSSKiller ist problemlos durchgelaufen und hier ist das log file

Code:

15:36:19.0464 7156  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

15:36:19.0480 7156  ============================================================

15:36:19.0480 7156  Current date / time: 2013/06/12 15:36:19.0480

15:36:19.0480 7156  SystemInfo:

15:36:19.0480 7156  

15:36:19.0480 7156  OS Version: 6.1.7601 ServicePack: 1.0

15:36:19.0480 7156  Product type: Workstation

15:36:19.0480 7156  ComputerName: ACER_HB

15:36:19.0480 7156  UserName: BE.ST

15:36:19.0480 7156  Windows directory: C:\Windows

15:36:19.0480 7156  System windows directory: C:\Windows

15:36:19.0480 7156  Running under WOW64

15:36:19.0480 7156  Processor architecture: Intel x64

15:36:19.0480 7156  Number of processors: 8

15:36:19.0480 7156  Page size: 0x1000

15:36:19.0480 7156  Boot type: Normal boot

15:36:19.0480 7156  ============================================================

15:36:20.0135 7156  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:36:20.0151 7156  Drive \Device\Harddisk5\DR5 - Size: 0x3B6000000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x791, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

15:36:20.0151 7156  ============================================================

15:36:20.0151 7156  \Device\Harddisk0\DR0:

15:36:20.0151 7156  MBR partitions:

15:36:20.0151 7156  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000

15:36:20.0151 7156  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x395E7000

15:36:20.0151 7156  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B019800, BlocksNum 0x396EC800

15:36:20.0151 7156  \Device\Harddisk5\DR5:

15:36:20.0151 7156  MBR partitions:

15:36:20.0151 7156  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x970, BlocksNum 0x1DAF690

15:36:20.0151 7156  ============================================================

15:36:20.0244 7156  C: <-> \Device\Harddisk0\DR0\Partition2

15:36:20.0291 7156  D: <-> \Device\Harddisk0\DR0\Partition3

15:36:20.0291 7156  ============================================================

15:36:20.0291 7156  Initialize success

15:36:20.0291 7156  ============================================================

15:36:32.0631 5628  ============================================================

15:36:32.0631 5628  Scan started

15:36:32.0631 5628  Mode: Manual; 

15:36:32.0631 5628  ============================================================

15:36:33.0505 5628  ================ Scan system memory ========================

15:36:33.0505 5628  System memory - ok

15:36:33.0505 5628  ================ Scan services =============================

15:36:33.0895 5628  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

15:36:33.0910 5628  1394ohci - ok

15:36:34.0097 5628  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

15:36:34.0113 5628  ACDaemon - ok

15:36:34.0207 5628  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

15:36:34.0207 5628  ACPI - ok

15:36:34.0222 5628  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

15:36:34.0222 5628  AcpiPmi - ok

15:36:34.0378 5628  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

15:36:34.0378 5628  AdobeARMservice - ok

15:36:34.0550 5628  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:36:34.0597 5628  AdobeFlashPlayerUpdateSvc - ok

15:36:34.0643 5628  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

15:36:34.0659 5628  adp94xx - ok

15:36:34.0675 5628  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

15:36:34.0675 5628  adpahci - ok

15:36:34.0706 5628  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

15:36:34.0706 5628  adpu320 - ok

15:36:34.0737 5628  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

15:36:34.0737 5628  AeLookupSvc - ok

15:36:34.0846 5628  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

15:36:34.0862 5628  AFD - ok

15:36:34.0940 5628  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

15:36:34.0955 5628  agp440 - ok

15:36:35.0377 5628  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll

15:36:35.0377 5628  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE

15:36:35.0377 5628  Akamai ( HiddenFile.Multi.Generic ) - warning

15:36:35.0377 5628  Akamai - detected HiddenFile.Multi.Generic (1)

15:36:35.0423 5628  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

15:36:35.0423 5628  ALG - ok

15:36:35.0486 5628  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

15:36:35.0501 5628  aliide - ok

15:36:35.0517 5628  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

15:36:35.0517 5628  amdide - ok

15:36:35.0564 5628  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

15:36:35.0579 5628  AmdK8 - ok

15:36:35.0595 5628  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

15:36:35.0611 5628  AmdPPM - ok

15:36:35.0642 5628  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

15:36:35.0657 5628  amdsata - ok

15:36:35.0704 5628  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

15:36:35.0704 5628  amdsbs - ok

15:36:35.0735 5628  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

15:36:35.0735 5628  amdxata - ok

15:36:35.0798 5628  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

15:36:35.0829 5628  AntiVirSchedulerService - ok

15:36:35.0845 5628  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

15:36:35.0860 5628  AntiVirService - ok

15:36:35.0923 5628  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

15:36:35.0954 5628  AppID - ok

15:36:35.0985 5628  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

15:36:36.0032 5628  AppIDSvc - ok

15:36:36.0079 5628  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

15:36:36.0110 5628  Appinfo - ok

15:36:36.0297 5628  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:36:36.0297 5628  Apple Mobile Device - ok

15:36:36.0344 5628  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

15:36:36.0344 5628  arc - ok

15:36:36.0359 5628  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

15:36:36.0375 5628  arcsas - ok

15:36:36.0531 5628  [ 3CE5C5A72ACB0A12B5A02C35550DC1A2 ] arXfrSvc        C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe

15:36:36.0531 5628  arXfrSvc - ok

15:36:36.0734 5628  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:36:36.0827 5628  aspnet_state - ok

15:36:36.0874 5628  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

15:36:36.0874 5628  AsyncMac - ok

15:36:36.0937 5628  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

15:36:36.0937 5628  atapi - ok

15:36:37.0030 5628  [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys

15:36:37.0124 5628  atikmdag - ok

15:36:37.0264 5628  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:36:37.0295 5628  AudioEndpointBuilder - ok

15:36:37.0295 5628  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

15:36:37.0311 5628  AudioSrv - ok

15:36:37.0358 5628  [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe

15:36:37.0358 5628  Autodesk Licensing Service - ok

15:36:37.0373 5628  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

15:36:37.0373 5628  avgntflt - ok

15:36:37.0405 5628  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

15:36:37.0420 5628  avipbb - ok

15:36:37.0436 5628  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

15:36:37.0436 5628  avkmgr - ok

15:36:37.0483 5628  [ C51101FC4C4AAB3AF977864A65266DBB ] avmident        C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe

15:36:37.0483 5628  avmident - ok

15:36:37.0545 5628  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

15:36:37.0561 5628  AxInstSV - ok

15:36:37.0592 5628  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

15:36:37.0592 5628  b06bdrv - ok

15:36:37.0623 5628  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

15:36:37.0639 5628  b57nd60a - ok

15:36:37.0654 5628  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

15:36:37.0670 5628  BDESVC - ok

15:36:37.0685 5628  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

15:36:37.0701 5628  Beep - ok

15:36:37.0826 5628  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

15:36:37.0857 5628  BFE - ok

15:36:38.0075 5628  [ 85D5E6AC46A2AE4672C1AC813AE45B95 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

15:36:38.0091 5628  BingDesktopUpdate - ok

15:36:38.0263 5628  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

15:36:38.0263 5628  BITS - ok

15:36:38.0309 5628  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

15:36:38.0341 5628  blbdrive - ok

15:36:38.0497 5628  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

15:36:38.0497 5628  Bonjour Service - ok

15:36:38.0543 5628  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

15:36:38.0559 5628  bowser - ok

15:36:38.0575 5628  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:36:38.0575 5628  BrFiltLo - ok

15:36:38.0590 5628  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:36:38.0590 5628  BrFiltUp - ok

15:36:38.0637 5628  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

15:36:38.0653 5628  Browser - ok

15:36:38.0668 5628  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

15:36:38.0684 5628  Brserid - ok

15:36:38.0699 5628  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

15:36:38.0731 5628  BrSerWdm - ok

15:36:38.0762 5628  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

15:36:38.0793 5628  BrUsbMdm - ok

15:36:38.0793 5628  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

15:36:38.0793 5628  BrUsbSer - ok

15:36:38.0809 5628  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

15:36:38.0809 5628  BTHMODEM - ok

15:36:38.0902 5628  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

15:36:38.0918 5628  bthserv - ok

15:36:38.0933 5628  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

15:36:38.0965 5628  cdfs - ok

15:36:39.0011 5628  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys

15:36:39.0043 5628  cdrom - ok

15:36:39.0105 5628  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

15:36:39.0136 5628  CertPropSvc - ok

15:36:39.0167 5628  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

15:36:39.0183 5628  circlass - ok

15:36:39.0230 5628  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

15:36:39.0261 5628  CLFS - ok

15:36:39.0417 5628  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:36:39.0433 5628  clr_optimization_v2.0.50727_32 - ok

15:36:39.0479 5628  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:36:39.0479 5628  clr_optimization_v2.0.50727_64 - ok

15:36:39.0651 5628  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:36:39.0947 5628  clr_optimization_v4.0.30319_32 - ok

15:36:40.0025 5628  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:36:40.0119 5628  clr_optimization_v4.0.30319_64 - ok

15:36:40.0166 5628  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

15:36:40.0181 5628  CmBatt - ok

15:36:40.0228 5628  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

15:36:40.0259 5628  cmdide - ok

15:36:40.0337 5628  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

15:36:40.0369 5628  CNG - ok

15:36:40.0415 5628  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

15:36:40.0447 5628  Compbatt - ok

15:36:40.0493 5628  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

15:36:40.0525 5628  CompositeBus - ok

15:36:40.0525 5628  COMSysApp - ok

15:36:40.0556 5628  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

15:36:40.0587 5628  crcdisk - ok

15:36:40.0681 5628  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

15:36:40.0727 5628  CryptSvc - ok

15:36:40.0805 5628  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

15:36:40.0805 5628  DcomLaunch - ok

15:36:40.0837 5628  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

15:36:40.0837 5628  defragsvc - ok

15:36:41.0024 5628  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

15:36:41.0055 5628  DfsC - ok

15:36:41.0149 5628  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

15:36:41.0195 5628  Dhcp - ok

15:36:41.0227 5628  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

15:36:41.0227 5628  discache - ok

15:36:41.0258 5628  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

15:36:41.0258 5628  Disk - ok

15:36:41.0305 5628  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

15:36:41.0305 5628  Dnscache - ok

15:36:41.0398 5628  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

15:36:41.0429 5628  dot3svc - ok

15:36:41.0445 5628  [ B42ED0320C6E41102FDE0005154849BB ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys

15:36:41.0461 5628  dot4 - ok

15:36:41.0507 5628  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys

15:36:41.0523 5628  Dot4Print - ok

15:36:41.0523 5628  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

15:36:41.0539 5628  dot4usb - ok

15:36:41.0570 5628  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

15:36:41.0570 5628  DPS - ok

15:36:41.0601 5628  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

15:36:41.0601 5628  drmkaud - ok

15:36:41.0804 5628  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

15:36:41.0819 5628  DXGKrnl - ok

15:36:41.0866 5628  [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y62x64.sys

15:36:41.0882 5628  e1yexpress - ok

15:36:41.0897 5628  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

15:36:41.0897 5628  EapHost - ok

15:36:42.0069 5628  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

15:36:42.0100 5628  ebdrv - ok

15:36:42.0163 5628  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

15:36:42.0163 5628  EFS - ok

15:36:42.0428 5628  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

15:36:42.0443 5628  ehRecvr - ok

15:36:42.0521 5628  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

15:36:42.0537 5628  ehSched - ok

15:36:42.0631 5628  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

15:36:42.0662 5628  elxstor - ok

15:36:42.0677 5628  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

15:36:42.0677 5628  ErrDev - ok

15:36:42.0755 5628  [ C987933DED6EEDD2D0CA66ACC4286632 ] esClient        C:\Program Files\Windows Home Server\esClient.exe

15:36:42.0755 5628  esClient - ok

15:36:42.0802 5628  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

15:36:42.0818 5628  EventSystem - ok

15:36:42.0833 5628  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

15:36:42.0849 5628  exfat - ok

15:36:42.0865 5628  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

15:36:42.0865 5628  fastfat - ok

15:36:43.0021 5628  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

15:36:43.0052 5628  Fax - ok

15:36:43.0067 5628  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

15:36:43.0379 5628  fdc - ok

15:36:43.0738 5628  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

15:36:43.0738 5628  fdPHost - ok

15:36:43.0754 5628  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

15:36:43.0769 5628  FDResPub - ok

15:36:43.0785 5628  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

15:36:43.0785 5628  FileInfo - ok

15:36:43.0801 5628  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

15:36:43.0801 5628  Filetrace - ok

15:36:43.0832 5628  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

15:36:43.0832 5628  flpydisk - ok

15:36:43.0941 5628  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

15:36:44.0003 5628  FltMgr - ok

15:36:44.0081 5628  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

15:36:44.0097 5628  FontCache - ok

15:36:44.0144 5628  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:36:44.0206 5628  FontCache3.0.0.0 - ok

15:36:44.0237 5628  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

15:36:44.0300 5628  FsDepends - ok

15:36:44.0347 5628  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

15:36:44.0347 5628  Fs_Rec - ok

15:36:44.0409 5628  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

15:36:44.0471 5628  fvevol - ok

15:36:44.0503 5628  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

15:36:44.0565 5628  gagp30kx - ok

15:36:44.0627 5628  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:36:44.0643 5628  GEARAspiWDM - ok

15:36:44.0783 5628  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

15:36:44.0877 5628  gpsvc - ok

15:36:45.0002 5628  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

15:36:45.0127 5628  Greg_Service - ok

15:36:45.0236 5628  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:36:45.0236 5628  gupdate - ok

15:36:45.0314 5628  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:36:45.0314 5628  gupdatem - ok

15:36:45.0345 5628  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

15:36:45.0361 5628  gusvc - ok

15:36:45.0407 5628  [ 215DCB833B0747FBAD8AE28C85B5381C ] gwfilt64        C:\Windows\system32\drivers\gwfilt64.sys

15:36:45.0407 5628  gwfilt64 - ok

15:36:45.0439 5628  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

15:36:45.0439 5628  hcw85cir - ok

15:36:45.0641 5628  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

15:36:45.0719 5628  HdAudAddService - ok

15:36:45.0735 5628  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

15:36:45.0751 5628  HDAudBus - ok

15:36:45.0766 5628  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

15:36:45.0766 5628  HidBatt - ok

15:36:45.0782 5628  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

15:36:45.0782 5628  HidBth - ok

15:36:45.0813 5628  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

15:36:45.0813 5628  HidIr - ok

15:36:45.0829 5628  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

15:36:45.0829 5628  hidserv - ok

15:36:45.0875 5628  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

15:36:45.0891 5628  HidUsb - ok

15:36:45.0922 5628  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

15:36:45.0938 5628  hkmsvc - ok

15:36:46.0000 5628  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

15:36:46.0000 5628  HomeGroupListener - ok

15:36:46.0063 5628  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

15:36:46.0063 5628  HomeGroupProvider - ok

15:36:46.0125 5628  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

15:36:46.0125 5628  HpSAMD - ok

15:36:46.0219 5628  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

15:36:46.0234 5628  HTTP - ok

15:36:46.0281 5628  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

15:36:46.0281 5628  hwpolicy - ok

15:36:46.0343 5628  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

15:36:46.0359 5628  i8042prt - ok

15:36:46.0437 5628  [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

15:36:46.0453 5628  IAANTMON - ok

15:36:46.0499 5628  [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE          C:\Windows\system32\DRIVERS\IAMTVE.sys

15:36:46.0499 5628  IAMTVE - ok

15:36:46.0515 5628  [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE         C:\Windows\system32\DRIVERS\IAMTXPE.sys

15:36:46.0515 5628  IAMTXPE - ok

15:36:46.0546 5628  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

15:36:46.0546 5628  iaStor - ok

15:36:46.0640 5628  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

15:36:46.0687 5628  iaStorV - ok

15:36:46.0765 5628  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:36:46.0796 5628  idsvc - ok

15:36:46.0905 5628  [ AC9EBDE25DB39A35E1CEB0441BA7A464 ] IGDCTRL         C:\Program Files\FRITZ!DSL\IGDCTRL.EXE

15:36:46.0921 5628  IGDCTRL - ok

15:36:47.0014 5628  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

15:36:47.0014 5628  iirsp - ok

15:36:47.0155 5628  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

15:36:47.0233 5628  IKEEXT - ok

15:36:47.0373 5628  [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

15:36:47.0404 5628  IntcAzAudAddService - ok

15:36:47.0404 5628  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

15:36:47.0404 5628  intelide - ok

15:36:47.0435 5628  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

15:36:47.0435 5628  intelppm - ok

15:36:47.0467 5628  [ 127F0A7586ACEC7B83131BFF2B4394C1 ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys

15:36:47.0482 5628  ioatdma1 - ok

15:36:47.0482 5628  [ 70CC19B5C076F8497CAB4A77D6500E8A ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys

15:36:47.0498 5628  ioatdma2 - ok

15:36:47.0529 5628  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

15:36:47.0529 5628  IPBusEnum - ok

15:36:47.0576 5628  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:36:47.0591 5628  IpFilterDriver - ok

15:36:47.0638 5628  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

15:36:47.0654 5628  iphlpsvc - ok

15:36:47.0685 5628  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

15:36:47.0701 5628  IPMIDRV - ok

15:36:47.0716 5628  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

15:36:47.0732 5628  IPNAT - ok

15:36:47.0794 5628  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

15:36:47.0794 5628  iPod Service - ok

15:36:47.0810 5628  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

15:36:47.0825 5628  IRENUM - ok

15:36:47.0872 5628  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

15:36:47.0888 5628  isapnp - ok

15:36:47.0888 5628  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

15:36:47.0903 5628  iScsiPrt - ok

15:36:47.0935 5628  [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys

15:36:47.0935 5628  JRAID - ok

15:36:47.0950 5628  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

15:36:47.0950 5628  kbdclass - ok

15:36:47.0966 5628  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

15:36:47.0966 5628  kbdhid - ok

15:36:47.0981 5628  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

15:36:47.0981 5628  KeyIso - ok

15:36:48.0028 5628  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

15:36:48.0028 5628  KSecDD - ok

15:36:48.0122 5628  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

15:36:48.0137 5628  KSecPkg - ok

15:36:48.0169 5628  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

15:36:48.0169 5628  ksthunk - ok

15:36:48.0184 5628  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

15:36:48.0200 5628  KtmRm - ok

15:36:48.0247 5628  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll

15:36:48.0278 5628  LanmanServer - ok

15:36:48.0309 5628  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:36:48.0325 5628  LanmanWorkstation - ok

15:36:48.0340 5628  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

15:36:48.0340 5628  lltdio - ok

15:36:48.0356 5628  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

15:36:48.0371 5628  lltdsvc - ok

15:36:48.0387 5628  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

15:36:48.0403 5628  lmhosts - ok

15:36:48.0434 5628  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

15:36:48.0449 5628  LSI_FC - ok

15:36:48.0465 5628  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

15:36:48.0481 5628  LSI_SAS - ok

15:36:48.0481 5628  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:36:48.0496 5628  LSI_SAS2 - ok

15:36:48.0496 5628  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:36:48.0512 5628  LSI_SCSI - ok

15:36:48.0527 5628  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

15:36:48.0527 5628  luafv - ok

15:36:48.0574 5628  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

15:36:48.0590 5628  Mcx2Svc - ok

15:36:48.0715 5628  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

15:36:48.0777 5628  MDM - ok

15:36:48.0793 5628  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

15:36:48.0793 5628  megasas - ok

15:36:48.0808 5628  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

15:36:48.0824 5628  MegaSR - ok

15:36:48.0917 5628  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

15:36:48.0933 5628  Microsoft Office Groove Audit Service - ok

15:36:48.0964 5628  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

15:36:48.0964 5628  MMCSS - ok

15:36:49.0011 5628  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

15:36:49.0042 5628  Modem - ok

15:36:49.0058 5628  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

15:36:49.0058 5628  monitor - ok

15:36:49.0105 5628  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

15:36:49.0105 5628  mouclass - ok

15:36:49.0120 5628  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

15:36:49.0136 5628  mouhid - ok

15:36:49.0183 5628  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

15:36:49.0183 5628  mountmgr - ok

15:36:49.0292 5628  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:36:49.0307 5628  MozillaMaintenance - ok

15:36:49.0354 5628  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

15:36:49.0385 5628  mpio - ok

15:36:49.0417 5628  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

15:36:49.0432 5628  mpsdrv - ok

15:36:49.0588 5628  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

15:36:49.0651 5628  MpsSvc - ok

15:36:49.0713 5628  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

15:36:49.0744 5628  MRxDAV - ok

15:36:49.0791 5628  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

15:36:49.0807 5628  mrxsmb - ok

15:36:49.0853 5628  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:36:49.0853 5628  mrxsmb10 - ok

15:36:49.0869 5628  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:36:49.0869 5628  mrxsmb20 - ok

15:36:49.0916 5628  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

15:36:49.0931 5628  msahci - ok

15:36:49.0994 5628  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

15:36:50.0025 5628  msdsm - ok

15:36:50.0041 5628  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

15:36:50.0041 5628  MSDTC - ok

15:36:50.0072 5628  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

15:36:50.0072 5628  Msfs - ok

15:36:50.0087 5628  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

15:36:50.0087 5628  mshidkmdf - ok

15:36:50.0134 5628  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

15:36:50.0134 5628  msisadrv - ok

15:36:50.0150 5628  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

15:36:50.0165 5628  MSiSCSI - ok

15:36:50.0165 5628  msiserver - ok

15:36:50.0181 5628  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

15:36:50.0181 5628  MSKSSRV - ok

15:36:50.0181 5628  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

15:36:50.0181 5628  MSPCLOCK - ok

15:36:50.0197 5628  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

15:36:50.0197 5628  MSPQM - ok

15:36:50.0228 5628  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

15:36:50.0259 5628  MsRPC - ok

15:36:50.0290 5628  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

15:36:50.0290 5628  mssmbios - ok

15:36:50.0462 5628  MSSQL$COBRA - ok

15:36:50.0727 5628  MSSQL$COMBIT_CRM - ok

15:36:50.0789 5628  [ AE0277B34DC0F8E0F8257690BECFC4BA ] MSSQLFDLauncher$COMBIT_CRM C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\fdlauncher.exe

15:36:50.0789 5628  MSSQLFDLauncher$COMBIT_CRM - ok

15:36:50.0899 5628  [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

15:36:50.0914 5628  MSSQLServerADHelper100 - ok

15:36:50.0992 5628  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

15:36:51.0008 5628  MSTEE - ok

15:36:51.0023 5628  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

15:36:51.0023 5628  MTConfig - ok

15:36:51.0039 5628  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

15:36:51.0039 5628  Mup - ok

15:36:51.0070 5628  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

15:36:51.0070 5628  mwlPSDFilter - ok

15:36:51.0086 5628  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

15:36:51.0086 5628  mwlPSDNServ - ok

15:36:51.0133 5628  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

15:36:51.0133 5628  mwlPSDVDisk - ok

15:36:51.0226 5628  [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

15:36:51.0242 5628  MWLService - ok

15:36:51.0351 5628  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

15:36:51.0367 5628  napagent - ok

15:36:51.0476 5628  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

15:36:51.0523 5628  NativeWifiP - ok

15:36:51.0710 5628  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

15:36:51.0725 5628  NDIS - ok

15:36:51.0803 5628  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

15:36:51.0819 5628  NdisCap - ok

15:36:51.0881 5628  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

15:36:51.0897 5628  NdisTapi - ok

15:36:51.0975 5628  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

15:36:52.0006 5628  Ndisuio - ok

15:36:52.0037 5628  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

15:36:52.0069 5628  NdisWan - ok

15:36:52.0147 5628  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

15:36:52.0162 5628  NDProxy - ok

15:36:52.0459 5628  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

15:36:52.0599 5628  Nero BackItUp Scheduler 4.0 - ok

15:36:52.0646 5628  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

15:36:52.0646 5628  NetBIOS - ok

15:36:52.0693 5628  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

15:36:52.0755 5628  NetBT - ok

15:36:52.0817 5628  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

15:36:52.0817 5628  Netlogon - ok

15:36:52.0942 5628  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

15:36:52.0942 5628  Netman - ok

15:36:53.0036 5628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:36:53.0192 5628  NetMsmqActivator - ok

15:36:53.0254 5628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:36:53.0254 5628  NetPipeActivator - ok

15:36:53.0363 5628  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

15:36:53.0395 5628  netprofm - ok

15:36:53.0410 5628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:36:53.0426 5628  NetTcpActivator - ok

15:36:53.0441 5628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:36:53.0441 5628  NetTcpPortSharing - ok

15:36:53.0488 5628  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

15:36:53.0504 5628  nfrd960 - ok

15:36:53.0597 5628  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

15:36:53.0613 5628  NlaSvc - ok

15:36:53.0644 5628  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

15:36:53.0660 5628  Npfs - ok

15:36:53.0707 5628  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

15:36:53.0707 5628  nsi - ok

15:36:53.0738 5628  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

15:36:53.0769 5628  nsiproxy - ok

15:36:54.0019 5628  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

15:36:54.0268 5628  Ntfs - ok

15:36:54.0455 5628  [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

15:36:54.0471 5628  NTI IScheduleSvc - ok

15:36:54.0533 5628  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys

15:36:54.0533 5628  NTIDrvr - ok

15:36:54.0565 5628  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

15:36:54.0580 5628  Null - ok

15:36:56.0312 5628  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:36:56.0374 5628  nvlddmkm - ok

15:36:56.0483 5628  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

15:36:56.0515 5628  nvraid - ok

15:36:56.0608 5628  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

15:36:56.0655 5628  nvstor - ok

15:36:56.0967 5628  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe

15:36:56.0983 5628  nvsvc - ok

15:36:57.0341 5628  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

15:36:57.0653 5628  nvUpdatusService - ok

15:36:57.0747 5628  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

15:36:57.0778 5628  nv_agp - ok

15:36:58.0028 5628  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:36:58.0137 5628  odserv - ok

15:36:58.0153 5628  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

15:36:58.0199 5628  ohci1394 - ok

15:36:58.0433 5628  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:36:58.0480 5628  ose - ok

15:36:58.0574 5628  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

15:36:58.0589 5628  p2pimsvc - ok

15:36:58.0745 5628  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

15:36:58.0777 5628  p2psvc - ok

15:36:58.0839 5628  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

15:36:58.0855 5628  Parport - ok

15:36:58.0901 5628  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

15:36:58.0948 5628  partmgr - ok

15:36:59.0042 5628  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

15:36:59.0057 5628  PcaSvc - ok

15:36:59.0104 5628  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

15:36:59.0167 5628  pci - ok

15:36:59.0198 5628  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

15:36:59.0229 5628  pciide - ok

15:36:59.0307 5628  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

15:36:59.0338 5628  pcmcia - ok

15:36:59.0369 5628  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

15:36:59.0369 5628  pcw - ok

15:36:59.0510 5628  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

15:36:59.0588 5628  PEAUTH - ok

15:37:00.0555 5628  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

15:37:00.0571 5628  PerfHost - ok

15:37:00.0914 5628  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

15:37:01.0070 5628  pla - ok

15:37:01.0273 5628  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

15:37:01.0288 5628  PlugPlay - ok

15:37:01.0319 5628  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

15:37:01.0335 5628  PNRPAutoReg - ok

15:37:01.0397 5628  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

15:37:01.0413 5628  PNRPsvc - ok

15:37:01.0507 5628  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

15:37:01.0569 5628  PolicyAgent - ok

15:37:01.0678 5628  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

15:37:01.0678 5628  Power - ok

15:37:01.0772 5628  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

15:37:01.0803 5628  PptpMiniport - ok

15:37:01.0865 5628  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

15:37:01.0897 5628  Processor - ok

15:37:01.0990 5628  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

15:37:02.0037 5628  ProfSvc - ok

15:37:02.0068 5628  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

15:37:02.0068 5628  ProtectedStorage - ok

15:37:02.0224 5628  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

15:37:02.0224 5628  Psched - ok

15:37:02.0521 5628  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

15:37:02.0599 5628  ql2300 - ok

15:37:02.0645 5628  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

15:37:02.0677 5628  ql40xx - ok

15:37:02.0770 5628  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

15:37:02.0817 5628  QWAVE - ok

15:37:02.0879 5628  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

15:37:02.0911 5628  QWAVEdrv - ok

15:37:02.0926 5628  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

15:37:02.0957 5628  RasAcd - ok

15:37:03.0067 5628  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

15:37:03.0098 5628  RasAgileVpn - ok

15:37:03.0191 5628  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

15:37:03.0285 5628  RasAuto - ok

15:37:03.0332 5628  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

15:37:03.0363 5628  Rasl2tp - ok

15:37:03.0503 5628  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

15:37:03.0550 5628  RasMan - ok

15:37:03.0722 5628  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

15:37:03.0753 5628  RasPppoe - ok

15:37:03.0815 5628  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

15:37:03.0847 5628  RasSstp - ok

15:37:03.0971 5628  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

15:37:04.0034 5628  rdbss - ok

15:37:04.0096 5628  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

15:37:04.0112 5628  rdpbus - ok

15:37:04.0174 5628  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

15:37:04.0190 5628  RDPCDD - ok

15:37:04.0268 5628  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

15:37:04.0283 5628  RDPENCDD - ok

15:37:04.0315 5628  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

15:37:04.0346 5628  RDPREFMP - ok

15:37:04.0455 5628  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

15:37:04.0486 5628  RdpVideoMiniport - ok

15:37:04.0533 5628  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

15:37:04.0564 5628  RDPWD - ok

15:37:04.0658 5628  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

15:37:04.0705 5628  rdyboost - ok

15:37:04.0736 5628  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

15:37:04.0767 5628  RemoteAccess - ok

15:37:04.0861 5628  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

15:37:04.0907 5628  RemoteRegistry - ok

15:37:04.0970 5628  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

15:37:04.0985 5628  RpcEptMapper - ok

15:37:05.0048 5628  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

15:37:05.0079 5628  RpcLocator - ok

15:37:05.0141 5628  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

15:37:05.0141 5628  RpcSs - ok

15:37:05.0251 5628  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

15:37:05.0282 5628  rspndr - ok

15:37:05.0313 5628  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

15:37:05.0313 5628  SamSs - ok

15:37:05.0781 5628  [ 6090BCB4345D615070D3155A0A2EB60F ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe

15:37:05.0906 5628  Samsung Network Fax Server - ok

15:37:05.0937 5628  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

15:37:05.0953 5628  sbp2port - ok

15:37:06.0046 5628  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

15:37:06.0155 5628  SCardSvr - ok

15:37:06.0187 5628  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

15:37:06.0202 5628  scfilter - ok

15:37:06.0499 5628  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

15:37:06.0623 5628  Schedule - ok

15:37:06.0655 5628  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

15:37:06.0655 5628  SCPolicySvc - ok

15:37:06.0733 5628  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

15:37:06.0764 5628  SDRSVC - ok

15:37:07.0107 5628  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe

15:37:07.0107 5628  SearchAnonymizer - ok

15:37:07.0232 5628  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

15:37:07.0247 5628  secdrv - ok

15:37:07.0294 5628  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

15:37:07.0325 5628  seclogon - ok

15:37:07.0388 5628  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

15:37:07.0388 5628  SENS - ok

15:37:07.0450 5628  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

15:37:07.0466 5628  SensrSvc - ok

15:37:07.0559 5628  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

15:37:07.0591 5628  Serenum - ok

15:37:07.0684 5628  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

15:37:07.0715 5628  Serial - ok

15:37:07.0793 5628  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

15:37:07.0809 5628  sermouse - ok

15:37:07.0840 5628  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

15:37:07.0840 5628  SessionEnv - ok

15:37:07.0887 5628  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

15:37:07.0918 5628  sffdisk - ok

15:37:07.0949 5628  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

15:37:07.0965 5628  sffp_mmc - ok

15:37:07.0996 5628  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

15:37:08.0012 5628  sffp_sd - ok

15:37:08.0090 5628  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

15:37:08.0105 5628  sfloppy - ok

15:37:08.0230 5628  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

15:37:08.0277 5628  SharedAccess - ok

15:37:08.0386 5628  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:37:08.0386 5628  ShellHWDetection - ok

15:37:08.0480 5628  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:37:08.0511 5628  SiSRaid2 - ok

15:37:08.0527 5628  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

15:37:08.0558 5628  SiSRaid4 - ok

15:37:09.0619 5628  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

15:37:09.0697 5628  Skype C2C Service - ok

15:37:09.0962 5628  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

15:37:09.0962 5628  SkypeUpdate - ok

15:37:10.0055 5628  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

15:37:10.0071 5628  Smb - ok

15:37:10.0133 5628  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

15:37:10.0165 5628  SNMPTRAP - ok

15:37:10.0180 5628  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

15:37:10.0196 5628  spldr - ok

15:37:10.0352 5628  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

15:37:10.0367 5628  Spooler - ok

15:37:11.0303 5628  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

15:37:11.0397 5628  sppsvc - ok

15:37:11.0459 5628  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

15:37:11.0491 5628  sppuinotify - ok

15:37:11.0803 5628  [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$COBRA  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\SQLAGENT.EXE

15:37:11.0865 5628  SQLAgent$COBRA - ok

15:37:12.0239 5628  [ 230C6AA1091190D2FDB40766CBD3DBBD ] SQLAgent$COMBIT_CRM C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\SQLAGENT.EXE

15:37:12.0317 5628  SQLAgent$COMBIT_CRM - ok

15:37:12.0411 5628  [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

15:37:12.0427 5628  SQLBrowser - ok

15:37:12.0661 5628  [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

15:37:12.0661 5628  SQLWriter - ok

15:37:12.0817 5628  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

15:37:12.0832 5628  srv - ok

15:37:12.0988 5628  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

15:37:13.0004 5628  srv2 - ok

15:37:13.0051 5628  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

15:37:13.0097 5628  srvnet - ok

15:37:13.0207 5628  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

15:37:13.0207 5628  SSDPSRV - ok

15:37:13.0331 5628  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys

15:37:13.0347 5628  SSPORT - ok

15:37:13.0378 5628  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

15:37:13.0394 5628  SstpSvc - ok

15:37:13.0659 5628  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

15:37:13.0675 5628  Stereo Service - ok

15:37:13.0737 5628  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

15:37:13.0815 5628  stexstor - ok

15:37:13.0987 5628  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

15:37:14.0002 5628  stisvc - ok

15:37:14.0065 5628  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

15:37:14.0065 5628  swenum - ok

15:37:14.0314 5628  SwitchBoard - ok

15:37:14.0455 5628  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

15:37:14.0595 5628  swprv - ok

15:37:14.0938 5628  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

15:37:14.0985 5628  SysMain - ok

15:37:15.0032 5628  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:37:15.0063 5628  TabletInputService - ok

15:37:15.0141 5628  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

15:37:15.0297 5628  TapiSrv - ok

15:37:15.0359 5628  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

15:37:15.0359 5628  TBS - ok

15:37:16.0171 5628  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

15:37:17.0450 5628  Tcpip - ok

15:37:18.0261 5628  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

15:37:18.0261 5628  TCPIP6 - ok

15:37:18.0339 5628  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

15:37:18.0370 5628  tcpipreg - ok

15:37:18.0417 5628  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

15:37:18.0495 5628  TDPIPE - ok

15:37:18.0557 5628  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

15:37:18.0651 5628  TDTCP - ok

15:37:18.0729 5628  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

15:37:18.0776 5628  tdx - ok

15:37:19.0010 5628  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

15:37:19.0010 5628  TermDD - ok

15:37:19.0478 5628  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

15:37:19.0587 5628  TermService - ok

15:37:19.0681 5628  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

15:37:19.0805 5628  Themes - ok

15:37:19.0993 5628  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

15:37:19.0993 5628  THREADORDER - ok

15:37:20.0102 5628  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

15:37:20.0117 5628  TrkWks - ok

15:37:20.0523 5628  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:37:20.0663 5628  TrustedInstaller - ok

15:37:20.0819 5628  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

15:37:20.0975 5628  tssecsrv - ok

15:37:21.0163 5628  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

15:37:21.0287 5628  TsUsbFlt - ok

15:37:21.0428 5628  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

15:37:21.0521 5628  tunnel - ok

15:37:21.0553 5628  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

15:37:21.0646 5628  uagp35 - ok

15:37:21.0740 5628  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys

15:37:21.0755 5628  UBHelper - ok

15:37:21.0865 5628  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

15:37:22.0099 5628  udfs - ok

15:37:22.0177 5628  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

15:37:22.0208 5628  UI0Detect - ok

15:37:22.0286 5628  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

15:37:22.0348 5628  uliagpkx - ok

15:37:22.0473 5628  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

15:37:22.0535 5628  umbus - ok

15:37:22.0613 5628  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

15:37:22.0645 5628  UmPass - ok

15:37:22.0785 5628  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe

15:37:22.0879 5628  Updater Service - ok

15:37:22.0988 5628  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

15:37:23.0097 5628  upnphost - ok

15:37:23.0159 5628  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

15:37:23.0253 5628  USBAAPL64 - ok

15:37:23.0300 5628  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

15:37:23.0378 5628  usbccgp - ok

15:37:23.0487 5628  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

15:37:23.0518 5628  usbcir - ok

15:37:23.0565 5628  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

15:37:23.0674 5628  usbehci - ok

15:37:23.0783 5628  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

15:37:24.0033 5628  usbhub - ok

15:37:24.0361 5628  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

15:37:24.0548 5628  usbohci - ok

15:37:24.0735 5628  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

15:37:24.0782 5628  usbprint - ok

15:37:24.0891 5628  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

15:37:25.0125 5628  usbscan - ok

15:37:25.0172 5628  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:37:25.0172 5628  USBSTOR - ok

15:37:25.0234 5628  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

15:37:25.0297 5628  usbuhci - ok

15:37:25.0484 5628  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

15:37:25.0531 5628  usbvideo - ok

15:37:25.0593 5628  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

15:37:25.0593 5628  UxSms - ok

15:37:25.0640 5628  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

15:37:25.0640 5628  VaultSvc - ok

15:37:25.0718 5628  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

15:37:25.0718 5628  vdrvroot - ok

15:37:25.0905 5628  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

15:37:25.0952 5628  vds - ok

15:37:26.0061 5628  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

15:37:26.0077 5628  vga - ok

15:37:26.0108 5628  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

15:37:26.0123 5628  VgaSave - ok

15:37:26.0155 5628  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

15:37:26.0201 5628  vhdmp - ok

15:37:26.0279 5628  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

15:37:26.0295 5628  viaide - ok

15:37:26.0357 5628  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

15:37:26.0389 5628  volmgr - ok

15:37:26.0513 5628  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

15:37:26.0591 5628  volmgrx - ok

15:37:26.0669 5628  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

15:37:26.0685 5628  volsnap - ok

15:37:26.0825 5628  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

15:37:26.0857 5628  vsmraid - ok

15:37:27.0231 5628  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

15:37:27.0325 5628  VSS - ok

15:37:27.0356 5628  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

15:37:27.0387 5628  vwifibus - ok

15:37:27.0512 5628  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

15:37:27.0527 5628  W32Time - ok

15:37:27.0590 5628  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

15:37:27.0621 5628  WacomPen - ok

15:37:27.0715 5628  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

15:37:27.0746 5628  WANARP - ok

15:37:27.0746 5628  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

15:37:27.0746 5628  Wanarpv6 - ok

15:37:28.0058 5628  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

15:37:28.0151 5628  WatAdminSvc - ok

15:37:28.0448 5628  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

15:37:28.0541 5628  wbengine - ok

15:37:28.0635 5628  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

15:37:28.0666 5628  WbioSrvc - ok

15:37:28.0791 5628  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

15:37:28.0807 5628  wcncsvc - ok

15:37:28.0838 5628  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:37:28.0869 5628  WcsPlugInService - ok

15:37:28.0900 5628  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

15:37:28.0963 5628  Wd - ok

15:37:29.0212 5628  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

15:37:29.0306 5628  Wdf01000 - ok

15:37:29.0353 5628  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

15:37:29.0353 5628  WdiServiceHost - ok

15:37:29.0368 5628  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

15:37:29.0368 5628  WdiSystemHost - ok

15:37:29.0431 5628  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

15:37:29.0477 5628  WebClient - ok

15:37:29.0540 5628  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

15:37:29.0571 5628  Wecsvc - ok

15:37:29.0633 5628  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

15:37:29.0633 5628  wercplsupport - ok

15:37:29.0711 5628  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

15:37:29.0711 5628  WerSvc - ok

15:37:29.0789 5628  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

15:37:29.0805 5628  WfpLwf - ok

15:37:30.0133 5628  [ DE35BD336FD1E6AFAC0578DF221A7C0C ] WHSConnector    C:\Program Files\Windows Home Server\WHSConnector.exe

15:37:30.0133 5628  WHSConnector - ok

15:37:30.0179 5628  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

15:37:30.0211 5628  WIMMount - ok

15:37:30.0273 5628  WinDefend - ok

15:37:30.0273 5628  WinHttpAutoProxySvc - ok

15:37:30.0554 5628  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

15:37:30.0585 5628  Winmgmt - ok

15:37:31.0022 5628  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

15:37:31.0162 5628  WinRM - ok

15:37:31.0334 5628  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

15:37:31.0349 5628  WinUsb - ok

15:37:31.0552 5628  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

15:37:31.0615 5628  Wlansvc - ok

15:37:31.0693 5628  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

15:37:31.0693 5628  WmiAcpi - ok

15:37:31.0771 5628  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

15:37:31.0802 5628  wmiApSrv - ok

15:37:31.0895 5628  WMPNetworkSvc - ok

15:37:32.0020 5628  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

15:37:32.0036 5628  WPCSvc - ok

15:37:32.0083 5628  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

15:37:32.0098 5628  WPDBusEnum - ok

15:37:32.0161 5628  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

15:37:32.0176 5628  ws2ifsl - ok

15:37:32.0207 5628  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

15:37:32.0223 5628  wscsvc - ok

15:37:32.0332 5628  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

15:37:32.0348 5628  WSDPrintDevice - ok

15:37:32.0379 5628  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

15:37:32.0379 5628  WSDScan - ok

15:37:32.0379 5628  WSearch - ok

15:37:33.0112 5628  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

15:37:33.0237 5628  wuauserv - ok

15:37:33.0268 5628  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

15:37:33.0299 5628  WudfPf - ok

15:37:33.0409 5628  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

15:37:33.0424 5628  WUDFRd - ok

15:37:33.0487 5628  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

15:37:33.0502 5628  wudfsvc - ok

15:37:33.0611 5628  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

15:37:33.0627 5628  WwanSvc - ok

15:37:33.0658 5628  ================ Scan global ===============================

15:37:33.0674 5628  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

15:37:33.0783 5628  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

15:37:33.0814 5628  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

15:37:33.0877 5628  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

15:37:34.0017 5628  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

15:37:34.0017 5628  [Global] - ok

15:37:34.0017 5628  ================ Scan MBR ==================================

15:37:34.0048 5628  [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0

15:37:35.0780 5628  \Device\Harddisk0\DR0 - ok

15:37:35.0795 5628  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5

15:37:35.0795 5628  \Device\Harddisk5\DR5 - ok

15:37:35.0795 5628  ================ Scan VBR ==================================

15:37:35.0811 5628  [ D9187D8DCA160E389C636A5C7F6493D2 ] \Device\Harddisk0\DR0\Partition1

15:37:35.0842 5628  \Device\Harddisk0\DR0\Partition1 - ok

15:37:35.0873 5628  [ F7F16ACFDAA13D7586E56B31EEF1143F ] \Device\Harddisk0\DR0\Partition2

15:37:35.0889 5628  \Device\Harddisk0\DR0\Partition2 - ok

15:37:35.0905 5628  [ 30F49E5251F60B4FAAB4099FF25DB7DC ] \Device\Harddisk0\DR0\Partition3

15:37:35.0967 5628  \Device\Harddisk0\DR0\Partition3 - ok

15:37:35.0967 5628  [ A7D0F3F4F21718218D021D1E1A52F896 ] \Device\Harddisk5\DR5\Partition1

15:37:35.0967 5628  \Device\Harddisk5\DR5\Partition1 - ok

15:37:35.0967 5628  ============================================================

15:37:35.0967 5628  Scan finished

15:37:35.0967 5628  ============================================================

15:37:35.0983 5052  Detected object count: 1

15:37:35.0983 5052  Actual detected object count: 1

15:38:07.0791 5052  Akamai ( HiddenFile.Multi.Generic ) - skipped by user

15:38:07.0791 5052  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

15:38:18.0415 7060  Deinitialize success

tdss killer nach Anleitung konfigurieren, erneut scannen.

Gut, jetzt mit den gesetzten Haken

Code:

20:17:38.0930 6204  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:17:38.0930 6204  ============================================================

20:17:38.0930 6204  Current date / time: 2013/06/12 20:17:38.0930

20:17:38.0930 6204  SystemInfo:

20:17:38.0930 6204  

20:17:38.0930 6204  OS Version: 6.1.7601 ServicePack: 1.0

20:17:38.0930 6204  Product type: Workstation

20:17:38.0930 6204  ComputerName: ACER_HB

20:17:38.0930 6204  UserName: BE.ST

20:17:38.0930 6204  Windows directory: C:\Windows

20:17:38.0930 6204  System windows directory: C:\Windows

20:17:38.0930 6204  Running under WOW64

20:17:38.0930 6204  Processor architecture: Intel x64

20:17:38.0930 6204  Number of processors: 8

20:17:38.0930 6204  Page size: 0x1000

20:17:38.0930 6204  Boot type: Normal boot

20:17:38.0930 6204  ============================================================

20:17:39.0491 6204  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:17:39.0507 6204  ============================================================

20:17:39.0507 6204  \Device\Harddisk0\DR0:

20:17:39.0507 6204  MBR partitions:

20:17:39.0507 6204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000

20:17:39.0507 6204  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x395E7000

20:17:39.0507 6204  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B019800, BlocksNum 0x396EC800

20:17:39.0507 6204  ============================================================

20:17:39.0554 6204  C: <-> \Device\Harddisk0\DR0\Partition2

20:17:39.0600 6204  D: <-> \Device\Harddisk0\DR0\Partition3

20:17:39.0600 6204  ============================================================

20:17:39.0600 6204  Initialize success

20:17:39.0600 6204  ============================================================

20:17:56.0870 3016  ============================================================

20:17:56.0870 3016  Scan started

20:17:56.0870 3016  Mode: Manual; SigCheck; TDLFS; 

20:17:56.0870 3016  ============================================================

20:17:57.0540 3016  ================ Scan system memory ========================

20:17:57.0540 3016  System memory - ok

20:17:57.0540 3016  ================ Scan services =============================

20:17:57.0696 3016  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

20:17:57.0774 3016  1394ohci - ok

20:17:57.0899 3016  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

20:17:57.0930 3016  ACDaemon - ok

20:17:57.0977 3016  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

20:17:57.0993 3016  ACPI - ok

20:17:58.0040 3016  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

20:17:58.0086 3016  AcpiPmi - ok

20:17:58.0211 3016  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:17:58.0227 3016  AdobeARMservice - ok

20:17:58.0352 3016  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:17:58.0352 3016  AdobeFlashPlayerUpdateSvc - ok

20:17:58.0430 3016  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

20:17:58.0430 3016  adp94xx - ok

20:17:58.0461 3016  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

20:17:58.0476 3016  adpahci - ok

20:17:58.0492 3016  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

20:17:58.0508 3016  adpu320 - ok

20:17:58.0539 3016  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

20:17:58.0632 3016  AeLookupSvc - ok

20:17:58.0695 3016  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

20:17:58.0773 3016  AFD - ok

20:17:58.0835 3016  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

20:17:58.0851 3016  agp440 - ok

20:17:59.0022 3016  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll

20:17:59.0022 3016  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE

20:17:59.0022 3016  Akamai ( HiddenFile.Multi.Generic ) - warning

20:17:59.0022 3016  Akamai - detected HiddenFile.Multi.Generic (1)

20:17:59.0069 3016  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

20:17:59.0132 3016  ALG - ok

20:17:59.0178 3016  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

20:17:59.0194 3016  aliide - ok

20:17:59.0225 3016  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

20:17:59.0241 3016  amdide - ok

20:17:59.0272 3016  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

20:17:59.0303 3016  AmdK8 - ok

20:17:59.0334 3016  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

20:17:59.0366 3016  AmdPPM - ok

20:17:59.0412 3016  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

20:17:59.0428 3016  amdsata - ok

20:17:59.0506 3016  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

20:17:59.0506 3016  amdsbs - ok

20:17:59.0553 3016  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

20:17:59.0553 3016  amdxata - ok

20:17:59.0631 3016  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

20:17:59.0631 3016  AntiVirSchedulerService - ok

20:17:59.0662 3016  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

20:17:59.0678 3016  AntiVirService - ok

20:17:59.0724 3016  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

20:17:59.0818 3016  AppID - ok

20:17:59.0834 3016  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

20:17:59.0865 3016  AppIDSvc - ok

20:17:59.0912 3016  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

20:17:59.0943 3016  Appinfo - ok

20:18:00.0052 3016  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:18:00.0068 3016  Apple Mobile Device - ok

20:18:00.0099 3016  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

20:18:00.0114 3016  arc - ok

20:18:00.0114 3016  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

20:18:00.0130 3016  arcsas - ok

20:18:00.0255 3016  [ 3CE5C5A72ACB0A12B5A02C35550DC1A2 ] arXfrSvc        C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe

20:18:00.0270 3016  arXfrSvc - ok

20:18:00.0395 3016  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:18:00.0395 3016  aspnet_state - ok

20:18:00.0411 3016  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

20:18:00.0458 3016  AsyncMac - ok

20:18:00.0520 3016  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

20:18:00.0536 3016  atapi - ok

20:18:00.0614 3016  [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys

20:18:00.0723 3016  atikmdag - ok

20:18:00.0816 3016  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:18:00.0879 3016  AudioEndpointBuilder - ok

20:18:00.0894 3016  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

20:18:00.0926 3016  AudioSrv - ok

20:18:00.0972 3016  [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe

20:18:00.0988 3016  Autodesk Licensing Service - ok

20:18:00.0988 3016  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

20:18:01.0004 3016  avgntflt - ok

20:18:01.0035 3016  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

20:18:01.0050 3016  avipbb - ok

20:18:01.0082 3016  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

20:18:01.0082 3016  avkmgr - ok

20:18:01.0113 3016  [ C51101FC4C4AAB3AF977864A65266DBB ] avmident        C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe

20:18:01.0128 3016  avmident - ok

20:18:01.0175 3016  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

20:18:01.0238 3016  AxInstSV - ok

20:18:01.0300 3016  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

20:18:01.0378 3016  b06bdrv - ok

20:18:01.0425 3016  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

20:18:01.0456 3016  b57nd60a - ok

20:18:01.0503 3016  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

20:18:01.0518 3016  BDESVC - ok

20:18:01.0565 3016  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

20:18:01.0596 3016  Beep - ok

20:18:01.0674 3016  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

20:18:01.0721 3016  BFE - ok

20:18:01.0846 3016  [ 85D5E6AC46A2AE4672C1AC813AE45B95 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

20:18:01.0862 3016  BingDesktopUpdate - ok

20:18:01.0908 3016  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

20:18:01.0971 3016  BITS - ok

20:18:01.0986 3016  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

20:18:02.0002 3016  blbdrive - ok

20:18:02.0080 3016  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:18:02.0096 3016  Bonjour Service - ok

20:18:02.0158 3016  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

20:18:02.0174 3016  bowser - ok

20:18:02.0189 3016  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:18:02.0236 3016  BrFiltLo - ok

20:18:02.0252 3016  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:18:02.0252 3016  BrFiltUp - ok

20:18:02.0298 3016  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

20:18:02.0330 3016  Browser - ok

20:18:02.0361 3016  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

20:18:02.0408 3016  Brserid - ok

20:18:02.0454 3016  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

20:18:02.0501 3016  BrSerWdm - ok

20:18:02.0532 3016  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

20:18:02.0610 3016  BrUsbMdm - ok

20:18:02.0610 3016  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

20:18:02.0657 3016  BrUsbSer - ok

20:18:02.0688 3016  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

20:18:02.0704 3016  BTHMODEM - ok

20:18:02.0735 3016  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

20:18:02.0798 3016  bthserv - ok

20:18:02.0844 3016  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

20:18:02.0876 3016  cdfs - ok

20:18:02.0938 3016  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys

20:18:02.0954 3016  cdrom - ok

20:18:03.0016 3016  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

20:18:03.0047 3016  CertPropSvc - ok

20:18:03.0078 3016  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

20:18:03.0094 3016  circlass - ok

20:18:03.0125 3016  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

20:18:03.0141 3016  CLFS - ok

20:18:03.0203 3016  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:18:03.0219 3016  clr_optimization_v2.0.50727_32 - ok

20:18:03.0266 3016  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:18:03.0266 3016  clr_optimization_v2.0.50727_64 - ok

20:18:03.0406 3016  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:18:03.0406 3016  clr_optimization_v4.0.30319_32 - ok

20:18:03.0422 3016  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:18:03.0437 3016  clr_optimization_v4.0.30319_64 - ok

20:18:03.0453 3016  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

20:18:03.0484 3016  CmBatt - ok

20:18:03.0515 3016  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

20:18:03.0531 3016  cmdide - ok

20:18:03.0578 3016  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

20:18:03.0609 3016  CNG - ok

20:18:03.0609 3016  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

20:18:03.0624 3016  Compbatt - ok

20:18:03.0640 3016  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

20:18:03.0640 3016  CompositeBus - ok

20:18:03.0656 3016  COMSysApp - ok

20:18:03.0687 3016  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

20:18:03.0702 3016  crcdisk - ok

20:18:03.0749 3016  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

20:18:03.0812 3016  CryptSvc - ok

20:18:03.0858 3016  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

20:18:03.0921 3016  DcomLaunch - ok

20:18:03.0968 3016  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

20:18:04.0014 3016  defragsvc - ok

20:18:04.0046 3016  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

20:18:04.0077 3016  DfsC - ok

20:18:04.0124 3016  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

20:18:04.0186 3016  Dhcp - ok

20:18:04.0248 3016  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

20:18:04.0295 3016  discache - ok

20:18:04.0342 3016  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

20:18:04.0342 3016  Disk - ok

20:18:04.0389 3016  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

20:18:04.0482 3016  Dnscache - ok

20:18:04.0545 3016  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

20:18:04.0592 3016  dot3svc - ok

20:18:04.0623 3016  [ B42ED0320C6E41102FDE0005154849BB ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys

20:18:04.0638 3016  dot4 - ok

20:18:04.0685 3016  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys

20:18:04.0701 3016  Dot4Print - ok

20:18:04.0732 3016  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

20:18:04.0748 3016  dot4usb - ok

20:18:04.0794 3016  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

20:18:04.0810 3016  DPS - ok

20:18:04.0857 3016  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

20:18:04.0857 3016  drmkaud - ok

20:18:04.0935 3016  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

20:18:04.0950 3016  DXGKrnl - ok

20:18:04.0997 3016  [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y62x64.sys

20:18:05.0013 3016  e1yexpress - ok

20:18:05.0028 3016  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

20:18:05.0060 3016  EapHost - ok

20:18:05.0138 3016  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

20:18:05.0184 3016  ebdrv - ok

20:18:05.0231 3016  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

20:18:05.0278 3016  EFS - ok

20:18:05.0340 3016  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

20:18:05.0387 3016  ehRecvr - ok

20:18:05.0434 3016  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

20:18:05.0450 3016  ehSched - ok

20:18:05.0528 3016  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

20:18:05.0543 3016  elxstor - ok

20:18:05.0559 3016  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

20:18:05.0574 3016  ErrDev - ok

20:18:05.0637 3016  [ C987933DED6EEDD2D0CA66ACC4286632 ] esClient        C:\Program Files\Windows Home Server\esClient.exe

20:18:05.0637 3016  esClient - ok

20:18:05.0668 3016  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

20:18:05.0699 3016  EventSystem - ok

20:18:05.0746 3016  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

20:18:05.0777 3016  exfat - ok

20:18:05.0808 3016  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

20:18:05.0855 3016  fastfat - ok

20:18:05.0918 3016  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

20:18:05.0964 3016  Fax - ok

20:18:05.0996 3016  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

20:18:05.0996 3016  fdc - ok

20:18:06.0011 3016  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

20:18:06.0074 3016  fdPHost - ok

20:18:06.0074 3016  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

20:18:06.0105 3016  FDResPub - ok

20:18:06.0120 3016  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

20:18:06.0136 3016  FileInfo - ok

20:18:06.0136 3016  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

20:18:06.0183 3016  Filetrace - ok

20:18:06.0214 3016  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

20:18:06.0214 3016  flpydisk - ok

20:18:06.0276 3016  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

20:18:06.0276 3016  FltMgr - ok

20:18:06.0339 3016  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

20:18:06.0370 3016  FontCache - ok

20:18:06.0432 3016  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:18:06.0432 3016  FontCache3.0.0.0 - ok

20:18:06.0448 3016  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

20:18:06.0464 3016  FsDepends - ok

20:18:06.0510 3016  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

20:18:06.0510 3016  Fs_Rec - ok

20:18:06.0557 3016  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

20:18:06.0573 3016  fvevol - ok

20:18:06.0604 3016  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

20:18:06.0620 3016  gagp30kx - ok

20:18:06.0682 3016  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:18:06.0682 3016  GEARAspiWDM - ok

20:18:06.0744 3016  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

20:18:06.0776 3016  gpsvc - ok

20:18:06.0822 3016  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

20:18:06.0854 3016  Greg_Service - ok

20:18:06.0900 3016  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:18:06.0900 3016  gupdate - ok

20:18:06.0916 3016  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:18:06.0932 3016  gupdatem - ok

20:18:06.0963 3016  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

20:18:06.0963 3016  gusvc - ok

20:18:06.0994 3016  [ 215DCB833B0747FBAD8AE28C85B5381C ] gwfilt64        C:\Windows\system32\drivers\gwfilt64.sys

20:18:06.0994 3016  gwfilt64 - ok

20:18:07.0025 3016  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

20:18:07.0056 3016  hcw85cir - ok

20:18:07.0119 3016  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:18:07.0150 3016  HdAudAddService - ok

20:18:07.0181 3016  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

20:18:07.0181 3016  HDAudBus - ok

20:18:07.0197 3016  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

20:18:07.0212 3016  HidBatt - ok

20:18:07.0228 3016  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

20:18:07.0228 3016  HidBth - ok

20:18:07.0244 3016  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

20:18:07.0290 3016  HidIr - ok

20:18:07.0306 3016  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

20:18:07.0353 3016  hidserv - ok

20:18:07.0415 3016  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

20:18:07.0415 3016  HidUsb - ok

20:18:07.0462 3016  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

20:18:07.0509 3016  hkmsvc - ok

20:18:07.0556 3016  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:18:07.0556 3016  HomeGroupListener - ok

20:18:07.0602 3016  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:18:07.0618 3016  HomeGroupProvider - ok

20:18:07.0634 3016  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

20:18:07.0649 3016  HpSAMD - ok

20:18:07.0712 3016  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

20:18:07.0743 3016  HTTP - ok

20:18:07.0758 3016  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

20:18:07.0758 3016  hwpolicy - ok

20:18:07.0821 3016  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

20:18:07.0821 3016  i8042prt - ok

20:18:07.0868 3016  [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

20:18:07.0883 3016  IAANTMON - ok

20:18:07.0914 3016  [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE          C:\Windows\system32\DRIVERS\IAMTVE.sys

20:18:07.0914 3016  IAMTVE - ok

20:18:07.0930 3016  [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE         C:\Windows\system32\DRIVERS\IAMTXPE.sys

20:18:07.0946 3016  IAMTXPE - ok

20:18:07.0961 3016  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

20:18:07.0977 3016  iaStor - ok

20:18:07.0992 3016  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

20:18:08.0008 3016  iaStorV - ok

20:18:08.0070 3016  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:18:08.0086 3016  idsvc - ok

20:18:08.0164 3016  [ AC9EBDE25DB39A35E1CEB0441BA7A464 ] IGDCTRL         C:\Program Files\FRITZ!DSL\IGDCTRL.EXE

20:18:08.0164 3016  IGDCTRL - ok

20:18:08.0195 3016  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

20:18:08.0195 3016  iirsp - ok

20:18:08.0258 3016  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

20:18:08.0304 3016  IKEEXT - ok

20:18:08.0367 3016  [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:18:08.0398 3016  IntcAzAudAddService - ok

20:18:08.0414 3016  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

20:18:08.0429 3016  intelide - ok

20:18:08.0460 3016  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

20:18:08.0460 3016  intelppm - ok

20:18:08.0492 3016  [ 127F0A7586ACEC7B83131BFF2B4394C1 ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys

20:18:08.0492 3016  ioatdma1 - ok

20:18:08.0507 3016  [ 70CC19B5C076F8497CAB4A77D6500E8A ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys

20:18:08.0507 3016  ioatdma2 - ok

20:18:08.0538 3016  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

20:18:08.0570 3016  IPBusEnum - ok

20:18:08.0616 3016  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:18:08.0648 3016  IpFilterDriver - ok

20:18:08.0710 3016  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

20:18:08.0757 3016  iphlpsvc - ok

20:18:08.0788 3016  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

20:18:08.0819 3016  IPMIDRV - ok

20:18:08.0850 3016  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

20:18:08.0882 3016  IPNAT - ok

20:18:08.0928 3016  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

20:18:08.0944 3016  iPod Service - ok

20:18:08.0960 3016  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

20:18:09.0006 3016  IRENUM - ok

20:18:09.0053 3016  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

20:18:09.0069 3016  isapnp - ok

20:18:09.0100 3016  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

20:18:09.0116 3016  iScsiPrt - ok

20:18:09.0131 3016  [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys

20:18:09.0178 3016  JRAID - ok

20:18:09.0194 3016  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

20:18:09.0209 3016  kbdclass - ok

20:18:09.0209 3016  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

20:18:09.0240 3016  kbdhid - ok

20:18:09.0272 3016  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

20:18:09.0272 3016  KeyIso - ok

20:18:09.0318 3016  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

20:18:09.0318 3016  KSecDD - ok

20:18:09.0350 3016  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

20:18:09.0350 3016  KSecPkg - ok

20:18:09.0381 3016  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

20:18:09.0412 3016  ksthunk - ok

20:18:09.0443 3016  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

20:18:09.0474 3016  KtmRm - ok

20:18:09.0521 3016  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll

20:18:09.0552 3016  LanmanServer - ok

20:18:09.0599 3016  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:18:09.0646 3016  LanmanWorkstation - ok

20:18:09.0677 3016  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

20:18:09.0708 3016  lltdio - ok

20:18:09.0724 3016  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

20:18:09.0771 3016  lltdsvc - ok

20:18:09.0786 3016  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

20:18:09.0818 3016  lmhosts - ok

20:18:09.0833 3016  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

20:18:09.0849 3016  LSI_FC - ok

20:18:09.0864 3016  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

20:18:09.0880 3016  LSI_SAS - ok

20:18:09.0896 3016  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:18:09.0896 3016  LSI_SAS2 - ok

20:18:09.0911 3016  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:18:09.0911 3016  LSI_SCSI - ok

20:18:09.0927 3016  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

20:18:09.0974 3016  luafv - ok

20:18:10.0006 3016  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

20:18:10.0021 3016  Mcx2Svc - ok

20:18:10.0084 3016  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

20:18:10.0099 3016  MDM - ok

20:18:10.0131 3016  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

20:18:10.0131 3016  megasas - ok

20:18:10.0146 3016  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

20:18:10.0162 3016  MegaSR - ok

20:18:10.0224 3016  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

20:18:10.0240 3016  Microsoft Office Groove Audit Service - ok

20:18:10.0271 3016  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

20:18:10.0318 3016  MMCSS - ok

20:18:10.0333 3016  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

20:18:10.0365 3016  Modem - ok

20:18:10.0380 3016  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

20:18:10.0396 3016  monitor - ok

20:18:10.0443 3016  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

20:18:10.0458 3016  mouclass - ok

20:18:10.0474 3016  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

20:18:10.0489 3016  mouhid - ok

20:18:10.0536 3016  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

20:18:10.0536 3016  mountmgr - ok

20:18:10.0614 3016  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:18:10.0614 3016  MozillaMaintenance - ok

20:18:10.0630 3016  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

20:18:10.0645 3016  mpio - ok

20:18:10.0661 3016  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:18:10.0708 3016  mpsdrv - ok

20:18:10.0755 3016  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:18:10.0786 3016  MpsSvc - ok

20:18:10.0833 3016  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:18:10.0848 3016  MRxDAV - ok

20:18:10.0895 3016  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:18:10.0926 3016  mrxsmb - ok

20:18:10.0973 3016  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:18:10.0989 3016  mrxsmb10 - ok

20:18:10.0989 3016  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:18:11.0020 3016  mrxsmb20 - ok

20:18:11.0098 3016  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

20:18:11.0113 3016  msahci - ok

20:18:11.0145 3016  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

20:18:11.0145 3016  msdsm - ok

20:18:11.0176 3016  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

20:18:11.0191 3016  MSDTC - ok

20:18:11.0207 3016  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:18:11.0238 3016  Msfs - ok

20:18:11.0254 3016  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:18:11.0285 3016  mshidkmdf - ok

20:18:11.0301 3016  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

20:18:11.0301 3016  msisadrv - ok

20:18:11.0316 3016  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:18:11.0347 3016  MSiSCSI - ok

20:18:11.0363 3016  msiserver - ok

20:18:11.0394 3016  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:18:11.0441 3016  MSKSSRV - ok

20:18:11.0441 3016  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:18:11.0472 3016  MSPCLOCK - ok

20:18:11.0472 3016  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:18:11.0519 3016  MSPQM - ok

20:18:11.0566 3016  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:18:11.0566 3016  MsRPC - ok

20:18:11.0613 3016  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

20:18:11.0628 3016  mssmbios - ok

20:18:11.0769 3016  MSSQL$COBRA - ok

20:18:11.0878 3016  MSSQL$COMBIT_CRM - ok

20:18:11.0940 3016  [ AE0277B34DC0F8E0F8257690BECFC4BA ] MSSQLFDLauncher$COMBIT_CRM C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\fdlauncher.exe

20:18:11.0940 3016  MSSQLFDLauncher$COMBIT_CRM - ok

20:18:12.0034 3016  [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

20:18:12.0049 3016  MSSQLServerADHelper100 - ok

20:18:12.0096 3016  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:18:12.0127 3016  MSTEE - ok

20:18:12.0127 3016  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

20:18:12.0143 3016  MTConfig - ok

20:18:12.0159 3016  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

20:18:12.0159 3016  Mup - ok

20:18:12.0190 3016  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

20:18:12.0205 3016  mwlPSDFilter - ok

20:18:12.0221 3016  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

20:18:12.0221 3016  mwlPSDNServ - ok

20:18:12.0237 3016  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

20:18:12.0237 3016  mwlPSDVDisk - ok

20:18:12.0268 3016  [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

20:18:12.0283 3016  MWLService - ok

20:18:12.0330 3016  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

20:18:12.0361 3016  napagent - ok

20:18:12.0393 3016  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:18:12.0408 3016  NativeWifiP - ok

20:18:12.0471 3016  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:18:12.0486 3016  NDIS - ok

20:18:12.0502 3016  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:18:12.0533 3016  NdisCap - ok

20:18:12.0549 3016  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:18:12.0595 3016  NdisTapi - ok

20:18:12.0627 3016  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:18:12.0658 3016  Ndisuio - ok

20:18:12.0705 3016  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:18:12.0736 3016  NdisWan - ok

20:18:12.0767 3016  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:18:12.0814 3016  NDProxy - ok

20:18:12.0876 3016  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

20:18:12.0892 3016  Nero BackItUp Scheduler 4.0 - ok

20:18:12.0907 3016  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:18:12.0939 3016  NetBIOS - ok

20:18:12.0985 3016  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:18:13.0017 3016  NetBT - ok

20:18:13.0048 3016  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

20:18:13.0063 3016  Netlogon - ok

20:18:13.0095 3016  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

20:18:13.0126 3016  Netman - ok

20:18:13.0173 3016  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:13.0188 3016  NetMsmqActivator - ok

20:18:13.0188 3016  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:13.0204 3016  NetPipeActivator - ok

20:18:13.0219 3016  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

20:18:13.0251 3016  netprofm - ok

20:18:13.0251 3016  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:13.0266 3016  NetTcpActivator - ok

20:18:13.0266 3016  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:13.0282 3016  NetTcpPortSharing - ok

20:18:13.0297 3016  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

20:18:13.0297 3016  nfrd960 - ok

20:18:13.0344 3016  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:18:13.0360 3016  NlaSvc - ok

20:18:13.0375 3016  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:18:13.0407 3016  Npfs - ok

20:18:13.0422 3016  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

20:18:13.0453 3016  nsi - ok

20:18:13.0469 3016  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:18:13.0500 3016  nsiproxy - ok

20:18:13.0563 3016  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:18:13.0594 3016  Ntfs - ok

20:18:13.0625 3016  [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

20:18:13.0641 3016  NTI IScheduleSvc - ok

20:18:13.0656 3016  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys

20:18:13.0656 3016  NTIDrvr - ok

20:18:13.0672 3016  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

20:18:13.0687 3016  Null - ok

20:18:13.0875 3016  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:18:13.0999 3016  nvlddmkm - ok

20:18:14.0031 3016  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:18:14.0046 3016  nvraid - ok

20:18:14.0093 3016  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:18:14.0093 3016  nvstor - ok

20:18:14.0140 3016  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe

20:18:14.0171 3016  nvsvc - ok

20:18:14.0280 3016  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:18:14.0296 3016  nvUpdatusService - ok

20:18:14.0343 3016  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

20:18:14.0358 3016  nv_agp - ok

20:18:14.0405 3016  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:18:14.0421 3016  odserv - ok

20:18:14.0436 3016  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

20:18:14.0467 3016  ohci1394 - ok

20:18:14.0514 3016  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:18:14.0530 3016  ose - ok

20:18:14.0545 3016  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:18:14.0577 3016  p2pimsvc - ok

20:18:14.0592 3016  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

20:18:14.0608 3016  p2psvc - ok

20:18:14.0623 3016  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

20:18:14.0639 3016  Parport - ok

20:18:14.0670 3016  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:18:14.0686 3016  partmgr - ok

20:18:14.0686 3016  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:18:14.0717 3016  PcaSvc - ok

20:18:14.0733 3016  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

20:18:14.0733 3016  pci - ok

20:18:14.0779 3016  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

20:18:14.0779 3016  pciide - ok

20:18:14.0795 3016  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

20:18:14.0811 3016  pcmcia - ok

20:18:14.0811 3016  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

20:18:14.0826 3016  pcw - ok

20:18:14.0842 3016  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:18:14.0889 3016  PEAUTH - ok

20:18:14.0967 3016  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

20:18:14.0982 3016  PerfHost - ok

20:18:15.0045 3016  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

20:18:15.0107 3016  pla - ok

20:18:15.0154 3016  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:18:15.0185 3016  PlugPlay - ok

20:18:15.0185 3016  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:18:15.0216 3016  PNRPAutoReg - ok

20:18:15.0232 3016  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:18:15.0247 3016  PNRPsvc - ok

20:18:15.0294 3016  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:18:15.0325 3016  PolicyAgent - ok

20:18:15.0357 3016  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

20:18:15.0388 3016  Power - ok

20:18:15.0435 3016  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:18:15.0450 3016  PptpMiniport - ok

20:18:15.0481 3016  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

20:18:15.0481 3016  Processor - ok

20:18:15.0528 3016  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

20:18:15.0575 3016  ProfSvc - ok

20:18:15.0575 3016  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:18:15.0591 3016  ProtectedStorage - ok

20:18:15.0637 3016  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:18:15.0669 3016  Psched - ok

20:18:15.0731 3016  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

20:18:15.0762 3016  ql2300 - ok

20:18:15.0778 3016  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

20:18:15.0793 3016  ql40xx - ok

20:18:15.0809 3016  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

20:18:15.0840 3016  QWAVE - ok

20:18:15.0840 3016  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:18:15.0871 3016  QWAVEdrv - ok

20:18:15.0887 3016  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:18:15.0934 3016  RasAcd - ok

20:18:15.0965 3016  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:18:15.0996 3016  RasAgileVpn - ok

20:18:15.0996 3016  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

20:18:16.0027 3016  RasAuto - ok

20:18:16.0074 3016  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:18:16.0105 3016  Rasl2tp - ok

20:18:16.0152 3016  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

20:18:16.0183 3016  RasMan - ok

20:18:16.0199 3016  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:18:16.0215 3016  RasPppoe - ok

20:18:16.0246 3016  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:18:16.0277 3016  RasSstp - ok

20:18:16.0324 3016  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:18:16.0355 3016  rdbss - ok

20:18:16.0371 3016  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

20:18:16.0371 3016  rdpbus - ok

20:18:16.0386 3016  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

20:18:16.0417 3016  RDPCDD - ok

20:18:16.0417 3016  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

20:18:16.0449 3016  RDPENCDD - ok

20:18:16.0449 3016  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

20:18:16.0480 3016  RDPREFMP - ok

20:18:16.0511 3016  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:18:16.0527 3016  RdpVideoMiniport - ok

20:18:16.0573 3016  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

20:18:16.0620 3016  RDPWD - ok

20:18:16.0667 3016  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:18:16.0683 3016  rdyboost - ok

20:18:16.0698 3016  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:18:16.0729 3016  RemoteAccess - ok

20:18:16.0745 3016  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:18:16.0792 3016  RemoteRegistry - ok

20:18:16.0792 3016  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:18:16.0823 3016  RpcEptMapper - ok

20:18:16.0839 3016  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

20:18:16.0870 3016  RpcLocator - ok

20:18:16.0901 3016  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

20:18:16.0932 3016  RpcSs - ok

20:18:16.0963 3016  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:18:16.0995 3016  rspndr - ok

20:18:17.0026 3016  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

20:18:17.0026 3016  SamSs - ok

20:18:17.0135 3016  [ 6090BCB4345D615070D3155A0A2EB60F ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe

20:18:17.0135 3016  Samsung Network Fax Server ( UnsignedFile.Multi.Generic ) - warning

20:18:17.0135 3016  Samsung Network Fax Server - detected UnsignedFile.Multi.Generic (1)

20:18:17.0182 3016  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

20:18:17.0197 3016  sbp2port - ok

20:18:17.0213 3016  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:18:17.0260 3016  SCardSvr - ok

20:18:17.0275 3016  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:18:17.0322 3016  scfilter - ok

20:18:17.0369 3016  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

20:18:17.0400 3016  Schedule - ok

20:18:17.0447 3016  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:18:17.0478 3016  SCPolicySvc - ok

20:18:17.0509 3016  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

20:18:17.0541 3016  SDRSVC - ok

20:18:17.0634 3016  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe

20:18:17.0650 3016  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning

20:18:17.0650 3016  SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)

20:18:17.0681 3016  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:18:17.0712 3016  secdrv - ok

20:18:17.0743 3016  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

20:18:17.0790 3016  seclogon - ok

20:18:17.0821 3016  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

20:18:17.0868 3016  SENS - ok

20:18:17.0884 3016  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:18:17.0899 3016  SensrSvc - ok

20:18:17.0931 3016  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

20:18:17.0931 3016  Serenum - ok

20:18:17.0946 3016  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

20:18:17.0977 3016  Serial - ok

20:18:18.0024 3016  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

20:18:18.0055 3016  sermouse - ok

20:18:18.0102 3016  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

20:18:18.0133 3016  SessionEnv - ok

20:18:18.0180 3016  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

20:18:18.0196 3016  sffdisk - ok

20:18:18.0211 3016  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

20:18:18.0227 3016  sffp_mmc - ok

20:18:18.0227 3016  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

20:18:18.0243 3016  sffp_sd - ok

20:18:18.0274 3016  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

20:18:18.0274 3016  sfloppy - ok

20:18:18.0305 3016  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:18:18.0352 3016  SharedAccess - ok

20:18:18.0399 3016  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:18:18.0430 3016  ShellHWDetection - ok

20:18:18.0445 3016  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:18:18.0461 3016  SiSRaid2 - ok

20:18:18.0477 3016  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

20:18:18.0477 3016  SiSRaid4 - ok

20:18:18.0633 3016  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

20:18:18.0679 3016  Skype C2C Service - ok

20:18:18.0742 3016  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

20:18:18.0757 3016  SkypeUpdate - ok

20:18:18.0773 3016  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

20:18:18.0789 3016  Smb - ok

20:18:18.0820 3016  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:18:18.0835 3016  SNMPTRAP - ok

20:18:18.0851 3016  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

20:18:18.0851 3016  spldr - ok

20:18:18.0898 3016  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

20:18:18.0960 3016  Spooler - ok

20:18:19.0038 3016  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

20:18:19.0116 3016  sppsvc - ok

20:18:19.0147 3016  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

20:18:19.0179 3016  sppuinotify - ok

20:18:19.0350 3016  [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$COBRA  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\SQLAGENT.EXE

20:18:19.0366 3016  SQLAgent$COBRA - ok

20:18:19.0506 3016  [ 230C6AA1091190D2FDB40766CBD3DBBD ] SQLAgent$COMBIT_CRM C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\SQLAGENT.EXE

20:18:19.0522 3016  SQLAgent$COMBIT_CRM - ok

20:18:19.0600 3016  [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

20:18:19.0615 3016  SQLBrowser - ok

20:18:19.0709 3016  [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

20:18:19.0725 3016  SQLWriter - ok

20:18:19.0771 3016  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:18:19.0787 3016  srv - ok

20:18:19.0834 3016  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:18:19.0865 3016  srv2 - ok

20:18:19.0896 3016  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:18:19.0896 3016  srvnet - ok

20:18:19.0927 3016  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:18:19.0959 3016  SSDPSRV - ok

20:18:20.0005 3016  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys

20:18:20.0005 3016  SSPORT - ok

20:18:20.0037 3016  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:18:20.0068 3016  SstpSvc - ok

20:18:20.0193 3016  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

20:18:20.0208 3016  Stereo Service - ok

20:18:20.0224 3016  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

20:18:20.0224 3016  stexstor - ok

20:18:20.0286 3016  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

20:18:20.0302 3016  stisvc - ok

20:18:20.0333 3016  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

20:18:20.0349 3016  swenum - ok

20:18:20.0380 3016  SwitchBoard - ok

20:18:20.0395 3016  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

20:18:20.0427 3016  swprv - ok

20:18:20.0489 3016  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

20:18:20.0536 3016  SysMain - ok

20:18:20.0567 3016  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:18:20.0583 3016  TabletInputService - ok

20:18:20.0598 3016  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:18:20.0629 3016  TapiSrv - ok

20:18:20.0645 3016  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

20:18:20.0676 3016  TBS - ok

20:18:20.0739 3016  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:18:20.0770 3016  Tcpip - ok

20:18:20.0785 3016  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:18:20.0817 3016  TCPIP6 - ok

20:18:20.0863 3016  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:18:20.0879 3016  tcpipreg - ok

20:18:20.0910 3016  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

20:18:20.0941 3016  TDPIPE - ok

20:18:20.0973 3016  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

20:18:20.0988 3016  TDTCP - ok

20:18:21.0051 3016  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:18:21.0066 3016  tdx - ok

20:18:21.0129 3016  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

20:18:21.0129 3016  TermDD - ok

20:18:21.0160 3016  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

20:18:21.0207 3016  TermService - ok

20:18:21.0238 3016  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

20:18:21.0253 3016  Themes - ok

20:18:21.0269 3016  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

20:18:21.0300 3016  THREADORDER - ok

20:18:21.0316 3016  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

20:18:21.0331 3016  TrkWks - ok

20:18:21.0394 3016  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:18:21.0425 3016  TrustedInstaller - ok

20:18:21.0456 3016  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

20:18:21.0487 3016  tssecsrv - ok

20:18:21.0534 3016  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

20:18:21.0550 3016  TsUsbFlt - ok

20:18:21.0597 3016  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:18:21.0628 3016  tunnel - ok

20:18:21.0643 3016  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

20:18:21.0659 3016  uagp35 - ok

20:18:21.0659 3016  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys

20:18:21.0675 3016  UBHelper - ok

20:18:21.0721 3016  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:18:21.0753 3016  udfs - ok

20:18:21.0784 3016  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:18:21.0799 3016  UI0Detect - ok

20:18:21.0846 3016  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

20:18:21.0862 3016  uliagpkx - ok

20:18:21.0877 3016  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

20:18:21.0877 3016  umbus - ok

20:18:21.0893 3016  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

20:18:21.0909 3016  UmPass - ok

20:18:21.0955 3016  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe

20:18:21.0955 3016  Updater Service - ok

20:18:21.0987 3016  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

20:18:22.0018 3016  upnphost - ok

20:18:22.0065 3016  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

20:18:22.0111 3016  USBAAPL64 - ok

20:18:22.0143 3016  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

20:18:22.0174 3016  usbccgp - ok

20:18:22.0221 3016  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

20:18:22.0236 3016  usbcir - ok

20:18:22.0267 3016  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

20:18:22.0283 3016  usbehci - ok

20:18:22.0299 3016  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

20:18:22.0314 3016  usbhub - ok

20:18:22.0330 3016  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

20:18:22.0345 3016  usbohci - ok

20:18:22.0377 3016  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

20:18:22.0392 3016  usbprint - ok

20:18:22.0439 3016  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

20:18:22.0455 3016  usbscan - ok

20:18:22.0486 3016  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:18:22.0517 3016  USBSTOR - ok

20:18:22.0548 3016  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

20:18:22.0579 3016  usbuhci - ok

20:18:22.0626 3016  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

20:18:22.0642 3016  usbvideo - ok

20:18:22.0657 3016  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

20:18:22.0704 3016  UxSms - ok

20:18:22.0735 3016  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

20:18:22.0735 3016  VaultSvc - ok

20:18:22.0751 3016  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

20:18:22.0767 3016  vdrvroot - ok

20:18:22.0813 3016  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

20:18:22.0860 3016  vds - ok

20:18:22.0891 3016  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

20:18:22.0907 3016  vga - ok

20:18:22.0923 3016  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

20:18:22.0938 3016  VgaSave - ok

20:18:22.0985 3016  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

20:18:23.0001 3016  vhdmp - ok

20:18:23.0047 3016  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

20:18:23.0047 3016  viaide - ok

20:18:23.0079 3016  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

20:18:23.0079 3016  volmgr - ok

20:18:23.0125 3016  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:18:23.0141 3016  volmgrx - ok

20:18:23.0141 3016  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

20:18:23.0157 3016  volsnap - ok

20:18:23.0188 3016  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

20:18:23.0188 3016  vsmraid - ok

20:18:23.0250 3016  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

20:18:23.0297 3016  VSS - ok

20:18:23.0313 3016  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

20:18:23.0328 3016  vwifibus - ok

20:18:23.0359 3016  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

20:18:23.0406 3016  W32Time - ok

20:18:23.0422 3016  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

20:18:23.0453 3016  WacomPen - ok

20:18:23.0500 3016  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

20:18:23.0531 3016  WANARP - ok

20:18:23.0531 3016  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:18:23.0562 3016  Wanarpv6 - ok

20:18:23.0625 3016  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

20:18:23.0640 3016  WatAdminSvc - ok

20:18:23.0703 3016  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

20:18:23.0718 3016  wbengine - ok

20:18:23.0749 3016  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:18:23.0765 3016  WbioSrvc - ok

20:18:23.0812 3016  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:18:23.0843 3016  wcncsvc - ok

20:18:23.0859 3016  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:18:23.0874 3016  WcsPlugInService - ok

20:18:23.0890 3016  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

20:18:23.0905 3016  Wd - ok

20:18:23.0952 3016  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:18:23.0968 3016  Wdf01000 - ok

20:18:23.0983 3016  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:18:24.0046 3016  WdiServiceHost - ok

20:18:24.0046 3016  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:18:24.0061 3016  WdiSystemHost - ok

20:18:24.0093 3016  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

20:18:24.0124 3016  WebClient - ok

20:18:24.0139 3016  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:18:24.0171 3016  Wecsvc - ok

20:18:24.0171 3016  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:18:24.0202 3016  wercplsupport - ok

20:18:24.0217 3016  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:18:24.0233 3016  WerSvc - ok

20:18:24.0249 3016  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

20:18:24.0264 3016  WfpLwf - ok

20:18:24.0373 3016  [ DE35BD336FD1E6AFAC0578DF221A7C0C ] WHSConnector    C:\Program Files\Windows Home Server\WHSConnector.exe

20:18:24.0373 3016  WHSConnector - ok

20:18:24.0405 3016  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:18:24.0420 3016  WIMMount - ok

20:18:24.0436 3016  WinDefend - ok

20:18:24.0436 3016  WinHttpAutoProxySvc - ok

20:18:24.0483 3016  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:18:24.0514 3016  Winmgmt - ok

20:18:24.0592 3016  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

20:18:24.0639 3016  WinRM - ok

20:18:24.0717 3016  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

20:18:24.0732 3016  WinUsb - ok

20:18:24.0763 3016  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

20:18:24.0795 3016  Wlansvc - ok

20:18:24.0826 3016  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

20:18:24.0841 3016  WmiAcpi - ok

20:18:24.0857 3016  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:18:24.0888 3016  wmiApSrv - ok

20:18:24.0904 3016  WMPNetworkSvc - ok

20:18:24.0919 3016  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:18:24.0935 3016  WPCSvc - ok

20:18:24.0966 3016  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:18:24.0982 3016  WPDBusEnum - ok

20:18:24.0997 3016  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:18:25.0029 3016  ws2ifsl - ok

20:18:25.0044 3016  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

20:18:25.0075 3016  wscsvc - ok

20:18:25.0122 3016  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

20:18:25.0138 3016  WSDPrintDevice - ok

20:18:25.0138 3016  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

20:18:25.0153 3016  WSDScan - ok

20:18:25.0153 3016  WSearch - ok

20:18:25.0216 3016  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

20:18:25.0263 3016  wuauserv - ok

20:18:25.0294 3016  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:18:25.0325 3016  WudfPf - ok

20:18:25.0341 3016  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

20:18:25.0341 3016  WUDFRd - ok

20:18:25.0356 3016  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:18:25.0372 3016  wudfsvc - ok

20:18:25.0403 3016  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:18:25.0419 3016  WwanSvc - ok

20:18:25.0419 3016  ================ Scan global ===============================

20:18:25.0450 3016  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:18:25.0481 3016  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:18:25.0481 3016  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:18:25.0497 3016  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:18:25.0512 3016  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:18:25.0512 3016  [Global] - ok

20:18:25.0512 3016  ================ Scan MBR ==================================

20:18:25.0528 3016  [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0

20:18:27.0275 3016  \Device\Harddisk0\DR0 - ok

20:18:27.0275 3016  ================ Scan VBR ==================================

20:18:27.0275 3016  [ D9187D8DCA160E389C636A5C7F6493D2 ] \Device\Harddisk0\DR0\Partition1

20:18:27.0275 3016  \Device\Harddisk0\DR0\Partition1 - ok

20:18:27.0291 3016  [ F7F16ACFDAA13D7586E56B31EEF1143F ] \Device\Harddisk0\DR0\Partition2

20:18:27.0291 3016  \Device\Harddisk0\DR0\Partition2 - ok

20:18:27.0306 3016  [ 30F49E5251F60B4FAAB4099FF25DB7DC ] \Device\Harddisk0\DR0\Partition3

20:18:27.0306 3016  \Device\Harddisk0\DR0\Partition3 - ok

20:18:27.0306 3016  ============================================================

20:18:27.0306 3016  Scan finished

20:18:27.0306 3016  ============================================================

20:18:27.0322 2596  Detected object count: 3

20:18:27.0322 2596  Actual detected object count: 3

20:19:07.0869 2596  Akamai ( HiddenFile.Multi.Generic ) - skipped by user

20:19:07.0869 2596  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

20:19:07.0869 2596  Samsung Network Fax Server ( UnsignedFile.Multi.Generic ) - skipped by user

20:19:07.0869 2596  Samsung Network Fax Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:19:07.0869 2596  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user

20:19:07.0869 2596  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:20:16.0628 6052  Deinitialize success

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ComboFix läuft aber steht seit ca. 15 Minuten bei "Zielverzeichnis: C\32788R22FWJFW"
Ist das normal, dass es so lange dauert oder soll ich abbrechen?

So hier jetzt das Ergebnis von ComboFix:

Code:

ComboFix 13-06-08.02 - BE.ST 13.06.2013   1:13.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6135.4096 [GMT 2:00]

ausgeführt von:: c:\users\BE.ST\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Common Files\Acer GameZone online.ico

c:\program files (x86)\Common Files\Outlook Security Manager\osMAx.ocx

c:\program files (x86)\facemoods.com

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe

c:\users\BE.ST\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe

c:\users\BE.ST\AppData\Roaming\skype.ini

c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe

c:\windows\IsUn0407.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))

.

.

2013-06-12 23:23 . 2013-06-12 23:23        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-06-12 23:23 . 2013-06-12 23:23        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-06-12 23:09 . 2013-06-12 23:09        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBF9E913-D45F-4A3C-9AFD-425993268BA4}\offreg.dll

2013-06-12 15:16 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBF9E913-D45F-4A3C-9AFD-425993268BA4}\mpengine.dll

2013-06-11 00:38 . 2013-06-11 00:38        --------        d-----w-        C:\_OTL

2013-05-16 06:13 . 2013-06-12 23:07        --------        d-----r-        c:\users\BE.ST\Mediencenter

2013-05-16 06:12 . 2013-05-16 06:12        --------        d-----w-        c:\users\BE.ST\AppData\Local\Telekom

2013-05-16 06:12 . 2013-05-16 06:12        --------        d-----w-        c:\users\BE.ST\AppData\Roaming\Telekom

2013-05-15 15:09 . 2013-05-05 21:36        17818624        ----a-w-        c:\windows\system32\mshtml.dll

2013-05-15 15:09 . 2013-05-05 21:16        2382848        ----a-w-        c:\windows\system32\mshtml.tlb

2013-05-15 15:09 . 2013-05-05 19:12        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-05-15 08:15 . 2013-04-10 03:30        3153920        ----a-w-        c:\windows\system32\win32k.sys

2013-05-15 08:15 . 2013-02-27 06:02        111448        ----a-w-        c:\windows\system32\consent.exe

2013-05-15 08:15 . 2013-02-27 05:52        14172672        ----a-w-        c:\windows\system32\shell32.dll

2013-05-15 08:15 . 2013-02-27 05:52        197120        ----a-w-        c:\windows\system32\shdocvw.dll

2013-05-15 08:15 . 2013-02-27 05:48        1930752        ----a-w-        c:\windows\system32\authui.dll

2013-05-15 08:15 . 2013-02-27 05:47        70144        ----a-w-        c:\windows\system32\appinfo.dll

2013-05-15 08:15 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\SysWow64\authui.dll

2013-05-15 08:15 . 2013-04-10 06:01        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 08:15 . 2013-04-10 06:01        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys

2013-05-15 08:15 . 2011-02-03 11:25        144384        ----a-w-        c:\windows\system32\cdd.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-06-12 23:02 . 2011-01-06 18:51        75825640        ----a-w-        c:\windows\system32\MRT.exe

2013-05-15 13:26 . 2012-04-04 05:08        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-15 13:26 . 2011-05-17 05:11        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 00:06 . 2010-01-05 07:17        278800        ------w-        c:\windows\system32\MpSigStub.exe

2013-04-12 14:45 . 2013-04-24 06:04        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2013-03-22 14:32 . 2013-02-01 07:19        92248        ----a-w-        c:\programdata\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe

2013-03-19 06:04 . 2013-04-10 06:12        5550424        ----a-w-        c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 06:12        43520        ----a-w-        c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 06:12        3968856        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 06:12        3913560        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 06:12        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 06:12        112640        ----a-w-        c:\windows\system32\smss.exe

2012-01-11 12:10 . 2012-01-11 12:10        507904        ----a-w-        c:\program files\Downloader-fuer-SETUP_A1-Faktura-Plus.exe

2011-12-28 09:04 . 2011-12-28 09:04        77236        ----a-w-        c:\program files\jDownloaderWebInstaller09581.exe

2011-12-28 07:57 . 2011-12-28 07:56        19298464        ----a-w-        c:\program files\FreeYouTubeToMP3Converter.exe

2011-02-23 18:25 . 2011-02-23 12:58        1228416        ----a-w-        c:\program files\DesignPremium_CS5_LS4.exe

2010-11-18 20:41 . 2011-02-22 16:17        91352        ----a-w-        c:\program files\Install Lightroom 3.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{7e111a5c-3d11-4f56-9463-5310c3c69025}"= "c:\program files (x86)\Freeware.de\prxtbFre0.dll" [2013-04-14 231712]

"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files (x86)\softonic-de3\prxtbsof0.dll" [2013-04-14 231712]

.

[HKEY_CLASSES_ROOT\clsid\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

.

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

2013-04-14 12:35        231712        ----a-w-        c:\program files (x86)\Freeware.de\prxtbFre0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

2013-04-14 12:35        231712        ----a-w-        c:\program files (x86)\softonic-de3\prxtbsof0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{7e111a5c-3d11-4f56-9463-5310c3c69025}"= "c:\program files (x86)\Freeware.de\prxtbFre0.dll" [2013-04-14 231712]

"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\program files (x86)\softonic-de3\prxtbsof0.dll" [2013-04-14 231712]

.

[HKEY_CLASSES_ROOT\clsid\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

.

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-06 17:18        120104        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Device Detector"="DevDetect.exe -autorun" [X]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-15 39408]

"Akamai NetSession Interface"="c:\users\BE.ST\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]

"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-12 261888]

"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2009-08-10 629280]

"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]

"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-07-31 128296]

"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-08-04 181480]

"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"SfWinStartInfo"="c:\program files (x86)\SFirm\sfWinStartupInfo.exe" [2012-09-25 144544]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-04-10 2387088]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]

.

c:\users\BE.ST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

FRITZ!DSL Startcenter.lnk - c:\users\BE.ST\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe [N/A]

Mediencenter.lnk - c:\users\BE.ST\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe [2013-4-22 526144]

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

SmartCopy.lnk - c:\program files (x86)\Northstar\SmartCopy\SmartCopy.exe [2009-10-28 319488]

SmartLauncher.lnk - c:\program files (x86)\Northstar\SmartLauncher\SmartLauncher.exe [2009-10-28 339968]

TotalMedia Backup Monitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe [2011-1-8 331776]

Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys;c:\windows\SYSNATIVE\DRIVERS\IAMTVE.sys [x]

R3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys;c:\windows\SYSNATIVE\DRIVERS\IAMTXPE.sys [x]

R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]

R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]

R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]

R4 SQLAgent$COBRA;SQL Server-Agent (COBRA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\SQLAGENT.EXE [x]

R4 SQLAgent$COMBIT_CRM;SQL Server-Agent (COMBIT_CRM);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\SQLAGENT.EXE [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [x]

S2 avmident;AVM FRITZ!Box-Kindersicherung;c:\program files (x86)\FRITZ!Box-Kindersicherung\avmident.exe;c:\program files (x86)\FRITZ!Box-Kindersicherung\avmident.exe [x]

S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]

S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe;c:\program files\Windows Home Server\esClient.exe [x]

S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]

S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]

S2 MSSQL$COBRA;SQL Server (COBRA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.COBRA\MSSQL\Binn\sqlservr.exe [x]

S2 MSSQL$COMBIT_CRM;SQL Server (COMBIT_CRM);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\sqlservr.exe [x]

S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]

S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;c:\windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x]

S2 SearchAnonymizer;SearchAnonymizer;c:\users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe;c:\users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]

S2 WHSConnector;Windows Home Server-Connectordienst;c:\program files\Windows Home Server\WHSConnector.exe;c:\program files\Windows Home Server\WHSConnector.exe [x]

S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]

S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys;c:\windows\SYSNATIVE\drivers\gwfilt64.sys [x]

S3 MSSQLFDLauncher$COMBIT_CRM;SQL Full-text Filter Daemon Launcher (COMBIT_CRM);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\fdlauncher.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.COMBIT_CRM\MSSQL\Binn\fdlauncher.exe [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai        REG_MULTI_SZ           Akamai

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-06-10 06:53        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 13:26]

.

2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-08 15:37]

.

2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-08 15:37]

.

2013-06-12 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-27 08:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Mediencenter_InSync]

@="{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}"

"ReferenceCount"=dword:00000001

[HKEY_CLASSES_ROOT\CLSID\{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}]

2013-04-18 16:06        558592        ----a-w-        c:\users\BE.ST\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Mediencenter_ToSync]

@="{528EE335-5034-4EFC-834E-63E5F02D2BC2}"

"ReferenceCount"=dword:00000001

[HKEY_CLASSES_ROOT\CLSID\{528EE335-5034-4EFC-834E-63E5F02D2BC2}]

2013-04-18 16:06        558592        ----a-w-        c:\users\BE.ST\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Mediencenter_Failed]

@="{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}"

"ReferenceCount"=dword:00000001

[HKEY_CLASSES_ROOT\CLSID\{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}]

2013-04-18 16:06        558592        ----a-w-        c:\users\BE.ST\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-08-06 17:19        137512        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]

"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-06 349480]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]

"Ocs_SM"="c:\users\BE.ST\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-01-11 106496]

"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = about:blank

uLocal Page = c:\windows\system32\blank.htm

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7721&r=17360110cn06973h54b75ph8045l6s

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7721&r=17360110cn06973h54b75ph8045l6s

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\BE.ST\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000

Trusted Zone: samsungsetup.com\www

TCP: Interfaces\{C9C13324-AFCB-4488-A37D-F0A99390A232}: NameServer = 192.168.1.2

FF - ProfilePath - c:\users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBG&o=15132&locale=de_DE&apn_uid=183CEB53-CDBB-423B-B977-0C103B673CA4&apn_ptnrs=RN&apn_sauid=A47A6612-49D1-4781-B19C-2E9BA3E15B93&apn_dtid=YYYYYYYYDE&q=

FF - ExtSQL: !HIDDEN! 2012-01-11 13:11; mail@gutscheinrausch.de; c:\users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\extensions\mail@gutscheinrausch.de

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll

Toolbar-Locked - (no file)

Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll

Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe

Wow6432Node-HKLM-Run-AdobeCS5ServiceManager - c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

Wow6432Node-HKLM-Run-SwitchBoard - c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe

SafeBoot-mcmscsvc

SafeBoot-MCODS

Toolbar-Locked - (no file)

WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)

WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)

HKLM-Run-AdobeAAMUpdater-1.0 - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe

AddRemove-{02698606-3A21-489D-9D2A-75C9E8D3E5BD} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe

AddRemove-{15FEDA5F-141C-4127-8D7E-B962D1742728} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales\e*n**æ—Á*@"]

"LP_LastUpdateTime"="0"

"LP_LastCheckTime"=dword:519237ad

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.032"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.abr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.amr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ani"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.apd"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.arw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bay"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Bitmap"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bwf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cel"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cr2"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.crw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cs1"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cur"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dcr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dcx"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Bitmap"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.djv"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.djvu"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dng"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.emf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.eps"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.erf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fff"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.flc"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fli"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fpx"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Gif"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.hdr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.icl"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.icn"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ico"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.iff"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ilbm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.int"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.inta"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.iw4"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.j2c"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.j2k"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jbr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.JFIF"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jif"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jp2"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpc"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Jpeg"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Jpeg"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Jpeg"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpk"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpx"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.kar"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.kdc"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.lbm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m15"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m1a"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m2a"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m75"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mef"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mos"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mpv"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mrw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.nef"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.orf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pbm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pbr"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pcd"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pct"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pcx"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pef"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pgm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pic"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pics"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pict"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pix"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Png"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ppm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.psd"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.psp"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pspbrush"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pspimage"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.qcp"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.qtpf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.raf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ras"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.raw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rgb"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rgba"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rle"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rsb"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rw2"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sdv"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sfil"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sgi"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smi"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smil"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sml"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sr2"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.srf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.swa"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.tga"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.thm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Tiff"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (S-1-5-21-993182072-3024642314-2012708821-1000)

@Denied: (2) (LocalSystem)

"Progid"="PhotoViewer.FileAssoc.Tiff"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ttc"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ttf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ulw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25po"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25pp"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25ppf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.vfw"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wbm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wbmp"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wmf"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xbm"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xif"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xmp"

.

[HKEY_USERS\S-1-5-21-993182072-3024642314-2012708821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xpm"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-06-13  01:24:07

ComboFix-quarantined-files.txt  2013-06-12 23:24

.

Vor Suchlauf: 15 Verzeichnis(se), 87.167.782.912 Bytes frei

Nach Suchlauf: 20 Verzeichnis(se), 86.620.209.152 Bytes frei

.

- - End Of File - - 8AC4837F34CF350C1ED2490D2C1F1CFA

70E629B51C16B3C007730C6AE57144C9

Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Hi Markus,
malwarebytes hat nichts in die Quarantäne verschoben.
Hier der log file:

Code:

2013/06/13 02:52:55 +0200        ACER_HB        BE.ST        MESSAGE        Starting protection

2013/06/13 02:52:55 +0200        ACER_HB        BE.ST        MESSAGE        Protection started successfully

2013/06/13 02:52:55 +0200        ACER_HB        BE.ST        MESSAGE        Starting IP protection

2013/06/13 02:53:03 +0200        ACER_HB        BE.ST        MESSAGE        IP Protection started successfully

2013/06/13 02:53:09 +0200        ACER_HB        BE.ST        MESSAGE        Starting database refresh

2013/06/13 02:53:09 +0200        ACER_HB        BE.ST        MESSAGE        Stopping IP protection

2013/06/13 02:53:11 +0200        ACER_HB        BE.ST        MESSAGE        IP Protection stopped successfully

2013/06/13 02:53:13 +0200        ACER_HB        BE.ST        MESSAGE        Database refreshed successfully

2013/06/13 02:53:13 +0200        ACER_HB        BE.ST        MESSAGE        Starting IP protection

2013/06/13 02:53:14 +0200        ACER_HB        BE.ST        MESSAGE        IP Protection started successfully

2013/06/13 03:22:57 +0200        ACER_HB        (null)        MESSAGE        Starting protection

2013/06/13 03:22:57 +0200        ACER_HB        (null)        MESSAGE        Protection started successfully

2013/06/13 03:22:57 +0200        ACER_HB        (null)        MESSAGE        Starting IP protection

2013/06/13 03:22:59 +0200        ACER_HB        (null)        MESSAGE        IP Protection started successfully

2013/06/13 15:08:07 +0200        ACER_HB        BE.ST        MESSAGE        Starting protection

2013/06/13 15:08:07 +0200        ACER_HB        BE.ST        MESSAGE        Protection started successfully

2013/06/13 15:08:07 +0200        ACER_HB        BE.ST        MESSAGE        Starting IP protection

2013/06/13 15:08:08 +0200        ACER_HB        BE.ST        MESSAGE        IP Protection started successfully

Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hier ist die Liste, ganz schön viel das meiste unbekannt und nur wenig unnötig

Code:

1&1 EasyLogin                03.01.2011        NOTWENDIG        

7-Zip 9.16 beta                08.11.2010        NOTWENDIG        

ACDSee Image Decoder Update        ACD Systems        06.01.2011        2,20MB        2.0.5  NOTWENDIG

ACDSee Pro 2.5        ACD Systems International        06.01.2011        113MB        2.5.363  NOTWENDIG

ACDSee RAW Image Decoder Plug-In Update 4.0        ACD Systems        06.01.2011        2,00MB        4.0.76  NOTWENDIG

Acer Arcade Deluxe        CyberLink Corp.        28.10.2009        96,4MB        3.1.6731  UNBEKANNT

Acer Backup Manager        NewTech Infosystems        14.08.2009        226MB        2.0.2.19   UNBEKANNT

Acer eRecovery Management        Acer Incorporated        28.10.2009                4.05.3003             UNBEKANNT

Acer GameZone Console        Oberon Media, Inc.        14.08.2009                5.1.0.2                    UNBEKANNT

Acer Registration        Acer Incorporated        28.10.2009                1.02.3006                 UNBEKANNT

Acer ScreenSaver        Acer Incorporated        28.10.2009                1.1.0812                  UNBEKANNT

Acer Updater        Acer Incorporated        14.08.2009                1.01.3014                        UNBEKANNT

Acrobat.com        Adobe Systems Incorporated        14.08.2009        1,60MB        1.6.65               NOTWENDIG

ActiveTrader 4.14.7_b1                04.01.2010                                                    NOTWENDIG

Adobe AIR        Adobe Systems Inc.        23.02.2011                1.5.3.9120                  UNBEKANNT

Adobe Community Help        Adobe Systems Incorporated        23.02.2011                3.0.0.400   UNBEKANNT

Adobe Creative Suite 5 Design Premium        Adobe Systems Incorporated        23.02.2011        5,60GB        5.0      UNBEKANNT

Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        13.06.2013        6,00MB        11.7.700.224     NOTWENDIG

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        13.06.2013        6,00MB        11.7.700.224      NOTWENDIG

Adobe Media Player        Adobe Systems Incorporated        23.02.2011                1.8                          NOTWENDIG

Adobe Reader X (10.1.4) - Deutsch        Adobe Systems Incorporated        28.09.2012        121MB        10.1.4        NOTWENDIG

Akamai NetSession Interface        Akamai Technologies, Inc        24.06.2012                UNBEKANNT

Akamai NetSession Interface Service                10.11.2011                               UNBEKANNT

Apple Application Support        Apple Inc.        04.04.2013        62,7MB        2.3.3           UNBEKANNT

Apple Mobile Device Support        Apple Inc.        04.04.2013        25,2MB        6.1.0.13         UNBEKANNT

Apple Software Update        Apple Inc.        10.12.2011        2,38MB        2.1.3.127            UNBEKANNT

ArcSoft TotalMedia Backup        ArcSoft        08.01.2011                1.5.21.7              UNBEKANNT

AutoCAD LT 2009 - Deutsch        Autodesk        06.01.2010                17.2.56.0      NOTWENDIG

Autodesk Design Review 2011        Autodesk, Inc.        29.12.2010                11.0.0.86       NOTWENDIG

Avira Free Antivirus        Avira        15.11.2012        104MB        12.1.9.1236                NOTWENDIG

AVM FRITZ!Box-Kindersicherung        AVM Berlin        16.12.2011        334KB        4.2.2        NOTWENDIG

Bonjour        Apple Inc.        10.12.2011        1,85MB        3.0.0.10                      UNBEKANNT

CADSymbols 2.0        IMSI        05.07.2010        273MB        2.00.0000              NOTWENDIG

CAS PIA Addin        CAS Software AG        07.05.2013        23,9MB        4.40          NOTWENDIG

CCleaner        Piriform        24.05.2013                4.02         UNBEKANNT

ChemSep 6.51                20.02.2010                6.51                 NOTWENDIG

cobra Adress PLUS 2011        cobra GmbH        20.01.2012        276MB        15.2.2002         NOTWENDIG

cobra Adress PLUS 9                04.01.2010                                     NOTWENDIG

Compatibility Pack für 2007 Office System        Microsoft Corporation        09.01.2013        276MB        12.0.6612.1000 NOTWENDIG

DHTML Editing Component        Microsoft Corporation        21.11.2012        554KB        6.02.0001            UNBEKANNT

Druckverlust 7.0        Software-Factory        16.01.2012        10,8MB                NOTWENDIG

DWG TrueView 2010        Autodesk        22.02.2010                18.0.55.0        NOTWENDIG

eBay Worldwide        OEM        04.01.2010        100KB        2.1.0703                           UNBEKANNT

ElsterFormular        Landesfinanzdirektion Thüringen        21.10.2011                12.4.0.7094u NOTWENDIG

eSobi v2        esobi Inc.        14.08.2009        20,4MB        2.0.4.000274     UNBEKANNT

FloorPlan 3D V.7        IMSI        04.01.2010        111MB        7.3            NOTWENDIG

Foxit Reader                04.01.2010                                   NOTWENDIG

Free RAR Extract Frog        Philipp Winterberg        16.12.2010                2.15 NOTWENDIG

Free YouTube to MP3 Converter version 3.10.14.1206        DVDVideoSoft Ltd.        28.12.2011        77,6MB        NOTWENDIG

FreePDF (Remove only)                08.01.2010                NOTWENDIG

Freeware.de Toolbar        Freeware.de        13.06.2013                6.13.3.501      UNBEKANNT

FRITZ!DSL64                16.12.2011        7,64MB                 NOTWENDIG

Gigaset QuickSync        Gigaset Communications GmbH        12.12.2012        8,59MB        8.0.0856.1 NOTWENDIG

Google Chrome        Google Inc.        08.03.2010                27.0.1453.110  NICHT NOTWENDIG

Google Earth        Google        28.03.2013        173MB        7.0.3.8542        NOTWENDIG

GPL Ghostscript 8.70                08.01.2010                                  UNBEKANNT

Hotkey Utility        Acer Incorporated        28.10.2009                1.00.3003 UNBEKANNT

HP Data Vault 3.1 (x64)        Ihr Firmenname        17.12.2010        6,24MB        3.1.1.34819  NOTWENDIG

HP Update        Hewlett-Packard        13.07.2012        3,98MB        5.003.001.001  UNBEKANNT

iCloud        Apple Inc.        04.04.2013        81,9MB        2.1.1.3                  NOTWENDIG

Identity Card        Acer Incorporated        28.10.2009                1.00.3001   UNBEKANNT

Intel(R) Network Connections 14.3.100.0        Intel        14.08.2009        12,7MB        14.3.100.0   UNBEKANNT

Intel® Matrix Storage Manager        Intel Corporation        28.10.2009                UNBEKANNT

iTunes        Apple Inc.        04.04.2013        187MB        11.0.2.26   NOTWENDIG

Java(TM) 6 Update 30        Sun Microsystems, Inc.        04.01.2010        94,9MB        6.0.300  UNBEKANNT

JDownloader 0.9        AppWork GmbH        28.12.2011                0.9    UNBEKANNT

JMicron JMB36X Driver        JMICRON Technology Corp.        14.08.2009                1.00.0000   UNBEKANNT

KG-TOWER® 5.0        KOCH GLITSCH LP        04.02.2011        49,4MB        5.00.007   NOTWENDIG

Lexware faktura+auftrag 2012        Haufe-Lexware GmbH & Co.KG        13.09.2012        361MB        16.03.00.0140  NOTWENDIG

Lexware Info Service        Haufe-Lexware GmbH & Co.KG        03.02.2012        14,8MB        2.80.00.0007   NOTWENDIG

Lexware online banking        Lexware GmbH & Co. KG        12.08.2010        21,8MB        9.00.00.0035   NOTWENDIG

Malwarebytes Anti-Malware Version 1.75.0.1300        Malwarebytes Corporation        13.06.2013        19,2MB        1.75.0.1300  NOTWENDIG

Mediencenter 3.7.0.2204        Deutsche Telekom AG        16.05.2013                3.7.0.2204   NOTWENDIG

Merriam Websters Spell Jam        Oberon Media        28.10.2009                  UNBEKANNT

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        20.01.2012        38,8MB        4.0.30319   UNBEKANNT

Microsoft .NET Framework 4 Extended        Microsoft Corporation        20.01.2012        51,9MB        4.0.30319   UNBEKANNT

Microsoft Camera Codec Pack        Microsoft Corporation        23.10.2011        15,8MB        16.0.0652.0621   UNBEKANNT

Microsoft Office Enterprise 2007        Microsoft Corporation        22.11.2011                12.0.6612.1000   UNBEKANNT

Microsoft Office File Validation Add-In        Microsoft Corporation        15.09.2011        7,95MB        14.0.5130.5003   UNBEKANNT

Microsoft Office Live Add-in 1.5        Microsoft Corporation        20.09.2012        508KB        2.0.4024.1    UNBEKANNT

Microsoft Office XP Professional mit FrontPage        Microsoft Corporation        16.06.2011        582MB        10.0.6626.0  UNBEKANNT

Microsoft Report Viewer Redistributable 2008 SP1        Microsoft Corporation        21.11.2012                UNBEKANNT

Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU        Microsoft Corporation        21.11.2012        UNBEKANNT        

Microsoft Silverlight        Microsoft Corporation        14.03.2013        100MB        5.1.20125.0    UNBEKANNT

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        28.10.2009        1,72MB        3.1.0000  UNBEKANNT

Microsoft SQL Server 2005-Abwärtskompatibilität        Microsoft Corporation        20.01.2012        47,7MB        8.05.2309  UNBEKANNT

Microsoft SQL Server 2008        Microsoft Corporation        20.01.2012                UNBEKANNT

Microsoft SQL Server 2008 R2        Microsoft Corporation        21.11.2012                UNBEKANNT

Microsoft SQL Server 2008 R2 Native Client        Microsoft Corporation        22.11.2012        6,06MB        10.50.1617.0 UNBEKANNT

Microsoft SQL Server 2008 R2 Setup (English)        Microsoft Corporation        22.11.2012        26,6MB        10.50.1617.0 UNBEKANNT

Microsoft SQL Server 2008 R2-Richtlinien        Microsoft Corporation        21.11.2012        0,99MB        10.50.1600.1 UNBEKANNT

Microsoft SQL Server Browser        Microsoft Corporation        28.01.2013        9,16MB        10.51.2500.0  UNBEKANNT

Microsoft SQL Server Compact 3.5 SP2 DEU        Microsoft Corporation        21.11.2012        3,69MB        3.5.8080.0  UNBEKANNT

Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU        Microsoft Corporation        21.11.2012        5,42MB        3.5.8080.0  UNBEKANNT

Microsoft SQL Server Native Client        Microsoft Corporation        20.01.2012        5,44MB        9.00.4035.00  UNBEKANNT

Microsoft SQL Server VSS Writer        Microsoft Corporation        28.01.2013        3,64MB        10.51.2500.0  UNBEKANNT

Microsoft Sync Framework Services v1.0 (x86) de        Microsoft Corporation        20.01.2012        1,65MB        1.0.1215.0  UNBEKANNT

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053        Microsoft Corporation        07.01.2010        260KB        8.0.50727.4053  UNBEKANNT

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        24.01.2012        250KB        8.0.50727.4053  UNBEKANNT

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        16.06.2011        300KB        8.0.61001  UNBEKANNT

Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        06.01.2010        700KB        8.0.61000 UNBEKANNT

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175        Microsoft Corporation        29.04.2011        580KB        8.0.51011  UNBEKANNT

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148        Microsoft Corporation        23.02.2010        212KB        9.0.30729.4148  UNBEKANNT

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        05.01.2010        200KB        9.0.30729.4148  UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570        Microsoft Corporation        29.04.2011        790KB        9.0.30729.5570  UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        29.04.2011        598KB        9.0.30729.5570 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729        Microsoft Corporation        16.12.2011        242KB        9.0.30729  UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        22.02.2010        786KB        9.0.30729  UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        29.12.2010        786KB        9.0.30729.4148 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        16.06.2011        788KB        9.0.30729.6161 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        17.10.2012        230KB        9.0.30729 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        04.01.2010        596KB        9.0.30729 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        30.03.2010        594KB        9.0.30729.4148 UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        600KB        9.0.30729.6161 UNBEKANNT

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        16.10.2011        12,2MB        10.0.40219 UNBEKANNT

Microsoft Visual Studio Tools for Applications 2.0 - ENU        Microsoft Corporation        22.11.2012        235MB        9.0.35191 UNBEKANNT

Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU        Microsoft Corporation        21.11.2012        91,1MB        9.0.35191 UNBEKANNT

Microsoft Works        Microsoft Corporation        10.10.2012        1,18GB        9.7.0621 UNBEKANNT

Microsoft WSE 3.0 Runtime        Microsoft Corp.        04.01.2010        942KB        3.0.5305.0 UNBEKANNT

Mozilla Firefox 21.0 (x86 de)        Mozilla        21.05.2013        51,3MB        21.0  NOTWENDIG

Mozilla Maintenance Service        Mozilla        21.05.2013        333KB        21.0  NOTWENDIG

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        05.01.2010        1,27MB        4.20.9870.0 UNBEKANNT

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        05.01.2010        1,33MB        4.20.9876.0 UNBEKANNT

MyWinLocker        Egis Technology Inc.        14.08.2009        47,9MB        3.1.72.0 UNBEKANNT

Nero 9 Essentials        Nero AG        14.08.2009                 UNBEKANNT 

NVIDIA 3D Vision Treiber 311.06        NVIDIA Corporation        15.04.2013                311.06 NOTWENDIG

NVIDIA Grafiktreiber 311.06        NVIDIA Corporation        15.04.2013                311.06 NOTWENDIG

NVIDIA PhysX        NVIDIA Corporation        28.10.2009        119MB        9.09.0428

NVIDIA Update 1.11.3        NVIDIA Corporation        15.04.2013                1.11.3

OpenOffice.org 3.4.1        Apache Software Foundation        05.04.2013        331MB        3.41.9593  NOTWENDIG

PuTTY version 0.62        Simon Tatham        15.01.2012        3,43MB        0.62   NOTWENDIG

QuickTime        Apple Inc.        04.04.2013        73,1MB        7.73.80.64   NOTWENDIG

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        14.08.2009                6.0.1.5898  NOTWENDIG

Recover My Photos        GetData Pty Ltd        07.01.2011        11,1MB        4.4.6.1421  UNNÖTIG

RedMon - Redirection Port Monitor                08.01.2010                UNBEKANNT

RENESIS® Player Browser Plugins        examotion® GmbH        04.01.2010        1,83MB        1.1.1 UNBEKANNT

Samsung Easy Printer Manager        Samsung Electronics Co., Ltd.        17.10.2012                1.01.16.02  NOTWENDIG

Samsung Network PC Fax        Samsung Electronics Co., Ltd.        17.10.2012        13,3MB        1.05.23.04 NOTWENDIG

Samsung Printer Live Update        Samsung Electronics Co., Ltd.        17.10.2012                NOTWENDIG

Samsung Scan Assistant        Samsung Electronics Co., Ltd.        17.10.2012        23,4MB        1.04.26.00 NOTWENDIG

Samsung SCX-472x Series        Samsung Electronics Co., Ltd.        17.10.2012                NOTWENDIG

SearchAnonymizer                11.01.2012                1.0.1 (de)  UNBEKANNT

SFirm        Star Finanz GmbH        25.09.2012        359MB        2.39.4.250.0 NOTWENDIG

Skype Click to Call        Skype Technologies S.A.        31.10.2012        40,7MB        6.3.11079 UNBEKANNT

Skype™ 6.3        Skype Technologies S.A.        24.05.2013        38,8MB        6.3.107 NOTWENDIG

SmartCopy        Northstar Systems Corp.        28.10.2009                UNBEKANNT

SmartLauncher        Northstar Systems Corp.        28.10.2009                UNBEKANNT

softonic-de3 Toolbar        softonic-de3        23.03.2012                6.8.5.1 UNBEKANNT

TurboCAD Deluxe V.10        IMSI        04.01.2010        127MB        10.1.56.0    NOTWENDIG

TurboCAD Symbole        Ihr Firmenname        04.01.2010        166MB        10.0  NOTWENDIG

Uniblue RegistryBooster        Uniblue Systems Ltd        20.01.2011                5.0.0.14

Unterstützungsdateien für Microsoft SQL Server 2008-Setup         Microsoft Corporation        21.02.2012        30,0MB        10.3.5500.0 UNBEKANNT

Welcome Center        Acer Incorporated        28.10.2009                1.00.3005 UNBEKANNT

Windows Home Server-Connector        Microsoft Corporation        27.01.2011        20,3MB        6.0.3436.0  UNBEKANNT

Windows Live Anmelde-Assistent        Microsoft Corporation        28.10.2009        1,93MB        5.000.818.5  UNBEKANNT

Windows Live Essentials        Microsoft Corporation        28.10.2009                14.0.8064.0206     UNBEKANNT

Windows Live Sync        Microsoft Corporation        28.10.2009        2,79MB        14.0.8064.206     UNBEKANNT

Windows Live-Uploadtool        Microsoft Corporation        28.10.2009        224KB        14.0.8014.1029   UNBEKANNT

LG Helge

allgemein, lade Programme nur vom hersteller, instaliere immer benutzerdefiniert, wähle toolbars eetc ab.
und informiere dich über Software, die du instalierst.
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
eBay
Freeware.de
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
JDownloader
Nero
SearchAnonymizer
softonic
Uniblue : finger weg von solchem schrott wie Registry boster, bringt nichts und kann dem pc schaden
Windows Live : alle für dich unnötigen

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Vielen Dank erstmal für die vielen guten Ratschläge. Ich habe alle Punkte nach ANleitung abgehakt und hier ist die logdatei:

Code:

# AdwCleaner v2.303 - Datei am 13/06/2013 um 14:27:18 erstellt

# Aktualisiert am 08/06/2013 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzer : BE.ST - ACER_HB

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\BE.ST\Downloads\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml

Datei Gelöscht : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\Askcom.xml

Datei Gelöscht : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\searchplugins\Conduit.xml

Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk

Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

Ordner Gelöscht : C:\Program Files (x86)\Conduit

Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine

Ordner Gelöscht : C:\ProgramData\Partner

Ordner Gelöscht : C:\Users\BE.ST\AppData\Local\Conduit

Ordner Gelöscht : C:\Users\BE.ST\AppData\Local\PackageAware

Ordner Gelöscht : C:\Users\BE.ST\AppData\LocalLow\Conduit

Ordner Gelöscht : C:\Users\BE.ST\AppData\LocalLow\ConduitEngine

Ordner Gelöscht : C:\Users\BE.ST\AppData\LocalLow\facemoods.com

Ordner Gelöscht : C:\Users\BE.ST\AppData\LocalLow\PriceGong

Ordner Gelöscht : C:\Users\BE.ST\AppData\Roaming\dvdvideosoftiehelpers

Ordner Gelöscht : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\Conduit

Ordner Gelöscht : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\ConduitEngine

Ordner Gelöscht : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\wi2ccqdc.Server2Go\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}

Ordner Gelöscht : C:\Users\BE.ST\AppData\Roaming\OCS
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\facemoods.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.escrtSrvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.xtrnl

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoodsApp.appCore

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Schlüssel Gelöscht : HKLM\Software\Conduit

Schlüssel Gelöscht : HKLM\Software\facemoods.com

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}

Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16618
 

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddrnw&f=2 --> hxxp://www.google.com

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com
 

-\\ Mozilla Firefox v21.0 (de)
 

Datei : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\ndnt1uvh.default\prefs.js
 

Gelöscht : user_pref("CT2431245..clientLogIsEnabled", false);

Gelöscht : user_pref("CT2431245..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Gelöscht : user_pref("CT2431245..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Gelöscht : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Gelöscht : user_pref("CT2431245.CTID", "CT2431245");

Gelöscht : user_pref("CT2431245.CurrentServerDate", "9-1-2011");

Gelöscht : user_pref("CT2431245.DialogsAlignMode", "LTR");

Gelöscht : user_pref("CT2431245.DownloadReferralCookieData", "");

Gelöscht : user_pref("CT2431245.EMailNotifierPollDate", "Sun Jan 09 2011 10:55:06 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedLastCount129009402595187825", 673);

Gelöscht : user_pref("CT2431245.FeedPollDate7470634014180506963", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634014269327586", "Sun Jan 09 2011 08:18:56 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634014329599698", "Sun Jan 09 2011 08:18:58 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634014537505092", "Sun Jan 09 2011 08:18:58 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634014970726540", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634015410831318", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634015483395460", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634015636754705", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634015768347545", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634015855543602", "Sun Jan 09 2011 08:18:58 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016030710453", "Sun Jan 09 2011 08:18:56 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016114705611", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016129205152", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016143724791", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016271239162", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016568520719", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634016726993788", "Sun Jan 09 2011 08:18:56 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017109031809", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017132743740", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017299547668", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017302327846", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017344111490", "Sun Jan 09 2011 08:18:58 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017478360748", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017732797593", "Sun Jan 09 2011 08:18:58 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634017821686064", "Sun Jan 09 2011 08:19:00 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedPollDate7470634018090228721", "Sun Jan 09 2011 08:18:59 GMT+0100");

Gelöscht : user_pref("CT2431245.FeedTTL7470634014269327586", 5);

Gelöscht : user_pref("CT2431245.FeedTTL7470634014537505092", 5);

Gelöscht : user_pref("CT2431245.FeedTTL7470634014970726540", 2);

Gelöscht : user_pref("CT2431245.FeedTTL7470634015636754705", 5);

Gelöscht : user_pref("CT2431245.FeedTTL7470634016568520719", 30);

Gelöscht : user_pref("CT2431245.FirstServerDate", "8-1-2011");

Gelöscht : user_pref("CT2431245.FirstTime", true);

Gelöscht : user_pref("CT2431245.FirstTimeFF3", true);

Gelöscht : user_pref("CT2431245.FixPageNotFoundErrors", true);

Gelöscht : user_pref("CT2431245.GroupingServerCheckInterval", 1440);

Gelöscht : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Gelöscht : user_pref("CT2431245.HasUserGlobalKeys", true);

Gelöscht : user_pref("CT2431245.Initialize", true);

Gelöscht : user_pref("CT2431245.InitializeCommonPrefs", true);

Gelöscht : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);

Gelöscht : user_pref("CT2431245.InstallationId", "Unknown");

Gelöscht : user_pref("CT2431245.InstallationType", "ExternalIntegration");

Gelöscht : user_pref("CT2431245.InstalledDate", "Sat Jan 08 2011 14:12:49 GMT+0100");

Gelöscht : user_pref("CT2431245.InvalidateCache", false);

Gelöscht : user_pref("CT2431245.IsGrouping", false);

Gelöscht : user_pref("CT2431245.IsMulticommunity", false);

Gelöscht : user_pref("CT2431245.IsOpenThankYouPage", false);

Gelöscht : user_pref("CT2431245.IsOpenUninstallPage", true);

Gelöscht : user_pref("CT2431245.LanguagePackLastCheckTime", "Sat Jan 08 2011 14:12:49 GMT+0100");

Gelöscht : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);

Gelöscht : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Gelöscht : user_pref("CT2431245.LastLogin_3.2.5.2", "Sun Jan 09 2011 08:18:56 GMT+0100");

Gelöscht : user_pref("CT2431245.LatestVersion", "3.2.5.2");

Gelöscht : user_pref("CT2431245.Locale", "de-de");

Gelöscht : user_pref("CT2431245.MCDetectTooltipHeight", "83");

Gelöscht : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Gelöscht : user_pref("CT2431245.MCDetectTooltipWidth", "295");

Gelöscht : user_pref("CT2431245.RadioIsPodcast", false);

Gelöscht : user_pref("CT2431245.RadioLastCheckTime", "Sat Jan 08 2011 14:12:50 GMT+0100");

Gelöscht : user_pref("CT2431245.RadioLastUpdateIPServer", "3");

Gelöscht : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");

Gelöscht : user_pref("CT2431245.RadioMediaID", "20503672");

Gelöscht : user_pref("CT2431245.RadioMediaType", "Media Player");

Gelöscht : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");

Gelöscht : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");

Gelöscht : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");

Gelöscht : user_pref("CT2431245.SearchFromAddressBarIsInit", true);

Gelöscht : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]

Gelöscht : user_pref("CT2431245.SearchInNewTabEnabled", true);

Gelöscht : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);

Gelöscht : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Sat Jan 08 2011 14:12:49 GMT+0100");

Gelöscht : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Gelöscht : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Gelöscht : user_pref("CT2431245.ServiceMapLastCheckTime", "Sat Jan 08 2011 14:12:47 GMT+0100");

Gelöscht : user_pref("CT2431245.SettingsLastCheckTime", "Sun Jan 09 2011 08:18:54 GMT+0100");

Gelöscht : user_pref("CT2431245.SettingsLastUpdate", "1294251587");

Gelöscht : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);

Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 14:12:47 GMT+0100");

Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1255348257");

Gelöscht : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]

Gelöscht : user_pref("CT2431245.UserID", "UN41559849686012858");

Gelöscht : user_pref("CT2431245.WeatherNetwork", "");

Gelöscht : user_pref("CT2431245.WeatherPollDate", "Sun Jan 09 2011 10:50:07 GMT+0100");

Gelöscht : user_pref("CT2431245.WeatherUnit", "C");

Gelöscht : user_pref("CT2431245.alertChannelId", "825452");

Gelöscht : user_pref("CT2431245.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");

Gelöscht : user_pref("CT2431245.myStuffEnabled", true);

Gelöscht : user_pref("CT2431245.myStuffPublihserMinWidth", 400);

Gelöscht : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Gelöscht : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);

Gelöscht : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Gelöscht : user_pref("CT2431245.testingCtid", "");

Gelöscht : user_pref("CT2431245.toolbarAppMetaDataLastCheckTime", "Sat Jan 08 2011 14:12:48 GMT+0100");

Gelöscht : user_pref("CT2431245.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 14:12:49 GMT+0100");

Gelöscht : user_pref("CT2431245.usagesFlag", 1);

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"0\"")[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", [...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT2431245.xml", "\"07ba0[...]

Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]

Gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2431245");

Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");

Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");

Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");

Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");

Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");

Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2431245");

Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245");

Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Jan 08 2011 18:28:50 GMT+0100");

Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");

Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jan 08 2011 14:12:46 GMT+0100");

Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");

Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Gelöscht : user_pref("CommunityToolbar.alert.userId", "1959351c-5d58-4d6d-b3f4-8c80bcf4d5d3");

Gelöscht : user_pref("ConduitEngine.FirstServerDate", "01/08/2011 16");

Gelöscht : user_pref("ConduitEngine.FirstTime", true);

Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);

Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);

Gelöscht : user_pref("ConduitEngine.Initialize", true);

Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);

Gelöscht : user_pref("ConduitEngine.InstalledDate", "Sat Jan 08 2011 14:12:48 GMT+0100");

Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);

Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);

Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);

Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Jan 08 2011 14:12:48 GMT+0100");

Gelöscht : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Jan 09 2011 08:18:57 GMT+0100");

Gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);

Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Jan 09 2011 08:18:57 GMT+0100");

Gelöscht : user_pref("ConduitEngine.UserID", "UN69993681442227320");

Gelöscht : user_pref("ConduitEngine.engineLocale", "de");

Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Jan 08 2011 14:12:48 GMT+0100");

Gelöscht : user_pref("ConduitEngine.initDone", true);

Gelöscht : user_pref("ConduitEngine.usagesFlag", 1);

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");

Gelöscht : user_pref("browser.search.defaultthis.engineName", "Freeware.de Customized Web Search");

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&Sea[...]

Gelöscht : user_pref("browser.search.order.1", "Ask.com");

Gelöscht : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");

Gelöscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");

Gelöscht : user_pref("extensions.facemoods.dfltSrch", true);

Gelöscht : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");

Gelöscht : user_pref("extensions.facemoods.dnsErr", true);

Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");

Gelöscht : user_pref("extensions.facemoods.firstRun", false);

Gelöscht : user_pref("extensions.facemoods.first_time", false);

Gelöscht : user_pref("extensions.facemoods.hmpg", true);

Gelöscht : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");

Gelöscht : user_pref("extensions.facemoods.id", "_#2adc291800000000000000016c7013a6");

Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15336");

Gelöscht : user_pref("extensions.facemoods.mntz", "");

Gelöscht : user_pref("extensions.facemoods.newTab", true);

Gelöscht : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");

Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");

Gelöscht : user_pref("extensions.facemoods.searchProviderAdded", true);

Gelöscht : user_pref("extensions.facemoods.sid", "_#69a1abf2a9bc41e6b7f247e7dbca31ea");

Gelöscht : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");

Gelöscht : user_pref("extensions.facemoods.uninst", true);

Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");

Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");

Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBG&o=15132&locale=d[...]
 

Datei : C:\Users\BE.ST\AppData\Roaming\Mozilla\Firefox\Profiles\wi2ccqdc.Server2Go\prefs.js
 

[OK] Die Datei ist sauber.
 

-\\ Google Chrome v27.0.1453.110
 

Datei : C:\Users\BE.ST\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R1].txt - [27961 octets] - [13/06/2013 14:26:00]

AdwCleaner[R2].txt - [28022 octets] - [13/06/2013 14:27:09]

AdwCleaner[S1].txt - [27583 octets] - [13/06/2013 14:27:18]
 

########## EOF - C:\AdwCleaner[S1].txt - [27644 octets] ##########

Auch ohne konkretes Problem sollte ich wohl auch meine anderen Rechner einmal säubern.
Ist die Reihenfolge ab Mawarebytes dafür gut geeignet?

Gruß Helge