| tommihit | 16.07.2012 15:29 |
Hallo,
man, das ging ja schnell! Super, vielen Dank erst einmal für die Antwort und die Hilfe.
Habe alles so gemacht, wie in Deiner Anleitung beschrieben.
Hier ist der OTL-Log:
OTL Logfile: Code:
OTL logfile created on: 7/16/2012 12:19:29 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Thomas Hitscher\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.87 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 64.05% Memory free
5.73 Gb Paging File | 4.25 Gb Available in Paging File | 74.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424.66 Gb Total Space | 325.11 Gb Free Space | 76.56% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 21.44 Gb Free Space | 53.60% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Thomas Hitscher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/16 12:16:54 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas Hitscher\Desktop\OTL.exe
PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/06/06 11:41:48 | 001,823,160 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/05/13 18:22:24 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\Thomas Hitscher\AppData\Local\Apps\2.0\KNDLZK0X.BYT\N68NNXGB.RQC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
PRC - [2012/05/08 20:54:37 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/08 20:54:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/08 20:54:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/08 20:54:37 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/05/03 14:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/05/03 14:07:06 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/04/30 21:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
PRC - [2012/04/30 21:04:28 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/04/04 07:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Systemprogramme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/03/19 13:38:46 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 13:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/05 13:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011/07/16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/03/10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/03 16:39:38 | 000,107,816 | ---- | M] (CyberLink) -- C:\Programme\Videobearbeitung\HomeCinema\Power2Go\CLMLSvc.exe
PRC - [2010/06/17 22:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Program Files\FreePDF_XP\fpassist.exe
PRC - [2010/04/23 16:53:10 | 001,423,904 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/01/13 19:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2009/12/14 20:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2009/12/12 00:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- c:\Programme\Systemprogramme\RealVNC\VNC4\winvnc4.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/14 07:14:58 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
MOD - [2012/06/14 07:14:38 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/14 07:14:28 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/06/14 07:14:27 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\37aa8a6e1a69671c23eb916417629682\System.Deployment.ni.dll
MOD - [2012/06/14 07:14:02 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
MOD - [2012/05/13 18:22:14 | 000,368,640 | ---- | M] () -- C:\Users\Thomas Hitscher\AppData\Local\Apps\2.0\KNDLZK0X.BYT\N68NNXGB.RQC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.DLL
MOD - [2012/05/10 19:49:40 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 19:48:24 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/10 19:48:18 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/10 19:48:13 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/10 19:48:12 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/10 19:47:41 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012/02/20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Programme\Systemprogramme\FileZilla FTP Client\fzshellext.dll
MOD - [2010/08/03 16:39:38 | 000,619,816 | ---- | M] () -- C:\Programme\Videobearbeitung\HomeCinema\Power2Go\CLMediaLibrary.dll
MOD - [2010/08/03 16:39:32 | 000,013,096 | ---- | M] () -- C:\Programme\Videobearbeitung\HomeCinema\Power2Go\CLMLSvcPS.dll
MOD - [2010/05/18 08:49:42 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010/05/18 08:49:26 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/07/12 11:02:31 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Programme\Kommunikation\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/08 20:54:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 20:54:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/03 14:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/04/30 21:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2012/03/19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/05 13:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 13:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 13:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/06/14 19:08:01 | 000,073,600 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011/05/26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- c:\Programme\Systemprogramme\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - [2012/05/13 18:22:15 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2012/05/08 20:54:37 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 20:54:37 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/30 21:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/04/20 13:53:00 | 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/12/15 16:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/12/08 06:22:30 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2011/12/08 06:22:30 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2011/12/08 06:22:30 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2011/10/25 04:52:12 | 000,188,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CxPlrCap.sys -- (CXPLRCAP)
DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/24 15:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/04 17:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/02/27 05:01:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/02/03 19:06:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2009/09/18 04:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/413
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6CEA06E7-F76C-4F26-9972-3F56352A4548}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.ebay.de/"
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=413&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\Musikprogramme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\Thomas Hitscher\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Thomas Hitscher\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Thomas Hitscher\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/05/23 18:42:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Programme\Systemprogramme\Mozilla Firefox\components [2012/06/17 10:43:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Programme\Systemprogramme\Mozilla Firefox\plugins [2012/04/13 23:43:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Systemprogramme\Mozilla Firefox\components [2012/06/17 10:43:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Systemprogramme\Mozilla Firefox\plugins [2012/04/13 23:43:18 | 000,000,000 | ---D | M]
[2012/07/03 20:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas Hitscher\AppData\Roaming\mozilla\Extensions
[2012/07/03 20:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas Hitscher\AppData\Roaming\mozilla\Firefox\Profiles\3i6xbetf.default\extensions
[2012/07/03 20:31:59 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Thomas Hitscher\AppData\Roaming\mozilla\Firefox\Profiles\3i6xbetf.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/03/30 07:26:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Thomas Hitscher\AppData\Roaming\mozilla\Firefox\Profiles\3i6xbetf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/10 21:31:25 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Thomas Hitscher\AppData\Roaming\mozilla\Firefox\Profiles\3i6xbetf.default\extensions\ffxtlbr@zonealarm.com
[2012/07/03 20:31:40 | 000,002,515 | ---- | M] () -- C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\searchplugins\Search_Results.xml
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Kommunikation\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Programme\Videobearbeitung\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Systemprogramme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" File not found
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Thomas Hitscher\AppData\Local\Apps\2.0\KNDLZK0X.BYT\N68NNXGB.RQC\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [Doabysk] "C:\Users\Thomas Hitscher\AppData\Roaming\Inedan\oxbay.exe" File not found
O4 - HKCU..\Run: [EA Core] "C:\Programme\Spiele\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [KiesHelper] C:\Programme\Systemprogramme\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Systemprogramme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~3\\EBAY\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Kommunikation\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Kommunikation\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Kommunikation\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\datamngr.dll) - C:\PROGRA~1\WIA6EB~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll) - C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14265378-2cbb-11e1-bc01-1c4bd6e5c276}\Shell - "" = AutoRun
O33 - MountPoints2\{14265378-2cbb-11e1-bc01-1c4bd6e5c276}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{532bdd56-8c52-11e1-b28d-1c4bd6e5c276}\Shell - "" = AutoRun
O33 - MountPoints2\{532bdd56-8c52-11e1-b28d-1c4bd6e5c276}\Shell\AutoRun\command - "" = H:\DPFMate.exe
O33 - MountPoints2\{84e68873-7ce1-11e1-b1fe-1c4bd6e5c276}\Shell - "" = AutoRun
O33 - MountPoints2\{84e68873-7ce1-11e1-b1fe-1c4bd6e5c276}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/16 12:16:54 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas Hitscher\Desktop\OTL.exe
[2012/07/16 10:22:04 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten-Dateien
[2012/07/15 12:19:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/12 13:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\FreieTonne
[2012/07/10 21:49:25 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/07/06 12:40:55 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\Malwarebytes
[2012/07/06 12:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/06 12:40:36 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/06 12:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/06 12:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/06 11:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/07/03 21:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
[2012/07/03 21:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2012/07/03 21:07:46 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\Documents\Any Audio Converter
[2012/07/03 21:07:45 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\AnvSoft
[2012/07/03 21:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012/07/03 21:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2012/07/03 20:31:44 | 000,360,448 | ---- | C] (FLV.com) -- C:\Windows\System32\TubeFinder.exe
[2012/07/03 20:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
[2012/07/03 20:31:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\FreeFLVConverter
[2012/07/03 20:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[2012/07/03 20:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Searchqu Toolbar
[2012/07/03 12:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012/07/03 12:01:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\Pemaa
[2012/07/03 12:01:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\Inedan
[2012/07/03 12:01:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Roaming\Cait
[2012/07/03 11:59:17 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/06/25 19:47:22 | 000,000,000 | ---D | C] -- C:\Users\Thomas Hitscher\AppData\Local\Macromedia
[2012/06/22 20:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2012/06/16 21:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAR
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/16 12:16:54 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas Hitscher\Desktop\OTL.exe
[2012/07/16 12:15:56 | 000,000,000 | ---- | M] () -- C:\Users\Thomas Hitscher\defogger_reenable
[2012/07/16 12:14:55 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/16 12:14:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/16 11:32:00 | 000,001,160 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1486169328-2368988707-4284464166-1000UA.job
[2012/07/16 10:23:05 | 000,050,477 | ---- | M] () -- C:\Users\Thomas Hitscher\Desktop\Defogger.exe
[2012/07/16 10:22:21 | 000,070,552 | ---- | M] () -- C:\Users\Thomas Hitscher\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
[2012/07/16 10:15:12 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/16 10:15:12 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/16 10:07:34 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/14 20:32:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1486169328-2368988707-4284464166-1000Core.job
[2012/07/13 20:35:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/12 16:21:45 | 000,458,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/12 14:39:31 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\FreieTonne-USB.lnk
[2012/07/12 14:08:27 | 1204,512,215 | ---- | M] () -- C:\Users\Thomas Hitscher\Desktop\ft-install-files.zip
[2012/07/11 10:14:30 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/07/11 10:14:30 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/11 10:14:30 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/07/11 10:14:30 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/03 21:14:40 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\FLV Player.lnk
[2012/07/03 21:07:41 | 000,001,187 | ---- | M] () -- C:\Users\Thomas Hitscher\Desktop\Any Audio Converter.lnk
[2012/07/03 20:31:45 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
[2012/07/03 20:31:45 | 000,001,083 | ---- | M] () -- C:\Users\Thomas Hitscher\Desktop\Free FLV Converter.lnk
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/03 12:15:18 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2012/07/03 12:01:54 | 000,001,897 | ---- | M] () -- C:\Users\Thomas Hitscher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/16 12:15:56 | 000,000,000 | ---- | C] () -- C:\Users\Thomas Hitscher\defogger_reenable
[2012/07/16 10:23:04 | 000,050,477 | ---- | C] () -- C:\Users\Thomas Hitscher\Desktop\Defogger.exe
[2012/07/16 10:22:04 | 000,070,552 | ---- | C] () -- C:\Users\Thomas Hitscher\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
[2012/07/12 14:39:31 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\FreieTonne-USB.lnk
[2012/07/12 13:28:59 | 1204,512,215 | ---- | C] () -- C:\Users\Thomas Hitscher\Desktop\ft-install-files.zip
[2012/07/06 12:40:37 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/03 21:14:40 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\FLV Player.lnk
[2012/07/03 21:07:41 | 000,001,187 | ---- | C] () -- C:\Users\Thomas Hitscher\Desktop\Any Audio Converter.lnk
[2012/07/03 20:31:45 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
[2012/07/03 20:31:45 | 000,001,083 | ---- | C] () -- C:\Users\Thomas Hitscher\Desktop\Free FLV Converter.lnk
[2012/07/03 20:31:43 | 000,364,544 | ---- | C] () -- C:\Windows\System32\PropertyGrid.ocx
[2012/07/03 20:31:43 | 000,208,500 | ---- | C] () -- C:\Windows\System32\ReyXpBasics.tlb
[2012/07/03 20:31:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ControlSubX.ocx
[2012/07/03 12:01:54 | 000,001,897 | ---- | C] () -- C:\Users\Thomas Hitscher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/05/10 21:25:24 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/04/13 23:44:49 | 000,000,875 | ---- | C] () -- C:\Users\Thomas Hitscher\.DChannelDecoder.opt
[2012/04/13 23:34:19 | 000,315,444 | ---- | C] () -- C:\Windows\System32\isdnapi32.dll
[2012/04/13 23:34:19 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AuerCapiJNINative.dll
[2012/04/13 23:34:19 | 000,032,768 | ---- | C] () -- C:\Windows\System32\AuerUsbJNINative.dll
[2012/02/05 11:33:18 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2012/01/31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/01/31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/01/31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/01/31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/01/31 18:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/11/09 20:52:47 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/11/09 20:37:59 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2011/06/16 18:38:11 | 000,073,600 | ---- | C] () -- C:\Windows\System32\ezGOSvc.dll
[2011/01/02 11:32:53 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010/12/19 17:54:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/18 22:48:07 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010/12/18 22:48:07 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2010/12/18 22:02:57 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
========== LOP Check ==========
[2012/07/03 21:07:45 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\AnvSoft
[2010/12/18 21:59:33 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Ashampoo
[2012/07/03 12:42:29 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Cait
[2012/05/10 21:31:20 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\CheckPoint
[2012/02/24 19:35:17 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Command and Conquer 4
[2012/01/28 22:19:06 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\DAEMON Tools Lite
[2012/05/21 21:57:55 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\FileZilla
[2012/07/15 23:35:20 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\FreeFLVConverter
[2011/12/14 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\go
[2011/01/28 19:28:21 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\GoPal Assistant
[2012/07/10 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Inedan
[2012/07/03 12:01:42 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Pemaa
[2012/04/21 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Samsung
[2012/03/10 19:43:07 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\TeamViewer
[2012/04/21 20:21:59 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Temp
[2011/11/02 22:45:46 | 000,000,000 | ---D | M] -- C:\Users\Thomas Hitscher\AppData\Roaming\Total Immersion
[2012/07/15 11:57:57 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
Als nächstes der Systemlook-Log: Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 15:58 on 16/07/2012 by Thomas Hitscher
Administrator - Elevation successful
========== regfind ==========
Searching for "roper0dun.exe"
No data found.
Searching for "roper0dun.exe"
No data found.
-= EOF =-
Dann der AdwareCleaner: Code:
# AdwCleaner v1.702 - Logfile created 07/16/2012 at 16:02:11
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Thomas Hitscher - LAPTOP
# Running from : C:\Users\Thomas Hitscher\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Thomas Hitscher\AppData\LocalLow\Conduit
Folder Found : C:\Users\Thomas Hitscher\AppData\LocalLow\searchquband
Folder Found : C:\Users\Thomas Hitscher\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\Conduit
Folder Found : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\ConduitCommon
Folder Found : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\Searchqutoolbar
Folder Found : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Windows Searchqu Toolbar
Folder Found : C:\Program Files\ZoneAlarm-Sicherheit
File Found : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\searchplugins\Search_Results.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Found : HKLM\SOFTWARE\SearchquMediabarTb
Key Found : HKLM\SOFTWARE\Software
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7600.16385
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/413
-\\ Mozilla Firefox v4.0 (de)
Profile name : default
File : C:\Users\Thomas Hitscher\AppData\Roaming\Mozilla\Firefox\Profiles\3i6xbetf.default\prefs.js
Found : user_pref("CT2613550..clientLogIsEnabled", false);
Found : user_pref("CT2613550..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2613550..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2613550.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2613550.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2613550.CTID", "ct2613550");
Found : user_pref("CT2613550.CurrentServerDate", "10-5-2012");
Found : user_pref("CT2613550.DialogsAlignMode", "LTR");
Found : user_pref("CT2613550.DialogsGetterLastCheckTime", "Tue May 08 2012 20:55:02 GMT+0200");
Found : user_pref("CT2613550.DownloadReferralCookieData", "");
Found : user_pref("CT2613550.EMailNotifierCheckInterval", "5");
Found : user_pref("CT2613550.EMailNotifierLabelLength", 6);
Found : user_pref("CT2613550.EMailNotifierPollDate", "Thu May 10 2012 21:23:30 GMT+0200");
Found : user_pref("CT2613550.EMailNotifierSound", "C:\\Windows\\Media\\Garden\\Windows Default.wav");
Found : user_pref("CT2613550.FeedPollDate129254982599602533", "Fri Mar 25 2011 15:54:41 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602539", "Fri Mar 25 2011 15:54:41 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602545", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602551", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602557", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602563", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602569", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602575", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602581", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602587", "Fri Mar 25 2011 15:54:42 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602593", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602599", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602605", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602611", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602617", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602623", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate129254982599602629", "Fri Mar 25 2011 15:54:43 GMT+0100");
Found : user_pref("CT2613550.FeedPollDate7861255190875796966", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255191286404846", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255191690696803", "Wed Jul 13 2011 21:25:08 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255191830767423", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255192204641884", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255192330261614", "Wed Jul 13 2011 21:25:07 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255192609293799", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255192844976705", "Wed Jul 13 2011 21:25:07 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193025486845", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193127848905", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193189289837", "Wed Jul 13 2011 21:25:08 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193256322449", "Wed Jul 13 2011 21:25:07 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193310202497", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193760634970", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255193813312257", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255194862513855", "Wed Jul 13 2011 21:25:07 GMT+0200");
Found : user_pref("CT2613550.FeedPollDate7861255194875474195", "Wed Jul 13 2011 21:25:10 GMT+0200");
Found : user_pref("CT2613550.FeedTTL129254982599602545", 5);
Found : user_pref("CT2613550.FeedTTL129254982599602551", 5);
Found : user_pref("CT2613550.FeedTTL129254982599602575", 2);
Found : user_pref("CT2613550.FeedTTL129254982599602605", 5);
Found : user_pref("CT2613550.FeedTTL129254982599602617", 30);
Found : user_pref("CT2613550.FeedTTL7861255190875796966", 5);
Found : user_pref("CT2613550.FeedTTL7861255191286404846", 2);
Found : user_pref("CT2613550.FeedTTL7861255191830767423", 30);
Found : user_pref("CT2613550.FeedTTL7861255192609293799", 30);
Found : user_pref("CT2613550.FeedTTL7861255192844976705", 5);
Found : user_pref("CT2613550.FeedTTL7861255193256322449", 5);
Found : user_pref("CT2613550.FeedTTL7861255193310202497", 2);
Found : user_pref("CT2613550.FirstServerDate", "19-12-2010");
Found : user_pref("CT2613550.FirstTime", true);
Found : user_pref("CT2613550.FirstTimeFF3", true);
Found : user_pref("CT2613550.FirstTimeSettingsDone", true);
Found : user_pref("CT2613550.FixPageNotFoundErrors", true);
Found : user_pref("CT2613550.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2613550.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2613550.HasUserGlobalKeys", true);
Found : user_pref("CT2613550.Initialize", true);
Found : user_pref("CT2613550.InitializeCommonPrefs", true);
Found : user_pref("CT2613550.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2613550.InstallationType", "UnknownIntegration");
Found : user_pref("CT2613550.InstalledDate", "Sat Dec 18 2010 22:24:33 GMT+0100");
Found : user_pref("CT2613550.IsAlertDBUpdated", true);
Found : user_pref("CT2613550.IsGrouping", false);
Found : user_pref("CT2613550.IsMulticommunity", false);
Found : user_pref("CT2613550.IsOpenThankYouPage", false);
Found : user_pref("CT2613550.IsOpenUninstallPage", true);
Found : user_pref("CT2613550.LanguagePackLastCheckTime", "Sat Dec 18 2010 22:24:45 GMT+0100");
Found : user_pref("CT2613550.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2613550.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2613550.LastLogin_2.7.1.3", "Fri Mar 25 2011 15:54:41 GMT+0100");
Found : user_pref("CT2613550.LastLogin_3.10.0.1", "Wed Apr 18 2012 16:07:39 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.12.0.7", "Wed Apr 25 2012 18:05:19 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.12.2.3", "Thu May 10 2012 19:49:59 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.3.3.2", "Sun Jul 24 2011 13:33:58 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.5.0.12", "Wed Aug 24 2011 16:59:04 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.6.0.10", "Wed Oct 05 2011 17:59:55 GMT+0200");
Found : user_pref("CT2613550.LastLogin_3.7.0.6", "Wed Nov 09 2011 16:49:00 GMT+0100");
Found : user_pref("CT2613550.LastLogin_3.8.0.8", "Wed Dec 07 2011 21:01:58 GMT+0100");
Found : user_pref("CT2613550.LastLogin_3.8.1.0", "Mon Jan 16 2012 20:29:08 GMT+0100");
Found : user_pref("CT2613550.LastLogin_3.9.0.3", "Thu Mar 08 2012 19:31:16 GMT+0100");
Found : user_pref("CT2613550.LatestVersion", "3.12.2.3");
Found : user_pref("CT2613550.Locale", "de-de");
Found : user_pref("CT2613550.LoginCache", 4);
Found : user_pref("CT2613550.MCDetectTooltipHeight", "83");
Found : user_pref("CT2613550.MCDetectTooltipShow", false);
Found : user_pref("CT2613550.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2613550.MCDetectTooltipWidth", "295");
Found : user_pref("CT2613550.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2613550.RadioIsPodcast", false);
Found : user_pref("CT2613550.RadioMediaID", "8577");
Found : user_pref("CT2613550.RadioMediaType", "Media Player");
Found : user_pref("CT2613550.RadioMenuSelectedID", "EBRadioMenu_CT2613550_RECENT8577");
Found : user_pref("CT2613550.RadioShrinked", "expanded");
Found : user_pref("CT2613550.RadioStationName", "Rock%20n%20Pop%20106!8%20");
Found : user_pref("CT2613550.RadioStationURL", "hxxp://62.75.132.19:80");
Found : user_pref("CT2613550.RadioVolume", "60");
Found : user_pref("CT2613550.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2613550.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2613550.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("CT2613550.SearchInNewTabEnabled", true);
Found : user_pref("CT2613550.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2613550.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2613550.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2613550.ServiceMapLastCheckTime", "Thu May 10 2012 21:24:58 GMT+0200");
Found : user_pref("CT2613550.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2613550.SettingsLastCheckTime", "Sat Dec 18 2010 22:24:32 GMT+0100");
Found : user_pref("CT2613550.SettingsLastUpdate", "1291812328");
Found : user_pref("CT2613550.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2613550.ThirdPartyComponentsLastCheck", "Sat Dec 18 2010 22:24:31 GMT+0100");
Found : user_pref("CT2613550.ThirdPartyComponentsLastUpdate", "1255348257");
Found : user_pref("CT2613550.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2613550.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2613550");
Found : user_pref("CT2613550.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2613550.UserID", "UN91529305457378263");
Found : user_pref("CT2613550.ValidationData_Search", 1);
Found : user_pref("CT2613550.ValidationData_Toolbar", 2);
Found : user_pref("CT2613550.WeatherNetwork", "");
Found : user_pref("CT2613550.WeatherPollDate", "Thu May 10 2012 21:08:21 GMT+0200");
Found : user_pref("CT2613550.WeatherUnit", "C");
Found : user_pref("CT2613550.alertChannelId", "1006347");
Found : user_pref("CT2613550.backendstorage.facebook_mode", "32");
Found : user_pref("CT2613550.backendstorage.facebook_user_locale", "6465");
Found : user_pref("CT2613550.clientLogIsEnabled", false);
Found : user_pref("CT2613550.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2613550.components.1000082", true);
Found : user_pref("CT2613550.components.1000234", true);
Found : user_pref("CT2613550.ct2613550.AppTrackingLastCheckTime", "Tue May 08 2012 20:55:18 GMT+0200");
Found : user_pref("CT2613550.ct2613550.DialogsAlignMode", "LTR");
Found : user_pref("CT2613550.ct2613550.FeedLastCount3082739963941193807", 832);
Found : user_pref("CT2613550.ct2613550.FirstTimeSettingsDone", true);
Found : user_pref("CT2613550.ct2613550.InvalidateCache", false);
Found : user_pref("CT2613550.ct2613550.LanguagePackLastCheckTime", "Thu May 10 2012 21:08:20 GMT+0200");
Found : user_pref("CT2613550.ct2613550.Locale", "de-de");
Found : user_pref("CT2613550.ct2613550.RadioLastCheckTime", "Thu May 10 2012 21:08:20 GMT+0200");
Found : user_pref("CT2613550.ct2613550.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2613550.ct2613550.RadioLastUpdateServer", "0");
Found : user_pref("CT2613550.ct2613550.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Found : user_pref("CT2613550.ct2613550.SearchInNewTabLastCheckTime", "Thu May 10 2012 21:08:20 GMT+0200");
Found : user_pref("CT2613550.ct2613550.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2613550.ct2613550.SettingsLastCheckTime", "Thu May 10 2012 19:49:57 GMT+0200");
Found : user_pref("CT2613550.ct2613550.SettingsLastUpdate", "1334650619");
Found : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastCheck", "Sat Apr 21 2012 15:26:05 GMT+0200");
Found : user_pref("CT2613550.ct2613550.ThirdPartyComponentsLastUpdate", "1255348257");
Found : user_pref("CT2613550.ct2613550.components.1001", true);
Found : user_pref("CT2613550.ct2613550.globalFirstTimeInfoLastCheckTime", "Sun May 06 2012 20:53:19 GMT+0200[...]
Found : user_pref("CT2613550.ct2613550.toolbarAppMetaDataLastCheckTime", "Thu May 10 2012 21:08:20 GMT+0200"[...]
Found : user_pref("CT2613550.ct2613550.toolbarContextMenuLastCheckTime", "Fri Apr 27 2012 22:04:21 GMT+0200"[...]
Found : user_pref("CT2613550.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2613550.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2613550.initDone", true);
Found : user_pref("CT2613550.isAppTrackingManagerOn", true);
Found : user_pref("CT2613550.myStuffEnabled", true);
Found : user_pref("CT2613550.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2613550.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2613550.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2613550.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2613550.oldAppsList", "129171076488700693,129171076488856944,111,129171076488856945,129[...]
Found : user_pref("CT2613550.revertSettingsEnabled", true);
Found : user_pref("CT2613550.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2613550.searchProtectorEnableByLogin", true);
Found : user_pref("CT2613550.testingCtid", "");
Found : user_pref("CT2613550.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2613550.usagesFlag", 2);
Found : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2613550");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2613550/CT2613550[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2613550", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2613550",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2613550&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2613550/CT2613550[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/50/261/CT2613550/Images/6340849712463612[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Thomas Hitscher\\AppData\\Roaming\\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2613550");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2613550");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Mar 31 2011 18:37:26 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jul 24 2011 13:33:57 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "1e028694-4e39-4c6e-be79-da6962228966");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Apr 16 2012 19:40:58 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "2d9e71fe-5413-4df8-9d98-e5033559c882");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 08 2012 20:55:0[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu May 10 2012 21:08:19 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "18432776-40e8-40d5-8c3e-8fe41a6ca0ac");
Found : user_pref("browser.search.defaultenginename", "Search Results");
Found : user_pref("browser.search.order.1", "Search Results");
Found : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=413&sr=0&q=");
*************************
AdwCleaner[R1].txt - [27455 octets] - [16/07/2012 16:02:11]
########## EOF - C:\AdwCleaner[R1].txt - [27584 octets] ##########
Und zu guter Letzt noch der TDSS-Killer: Code:
16:05:13.0887 3176 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
16:05:14.0137 3176 ============================================================
16:05:14.0137 3176 Current date / time: 2012/07/16 16:05:14.0137
16:05:14.0137 3176 SystemInfo:
16:05:14.0137 3176
16:05:14.0137 3176 OS Version: 6.1.7600 ServicePack: 0.0
16:05:14.0137 3176 Product type: Workstation
16:05:14.0137 3176 ComputerName: LAPTOP
16:05:14.0137 3176 UserName: Thomas Hitscher
16:05:14.0137 3176 Windows directory: C:\Windows
16:05:14.0137 3176 System windows directory: C:\Windows
16:05:14.0137 3176 Processor architecture: Intel x86
16:05:14.0137 3176 Number of processors: 4
16:05:14.0137 3176 Page size: 0x1000
16:05:14.0137 3176 Boot type: Normal boot
16:05:14.0137 3176 ============================================================
16:05:14.0620 3176 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:05:14.0636 3176 Drive \Device\Harddisk1\DR1 - Size: 0x7A00000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:05:14.0636 3176 ============================================================
16:05:14.0636 3176 \Device\Harddisk0\DR0:
16:05:14.0636 3176 MBR partitions:
16:05:14.0636 3176 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:05:14.0636 3176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
16:05:14.0636 3176 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
16:05:14.0636 3176 \Device\Harddisk1\DR1:
16:05:14.0636 3176 MBR partitions:
16:05:14.0636 3176 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3CFDF
16:05:14.0636 3176 ============================================================
16:05:14.0667 3176 C: <-> \Device\Harddisk0\DR0\Partition1
16:05:14.0714 3176 D: <-> \Device\Harddisk0\DR0\Partition2
16:05:14.0714 3176 ============================================================
16:05:14.0714 3176 Initialize success
16:05:14.0714 3176 ============================================================
16:05:50.0095 7448 ============================================================
16:05:50.0095 7448 Scan started
16:05:50.0095 7448 Mode: Manual; SigCheck; TDLFS;
16:05:50.0095 7448 ============================================================
16:05:51.0157 7448 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
16:05:51.0297 7448 1394ohci - ok
16:05:51.0359 7448 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
16:05:51.0391 7448 ACPI - ok
16:05:51.0437 7448 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
16:05:51.0484 7448 AcpiPmi - ok
16:05:51.0609 7448 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:05:51.0640 7448 AdobeARMservice - ok
16:05:51.0734 7448 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:05:51.0765 7448 AdobeFlashPlayerUpdateSvc - ok
16:05:51.0859 7448 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
16:05:51.0905 7448 adp94xx - ok
16:05:52.0015 7448 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
16:05:52.0061 7448 adpahci - ok
16:05:52.0093 7448 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
16:05:52.0140 7448 adpu320 - ok
16:05:52.0156 7448 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
16:05:52.0203 7448 AeLookupSvc - ok
16:05:52.0281 7448 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
16:05:52.0359 7448 AFD - ok
16:05:52.0406 7448 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
16:05:52.0437 7448 agp440 - ok
16:05:52.0468 7448 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
16:05:52.0484 7448 aic78xx - ok
16:05:52.0546 7448 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
16:05:52.0593 7448 ALG - ok
16:05:52.0640 7448 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
16:05:52.0671 7448 aliide - ok
16:05:52.0718 7448 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
16:05:52.0733 7448 amdagp - ok
16:05:52.0749 7448 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
16:05:52.0764 7448 amdide - ok
16:05:52.0811 7448 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
16:05:52.0842 7448 AmdK8 - ok
16:05:52.0874 7448 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
16:05:52.0936 7448 AmdPPM - ok
16:05:52.0983 7448 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
16:05:53.0014 7448 amdsata - ok
16:05:53.0045 7448 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
16:05:53.0076 7448 amdsbs - ok
16:05:53.0092 7448 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
16:05:53.0108 7448 amdxata - ok
16:05:53.0217 7448 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:05:53.0248 7448 AntiVirSchedulerService - ok
16:05:53.0295 7448 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:05:53.0310 7448 AntiVirService - ok
16:05:53.0357 7448 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
16:05:53.0420 7448 AppID - ok
16:05:53.0466 7448 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
16:05:53.0544 7448 AppIDSvc - ok
16:05:53.0576 7448 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
16:05:53.0622 7448 Appinfo - ok
16:05:53.0685 7448 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:05:53.0716 7448 Apple Mobile Device - ok
16:05:53.0747 7448 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
16:05:53.0778 7448 arc - ok
16:05:53.0794 7448 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
16:05:53.0810 7448 arcsas - ok
16:05:53.0856 7448 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
16:05:53.0903 7448 AsyncMac - ok
16:05:53.0966 7448 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
16:05:53.0997 7448 atapi - ok
16:05:54.0075 7448 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
16:05:54.0137 7448 AudioEndpointBuilder - ok
16:05:54.0153 7448 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
16:05:54.0200 7448 Audiosrv - ok
16:05:54.0278 7448 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
16:05:54.0309 7448 avgntflt - ok
16:05:54.0356 7448 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
16:05:54.0371 7448 avipbb - ok
16:05:54.0402 7448 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
16:05:54.0434 7448 avkmgr - ok
16:05:54.0480 7448 avmaudio (728c4a6c722535c16d1025f51aa31e22) C:\Windows\system32\DRIVERS\avmaudio.sys
16:05:54.0527 7448 avmaudio - ok
16:05:54.0574 7448 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
16:05:54.0636 7448 AxInstSV - ok
16:05:54.0730 7448 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
16:05:54.0808 7448 b06bdrv - ok
16:05:54.0870 7448 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
16:05:54.0964 7448 b57nd60x - ok
16:05:55.0104 7448 BBSvc (483f1162eeebd10bf77fbb32db963370) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
16:05:55.0136 7448 BBSvc - ok
16:05:55.0198 7448 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
16:05:55.0229 7448 BBUpdate - ok
16:05:55.0260 7448 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
16:05:55.0323 7448 BDESVC - ok
16:05:55.0354 7448 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
16:05:55.0401 7448 Beep - ok
16:05:55.0479 7448 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
16:05:55.0557 7448 BFE - ok
16:05:55.0635 7448 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
16:05:55.0728 7448 BITS - ok
16:05:55.0760 7448 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
16:05:55.0775 7448 blbdrive - ok
16:05:55.0900 7448 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:05:55.0931 7448 Bonjour Service - ok
16:05:55.0978 7448 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
16:05:56.0025 7448 bowser - ok
16:05:56.0056 7448 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:05:56.0103 7448 BrFiltLo - ok
16:05:56.0118 7448 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:05:56.0150 7448 BrFiltUp - ok
16:05:56.0196 7448 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
16:05:56.0259 7448 Browser - ok
16:05:56.0306 7448 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
16:05:56.0384 7448 Brserid - ok
16:05:56.0430 7448 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
16:05:56.0477 7448 BrSerWdm - ok
16:05:56.0524 7448 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:05:56.0571 7448 BrUsbMdm - ok
16:05:56.0586 7448 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
16:05:56.0649 7448 BrUsbSer - ok
16:05:56.0664 7448 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
16:05:56.0711 7448 BTHMODEM - ok
16:05:56.0774 7448 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
16:05:56.0836 7448 bthserv - ok
16:05:56.0883 7448 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
16:05:56.0930 7448 cdfs - ok
16:05:56.0976 7448 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
16:05:57.0023 7448 cdrom - ok
16:05:57.0054 7448 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
16:05:57.0117 7448 CertPropSvc - ok
16:05:57.0164 7448 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
16:05:57.0210 7448 circlass - ok
16:05:57.0273 7448 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
16:05:57.0320 7448 CLFS - ok
16:05:57.0398 7448 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:05:57.0429 7448 clr_optimization_v2.0.50727_32 - ok
16:05:57.0507 7448 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:05:57.0522 7448 clr_optimization_v4.0.30319_32 - ok
16:05:57.0554 7448 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
16:05:57.0600 7448 CmBatt - ok
16:05:57.0632 7448 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
16:05:57.0647 7448 cmdide - ok
16:05:57.0710 7448 CNG (db5e008b3744dd60c8498cbbf2a1cfa6) C:\Windows\system32\Drivers\cng.sys
16:05:57.0741 7448 CNG - ok
16:05:57.0772 7448 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
16:05:57.0803 7448 Compbatt - ok
16:05:57.0850 7448 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:05:57.0897 7448 CompositeBus - ok
16:05:57.0928 7448 COMSysApp - ok
16:05:57.0959 7448 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
16:05:57.0975 7448 crcdisk - ok
16:05:58.0037 7448 CryptSvc (520a108a2657f4bca7fced9ca7d885de) C:\Windows\system32\cryptsvc.dll
16:05:58.0084 7448 CryptSvc - ok
16:05:58.0146 7448 CXPLRCAP (46dc77a5dc7ad463713c603c019541ba) C:\Windows\system32\drivers\CxPlrCap.sys
16:05:58.0209 7448 CXPLRCAP - ok
16:05:58.0287 7448 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
16:05:58.0349 7448 DcomLaunch - ok
16:05:58.0396 7448 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
16:05:58.0490 7448 defragsvc - ok
16:05:58.0536 7448 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
16:05:58.0599 7448 DfsC - ok
16:05:58.0677 7448 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
16:05:58.0739 7448 Dhcp - ok
16:05:58.0755 7448 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
16:05:58.0817 7448 discache - ok
16:05:58.0864 7448 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
16:05:58.0895 7448 Disk - ok
16:05:58.0926 7448 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
16:05:58.0973 7448 Dnscache - ok
16:05:59.0004 7448 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
16:05:59.0082 7448 dot3svc - ok
16:05:59.0114 7448 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
16:05:59.0176 7448 DPS - ok
16:05:59.0207 7448 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
16:05:59.0254 7448 drmkaud - ok
16:05:59.0332 7448 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
16:05:59.0394 7448 DXGKrnl - ok
16:05:59.0441 7448 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
16:05:59.0519 7448 EapHost - ok
16:05:59.0722 7448 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
16:05:59.0878 7448 ebdrv - ok
16:06:00.0018 7448 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
16:06:00.0081 7448 EFS - ok
16:06:00.0299 7448 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
16:06:00.0362 7448 ehRecvr - ok
16:06:00.0471 7448 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
16:06:00.0580 7448 ehSched - ok
16:06:00.0705 7448 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
16:06:00.0798 7448 elxstor - ok
16:06:00.0830 7448 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
16:06:00.0876 7448 ErrDev - ok
16:06:00.0923 7448 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
16:06:00.0986 7448 EventSystem - ok
16:06:01.0048 7448 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
16:06:01.0157 7448 exfat - ok
16:06:01.0266 7448 ezGOSvc (da7ed3a484a2a03fd8aec1b3a0db401c) C:\Windows\system32\ezGOSvc.dll
16:06:01.0282 7448 ezGOSvc - ok
16:06:01.0313 7448 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
16:06:01.0391 7448 fastfat - ok
16:06:01.0454 7448 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
16:06:01.0500 7448 Fax - ok
16:06:01.0547 7448 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
16:06:01.0594 7448 fdc - ok
16:06:01.0625 7448 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
16:06:01.0672 7448 fdPHost - ok
16:06:01.0703 7448 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
16:06:01.0766 7448 FDResPub - ok
16:06:01.0797 7448 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
16:06:01.0812 7448 FileInfo - ok
16:06:01.0828 7448 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
16:06:01.0890 7448 Filetrace - ok
16:06:01.0922 7448 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
16:06:01.0968 7448 flpydisk - ok
16:06:02.0015 7448 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
16:06:02.0046 7448 FltMgr - ok
16:06:02.0140 7448 FontCache (b6512a85815fdc3d560c3705f5bdb93d) C:\Windows\system32\FntCache.dll
16:06:02.0234 7448 FontCache - ok
16:06:02.0327 7448 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:06:02.0358 7448 FontCache3.0.0.0 - ok
16:06:02.0390 7448 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
16:06:02.0405 7448 FsDepends - ok
16:06:02.0483 7448 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
16:06:02.0499 7448 fssfltr - ok
16:06:02.0670 7448 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
16:06:02.0764 7448 fsssvc - ok
16:06:02.0904 7448 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
16:06:02.0936 7448 Fs_Rec - ok
16:06:02.0998 7448 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
16:06:03.0029 7448 fvevol - ok
16:06:03.0076 7448 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:06:03.0092 7448 gagp30kx - ok
16:06:03.0138 7448 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:06:03.0170 7448 GEARAspiWDM - ok
16:06:03.0232 7448 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
16:06:03.0294 7448 gpsvc - ok
16:06:03.0326 7448 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
16:06:03.0372 7448 hcw85cir - ok
16:06:03.0435 7448 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
16:06:03.0497 7448 HdAudAddService - ok
16:06:03.0575 7448 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:06:03.0622 7448 HDAudBus - ok
16:06:03.0669 7448 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
16:06:03.0716 7448 HECI - ok
16:06:03.0747 7448 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
16:06:03.0778 7448 HidBatt - ok
16:06:03.0825 7448 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
16:06:03.0887 7448 HidBth - ok
16:06:03.0934 7448 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
16:06:03.0981 7448 HidIr - ok
16:06:04.0012 7448 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
16:06:04.0074 7448 hidserv - ok
16:06:04.0121 7448 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
16:06:04.0168 7448 HidUsb - ok
16:06:04.0199 7448 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
16:06:04.0246 7448 hkmsvc - ok
16:06:04.0293 7448 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
16:06:04.0324 7448 HomeGroupListener - ok
16:06:04.0386 7448 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
16:06:04.0433 7448 HomeGroupProvider - ok
16:06:04.0480 7448 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:06:04.0511 7448 HpSAMD - ok
16:06:04.0589 7448 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
16:06:04.0667 7448 HTTP - ok
16:06:04.0683 7448 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
16:06:04.0698 7448 hwpolicy - ok
16:06:04.0745 7448 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
16:06:04.0792 7448 i8042prt - ok
16:06:04.0870 7448 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
16:06:04.0917 7448 iaStor - ok
16:06:05.0010 7448 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:06:05.0026 7448 IAStorDataMgrSvc - ok
16:06:05.0104 7448 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
16:06:05.0135 7448 iaStorV - ok
16:06:05.0291 7448 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:06:05.0354 7448 idsvc - ok
16:06:05.0915 7448 igfx (8e9da2e49347af49901526dcd4d0f397) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:06:06.0180 7448 igfx - ok
16:06:06.0336 7448 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
16:06:06.0368 7448 iirsp - ok
16:06:06.0461 7448 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
16:06:06.0539 7448 IKEEXT - ok
16:06:06.0617 7448 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\Windows\system32\DRIVERS\Impcd.sys
16:06:06.0664 7448 Impcd - ok
16:06:06.0882 7448 IntcAzAudAddService (5f9882ba31b7755341bc7773cb1ead62) C:\Windows\system32\drivers\RTKVHDA.sys
16:06:07.0023 7448 IntcAzAudAddService - ok
16:06:07.0194 7448 IntcDAud (bf31740828a26ab451803e3b35432651) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:06:07.0272 7448 IntcDAud - ok
16:06:07.0304 7448 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
16:06:07.0335 7448 intelide - ok
16:06:07.0366 7448 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
16:06:07.0413 7448 intelppm - ok
16:06:07.0444 7448 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
16:06:07.0491 7448 IPBusEnum - ok
16:06:07.0522 7448 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:06:07.0584 7448 IpFilterDriver - ok
16:06:07.0647 7448 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
16:06:07.0725 7448 iphlpsvc - ok
16:06:07.0756 7448 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:06:07.0772 7448 IPMIDRV - ok
16:06:07.0818 7448 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
16:06:07.0865 7448 IPNAT - ok
16:06:07.0990 7448 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
16:06:08.0037 7448 iPod Service - ok
16:06:08.0052 7448 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
16:06:08.0115 7448 IRENUM - ok
16:06:08.0177 7448 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
16:06:08.0208 7448 isapnp - ok
16:06:08.0240 7448 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
16:06:08.0271 7448 iScsiPrt - ok
16:06:08.0333 7448 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
16:06:08.0364 7448 ISWKL - ok
16:06:08.0427 7448 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
16:06:08.0474 7448 IswSvc - ok
16:06:08.0520 7448 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:06:08.0536 7448 kbdclass - ok
16:06:08.0583 7448 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
16:06:08.0614 7448 kbdhid - ok
16:06:08.0661 7448 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
16:06:08.0692 7448 KeyIso - ok
16:06:08.0754 7448 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
16:06:08.0770 7448 KL1 - ok
16:06:08.0801 7448 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
16:06:08.0817 7448 kl2 - ok
16:06:08.0895 7448 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
16:06:08.0942 7448 KLIF - ok
16:06:08.0973 7448 KSecDD (52fc17c8589f11747d01d3cf592673d0) C:\Windows\system32\Drivers\ksecdd.sys
16:06:08.0988 7448 KSecDD - ok
16:06:09.0035 7448 KSecPkg (3e5474b03568cfab834da3c38e8c9efa) C:\Windows\system32\Drivers\ksecpkg.sys
16:06:09.0051 7448 KSecPkg - ok
16:06:09.0113 7448 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
16:06:09.0176 7448 KtmRm - ok
16:06:09.0222 7448 L1C (4566fd5f4416e7fef3600e4b30d086c3) C:\Windows\system32\DRIVERS\L1C62x86.sys
16:06:09.0238 7448 L1C - ok
16:06:09.0269 7448 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
16:06:09.0300 7448 LanmanServer - ok
16:06:09.0332 7448 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
16:06:09.0394 7448 LanmanWorkstation - ok
16:06:09.0456 7448 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
16:06:09.0534 7448 lltdio - ok
16:06:09.0597 7448 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
16:06:09.0690 7448 lltdsvc - ok
16:06:09.0706 7448 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
16:06:09.0768 7448 lmhosts - ok
16:06:09.0909 7448 LMS (1e2f802846eb944e0333efee7c9532a8) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:06:09.0924 7448 LMS - ok
16:06:09.0971 7448 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:06:09.0987 7448 LSI_FC - ok
16:06:10.0034 7448 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:06:10.0049 7448 LSI_SAS - ok
16:06:10.0080 7448 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:06:10.0096 7448 LSI_SAS2 - ok
16:06:10.0127 7448 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:06:10.0143 7448 LSI_SCSI - ok
16:06:10.0190 7448 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
16:06:10.0252 7448 luafv - ok
16:06:10.0314 7448 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
16:06:10.0361 7448 Mcx2Svc - ok
16:06:10.0439 7448 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:06:10.0470 7448 MDM ( UnsignedFile.Multi.Generic ) - warning
16:06:10.0470 7448 MDM - detected UnsignedFile.Multi.Generic (1)
16:06:10.0502 7448 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
16:06:10.0517 7448 megasas - ok
16:06:10.0580 7448 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
16:06:10.0611 7448 MegaSR - ok
16:06:10.0689 7448 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:06:10.0720 7448 Microsoft Office Groove Audit Service - ok
16:06:10.0736 7448 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:06:10.0798 7448 MMCSS - ok
16:06:10.0845 7448 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
16:06:10.0907 7448 Modem - ok
16:06:10.0938 7448 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
16:06:10.0985 7448 monitor - ok
16:06:11.0016 7448 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
16:06:11.0032 7448 mouclass - ok
16:06:11.0094 7448 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
16:06:11.0172 7448 mouhid - ok
16:06:11.0219 7448 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
16:06:11.0235 7448 mountmgr - ok
16:06:11.0282 7448 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
16:06:11.0297 7448 mpio - ok
16:06:11.0313 7448 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
16:06:11.0375 7448 mpsdrv - ok
16:06:11.0438 7448 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
16:06:11.0516 7448 MpsSvc - ok
16:06:11.0531 7448 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
16:06:11.0578 7448 MRxDAV - ok
16:06:11.0640 7448 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:06:11.0687 7448 mrxsmb - ok
16:06:11.0734 7448 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:06:11.0812 7448 mrxsmb10 - ok
16:06:11.0859 7448 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:06:11.0890 7448 mrxsmb20 - ok
16:06:11.0937 7448 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
16:06:11.0952 7448 msahci - ok
16:06:11.0984 7448 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
16:06:12.0015 7448 msdsm - ok
16:06:12.0046 7448 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
16:06:12.0093 7448 MSDTC - ok
16:06:12.0124 7448 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
16:06:12.0186 7448 Msfs - ok
16:06:12.0202 7448 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
16:06:12.0249 7448 mshidkmdf - ok
16:06:12.0280 7448 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
16:06:12.0311 7448 msisadrv - ok
16:06:12.0358 7448 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
16:06:12.0420 7448 MSiSCSI - ok
16:06:12.0420 7448 msiserver - ok
16:06:12.0467 7448 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
16:06:12.0530 7448 MSKSSRV - ok
16:06:12.0561 7448 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
16:06:12.0623 7448 MSPCLOCK - ok
16:06:12.0639 7448 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
16:06:12.0701 7448 MSPQM - ok
16:06:12.0732 7448 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
16:06:12.0764 7448 MsRPC - ok
16:06:12.0795 7448 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
16:06:12.0826 7448 mssmbios - ok
16:06:12.0857 7448 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
16:06:12.0888 7448 MSTEE - ok
16:06:12.0904 7448 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
16:06:12.0935 7448 MTConfig - ok
16:06:12.0951 7448 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
16:06:12.0982 7448 Mup - ok
16:06:13.0029 7448 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
16:06:13.0091 7448 napagent - ok
16:06:13.0154 7448 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
16:06:13.0216 7448 NativeWifiP - ok
16:06:13.0294 7448 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
16:06:13.0356 7448 NDIS - ok
16:06:13.0403 7448 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
16:06:13.0450 7448 NdisCap - ok
16:06:13.0481 7448 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
16:06:13.0528 7448 NdisTapi - ok
16:06:13.0575 7448 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
16:06:13.0606 7448 Ndisuio - ok
16:06:13.0653 7448 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
16:06:13.0700 7448 NdisWan - ok
16:06:13.0715 7448 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
16:06:13.0746 7448 NDProxy - ok
16:06:13.0778 7448 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
16:06:13.0840 7448 NetBIOS - ok
16:06:13.0871 7448 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
16:06:13.0965 7448 NetBT - ok
16:06:13.0996 7448 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
16:06:14.0027 7448 Netlogon - ok
16:06:14.0074 7448 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
16:06:14.0136 7448 Netman - ok
16:06:14.0183 7448 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
16:06:14.0261 7448 netprofm - ok
16:06:14.0355 7448 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:06:14.0386 7448 NetTcpPortSharing - ok
16:06:14.0417 7448 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
16:06:14.0433 7448 nfrd960 - ok
16:06:14.0480 7448 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
16:06:14.0542 7448 NlaSvc - ok
16:06:14.0589 7448 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
16:06:14.0651 7448 Npfs - ok
16:06:14.0682 7448 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
16:06:14.0714 7448 nsi - ok
16:06:14.0729 7448 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
16:06:14.0776 7448 nsiproxy - ok
16:06:14.0932 7448 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
16:06:15.0010 7448 Ntfs - ok
16:06:15.0150 7448 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
16:06:15.0228 7448 Null - ok
16:06:15.0275 7448 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
16:06:15.0291 7448 nvraid - ok
16:06:15.0338 7448 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
16:06:15.0369 7448 nvstor - ok
16:06:15.0400 7448 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
16:06:15.0431 7448 nv_agp - ok
16:06:15.0540 7448 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:06:15.0587 7448 odserv - ok
16:06:15.0603 7448 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
16:06:15.0650 7448 ohci1394 - ok
16:06:15.0681 7448 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:06:15.0712 7448 ose - ok
16:06:15.0759 7448 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:06:15.0790 7448 p2pimsvc - ok
16:06:15.0852 7448 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
16:06:15.0884 7448 p2psvc - ok
16:06:15.0915 7448 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
16:06:15.0977 7448 Parport - ok
16:06:16.0008 7448 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys
16:06:16.0024 7448 partmgr - ok
16:06:16.0055 7448 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
16:06:16.0071 7448 Parvdm - ok
16:06:16.0118 7448 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
16:06:16.0149 7448 PcaSvc - ok
16:06:16.0196 7448 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
16:06:16.0227 7448 pci - ok
16:06:16.0258 7448 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
16:06:16.0274 7448 pciide - ok
16:06:16.0320 7448 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
16:06:16.0352 7448 pcmcia - ok
16:06:16.0383 7448 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
16:06:16.0398 7448 pcw - ok
16:06:16.0492 7448 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
16:06:16.0570 7448 PEAUTH - ok
16:06:16.0726 7448 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
16:06:16.0851 7448 pla - ok
16:06:17.0022 7448 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
16:06:17.0069 7448 PlugPlay - ok
16:06:17.0100 7448 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
16:06:17.0116 7448 PNRPAutoReg - ok
16:06:17.0163 7448 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
16:06:17.0178 7448 PNRPsvc - ok
16:06:17.0225 7448 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
16:06:17.0303 7448 PolicyAgent - ok
16:06:17.0350 7448 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
16:06:17.0397 7448 Power - ok
16:06:17.0459 7448 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
16:06:17.0522 7448 PptpMiniport - ok
16:06:17.0553 7448 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
16:06:17.0615 7448 Processor - ok
16:06:17.0678 7448 ProfSvc (aea3bdbdba667aa6f678cb38907e4f5e) C:\Windows\system32\profsvc.dll
16:06:17.0724 7448 ProfSvc - ok
16:06:17.0740 7448 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
16:06:17.0771 7448 ProtectedStorage - ok
16:06:17.0818 7448 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
16:06:17.0880 7448 Psched - ok
16:06:17.0974 7448 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:06:18.0005 7448 PSI_SVC_2 - ok
16:06:18.0146 7448 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
16:06:18.0224 7448 ql2300 - ok
16:06:18.0364 7448 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
16:06:18.0395 7448 ql40xx - ok
16:06:18.0442 7448 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
16:06:18.0536 7448 QWAVE - ok
16:06:18.0582 7448 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
16:06:18.0614 7448 QWAVEdrv - ok
16:06:18.0692 7448 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
16:06:18.0707 7448 RapiMgr - ok
16:06:18.0738 7448 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
16:06:18.0801 7448 RasAcd - ok
16:06:18.0848 7448 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:06:18.0910 7448 RasAgileVpn - ok
16:06:18.0941 7448 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
16:06:18.0988 7448 RasAuto - ok
16:06:19.0019 7448 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:06:19.0066 7448 Rasl2tp - ok
16:06:19.0113 7448 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
16:06:19.0206 7448 RasMan - ok
16:06:19.0253 7448 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
16:06:19.0316 7448 RasPppoe - ok
16:06:19.0362 7448 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
16:06:19.0425 7448 RasSstp - ok
16:06:19.0472 7448 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
16:06:19.0534 7448 rdbss - ok
16:06:19.0565 7448 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
16:06:19.0612 7448 rdpbus - ok
16:06:19.0628 7448 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:06:19.0674 7448 RDPCDD - ok
16:06:19.0706 7448 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
16:06:19.0737 7448 RDPENCDD - ok
16:06:19.0768 7448 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
16:06:19.0799 7448 RDPREFMP - ok
16:06:19.0846 7448 RDPWD (c5b8d47a4688de9d335204ea757c2240) C:\Windows\system32\drivers\RDPWD.sys
16:06:19.0893 7448 RDPWD - ok
16:06:19.0955 7448 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
16:06:19.0986 7448 rdyboost - ok
16:06:20.0033 7448 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
16:06:20.0080 7448 RemoteAccess - ok
16:06:20.0111 7448 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
16:06:20.0158 7448 RemoteRegistry - ok
16:06:20.0267 7448 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files\CyberLink\Shared files\RichVideo.exe
16:06:20.0298 7448 RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:06:20.0298 7448 RichVideo - detected UnsignedFile.Multi.Generic (1)
16:06:20.0330 7448 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
16:06:20.0392 7448 RpcEptMapper - ok
16:06:20.0423 7448 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
16:06:20.0454 7448 RpcLocator - ok
16:06:20.0486 7448 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
16:06:20.0532 7448 RpcSs - ok
16:06:20.0564 7448 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
16:06:20.0642 7448 rspndr - ok
16:06:20.0688 7448 RSUSBSTOR (0340a381b920a6e68178b832889f33f8) C:\Windows\System32\Drivers\RtsUStor.sys
16:06:20.0704 7448 RSUSBSTOR - ok
16:06:20.0829 7448 rtl8192se (b5e9979fbb26fc059bd87a81f763d5da) C:\Windows\system32\DRIVERS\rtl8192se.sys
16:06:20.0876 7448 rtl8192se - ok
16:06:20.0907 7448 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
16:06:20.0922 7448 SamSs - ok
16:06:20.0969 7448 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
16:06:21.0000 7448 sbp2port - ok
16:06:21.0047 7448 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
16:06:21.0110 7448 SCardSvr - ok
16:06:21.0156 7448 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
16:06:21.0203 7448 scfilter - ok
16:06:21.0281 7448 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
16:06:21.0375 7448 Schedule - ok
16:06:21.0406 7448 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
16:06:21.0468 7448 SCPolicySvc - ok
16:06:21.0500 7448 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
16:06:21.0531 7448 SDRSVC - ok
16:06:21.0578 7448 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:06:21.0624 7448 secdrv - ok
16:06:21.0624 7448 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
16:06:21.0702 7448 seclogon - ok
16:06:21.0718 7448 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
16:06:21.0780 7448 SENS - ok
16:06:21.0812 7448 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
16:06:21.0874 7448 SensrSvc - ok
16:06:21.0890 7448 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
16:06:21.0921 7448 Serenum - ok
16:06:21.0983 7448 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
16:06:22.0014 7448 Serial - ok
16:06:22.0046 7448 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
16:06:22.0077 7448 sermouse - ok
16:06:22.0108 7448 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
16:06:22.0155 7448 SessionEnv - ok
16:06:22.0170 7448 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
16:06:22.0217 7448 sffdisk - ok
16:06:22.0248 7448 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:06:22.0280 7448 sffp_mmc - ok
16:06:22.0295 7448 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:06:22.0342 7448 sffp_sd - ok
16:06:22.0373 7448 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
16:06:22.0420 7448 sfloppy - ok
16:06:22.0482 7448 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
16:06:22.0560 7448 SharedAccess - ok
16:06:22.0623 7448 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
16:06:22.0670 7448 ShellHWDetection - ok
16:06:22.0716 7448 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
16:06:22.0732 7448 sisagp - ok
16:06:22.0748 7448 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:06:22.0763 7448 SiSRaid2 - ok
16:06:22.0794 7448 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
16:06:22.0810 7448 SiSRaid4 - ok
16:06:23.0060 7448 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:06:23.0122 7448 Skype C2C Service - ok
16:06:23.0200 7448 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) D:\Programme\Kommunikation\Skype\Updater\Updater.exe
16:06:23.0231 7448 SkypeUpdate - ok
16:06:23.0418 7448 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
16:06:23.0496 7448 Smb - ok
16:06:23.0559 7448 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
16:06:23.0606 7448 SNMPTRAP - ok
16:06:23.0668 7448 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
16:06:23.0699 7448 spldr - ok
16:06:23.0746 7448 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
16:06:23.0793 7448 Spooler - ok
16:06:23.0980 7448 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
16:06:24.0058 7448 sppsvc - ok
16:06:24.0183 7448 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
16:06:24.0230 7448 sppuinotify - ok
16:06:24.0308 7448 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
16:06:24.0370 7448 srv - ok
16:06:24.0417 7448 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
16:06:24.0464 7448 srv2 - ok
16:06:24.0495 7448 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
16:06:24.0542 7448 srvnet - ok
16:06:24.0588 7448 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
16:06:24.0682 7448 SSDPSRV - ok
16:06:24.0744 7448 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
16:06:24.0760 7448 ssmdrv - ok
16:06:24.0791 7448 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
16:06:24.0854 7448 SstpSvc - ok
16:06:24.0900 7448 ss_bus (54946449a0eb74915a4bb34f7ee51a5a) C:\Windows\system32\DRIVERS\ss_bus.sys
16:06:24.0932 7448 ss_bus - ok
16:06:24.0978 7448 ss_mdfl (4450bc0b2e9d7d9b90e3c3de4ea00a78) C:\Windows\system32\DRIVERS\ss_mdfl.sys
16:06:25.0010 7448 ss_mdfl - ok
16:06:25.0056 7448 ss_mdm (30b8d0dd01ead1243f329caf7d7d1517) C:\Windows\system32\DRIVERS\ss_mdm.sys
16:06:25.0072 7448 ss_mdm - ok
16:06:25.0103 7448 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
16:06:25.0119 7448 stexstor - ok
16:06:25.0197 7448 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
16:06:25.0275 7448 StiSvc - ok
16:06:25.0290 7448 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
16:06:25.0306 7448 swenum - ok
16:06:25.0353 7448 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
16:06:25.0431 7448 swprv - ok
16:06:25.0509 7448 SynTP (d776eb85a20696d9d43129ccf6e703e2) C:\Windows\system32\DRIVERS\SynTP.sys
16:06:25.0540 7448 SynTP - ok
16:06:25.0649 7448 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
16:06:25.0712 7448 SysMain - ok
16:06:25.0743 7448 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
16:06:25.0774 7448 TabletInputService - ok
16:06:25.0805 7448 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
16:06:25.0883 7448 TapiSrv - ok
16:06:25.0961 7448 tbhsd (d7f411c5af992bb44e86083a6aa7b045) C:\Windows\system32\drivers\tbhsd.sys
16:06:25.0992 7448 tbhsd - ok
16:06:26.0024 7448 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
16:06:26.0070 7448 TBS - ok
16:06:26.0242 7448 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys
16:06:26.0304 7448 Tcpip - ok
16:06:26.0554 7448 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys
16:06:26.0601 7448 TCPIP6 - ok
16:06:26.0741 7448 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
16:06:26.0819 7448 tcpipreg - ok
16:06:26.0835 7448 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
16:06:26.0882 7448 TDPIPE - ok
16:06:26.0897 7448 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
16:06:26.0928 7448 TDTCP - ok
16:06:26.0960 7448 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
16:06:27.0022 7448 tdx - ok
16:06:27.0287 7448 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
16:06:27.0350 7448 TeamViewer7 - ok
16:06:27.0474 7448 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
16:06:27.0506 7448 TermDD - ok
16:06:27.0552 7448 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
16:06:27.0646 7448 TermService - ok
16:06:27.0677 7448 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
16:06:27.0724 7448 Themes - ok
16:06:27.0755 7448 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
16:06:27.0802 7448 THREADORDER - ok
16:06:27.0833 7448 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
16:06:27.0880 7448 TrkWks - ok
16:06:27.0942 7448 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
16:06:27.0974 7448 TrustedInstaller - ok
16:06:28.0005 7448 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:06:28.0067 7448 tssecsrv - ok
16:06:28.0098 7448 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
16:06:28.0161 7448 tunnel - ok
16:06:28.0208 7448 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
16:06:28.0223 7448 uagp35 - ok
16:06:28.0254 7448 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
16:06:28.0332 7448 udfs - ok
16:06:28.0364 7448 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
16:06:28.0410 7448 UI0Detect - ok
16:06:28.0473 7448 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:06:28.0488 7448 uliagpkx - ok
16:06:28.0520 7448 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
16:06:28.0582 7448 umbus - ok
16:06:28.0629 7448 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
16:06:28.0660 7448 UmPass - ok
16:06:28.0941 7448 UNS (af905f4966cfc8b973623ab150cd4b2b) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:06:29.0003 7448 UNS - ok
16:06:29.0175 7448 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
16:06:29.0237 7448 upnphost - ok
16:06:29.0315 7448 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
16:06:29.0362 7448 USBAAPL - ok
16:06:29.0409 7448 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
16:06:29.0456 7448 usbccgp - ok
16:06:29.0502 7448 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
16:06:29.0534 7448 usbcir - ok
16:06:29.0580 7448 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
16:06:29.0627 7448 usbehci - ok
16:06:29.0674 7448 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
16:06:29.0736 7448 usbhub - ok
16:06:29.0768 7448 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
16:06:29.0799 7448 usbohci - ok
16:06:29.0830 7448 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
16:06:29.0892 7448 usbprint - ok
16:06:29.0924 7448 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:06:29.0970 7448 USBSTOR - ok
16:06:30.0002 7448 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
16:06:30.0033 7448 usbuhci - ok
16:06:30.0095 7448 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
16:06:30.0142 7448 usbvideo - ok
16:06:30.0173 7448 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
16:06:30.0236 7448 UxSms - ok
16:06:30.0267 7448 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
16:06:30.0298 7448 VaultSvc - ok
16:06:30.0329 7448 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:06:30.0345 7448 vdrvroot - ok
16:06:30.0407 7448 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
16:06:30.0454 7448 vds - ok
16:06:30.0501 7448 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
16:06:30.0532 7448 vga - ok
16:06:30.0563 7448 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
16:06:30.0626 7448 VgaSave - ok
16:06:30.0672 7448 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
16:06:30.0704 7448 vhdmp - ok
16:06:30.0766 7448 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
16:06:30.0797 7448 viaagp - ok
16:06:30.0813 7448 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
16:06:30.0844 7448 ViaC7 - ok
16:06:30.0875 7448 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
16:06:30.0906 7448 viaide - ok
16:06:30.0922 7448 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
16:06:30.0938 7448 volmgr - ok
16:06:31.0000 7448 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
16:06:31.0031 7448 volmgrx - ok
16:06:31.0078 7448 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
16:06:31.0094 7448 volsnap - ok
16:06:31.0203 7448 Vsdatant (6292c794ba68e0f46a6d45468461afe1) C:\Windows\system32\DRIVERS\vsdatant.sys
16:06:31.0250 7448 Vsdatant - ok
16:06:31.0312 7448 vsmon - ok
16:06:31.0343 7448 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
16:06:31.0374 7448 vsmraid - ok
16:06:31.0499 7448 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
16:06:31.0562 7448 VSS - ok
16:06:31.0577 7448 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
16:06:31.0624 7448 vwifibus - ok
16:06:31.0655 7448 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
16:06:31.0686 7448 vwififlt - ok
16:06:31.0733 7448 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
16:06:31.0780 7448 vwifimp - ok
16:06:31.0858 7448 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
16:06:31.0967 7448 W32Time - ok
16:06:31.0998 7448 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
16:06:32.0014 7448 WacomPen - ok
16:06:32.0061 7448 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
16:06:32.0123 7448 WANARP - ok
16:06:32.0123 7448 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
16:06:32.0170 7448 Wanarpv6 - ok
16:06:32.0295 7448 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
16:06:32.0373 7448 wbengine - ok
16:06:32.0420 7448 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
16:06:32.0466 7448 WbioSrvc - ok
16:06:32.0560 7448 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
16:06:32.0591 7448 WcesComm - ok
16:06:32.0638 7448 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
16:06:32.0700 7448 wcncsvc - ok
16:06:32.0747 7448 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
16:06:32.0794 7448 WcsPlugInService - ok
16:06:32.0856 7448 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
16:06:32.0888 7448 Wd - ok
16:06:32.0950 7448 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:06:32.0997 7448 Wdf01000 - ok
16:06:33.0044 7448 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:06:33.0106 7448 WdiServiceHost - ok
16:06:33.0106 7448 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
16:06:33.0137 7448 WdiSystemHost - ok
16:06:33.0184 7448 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
16:06:33.0246 7448 WebClient - ok
16:06:33.0293 7448 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
16:06:33.0356 7448 Wecsvc - ok
16:06:33.0371 7448 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
16:06:33.0402 7448 wercplsupport - ok
16:06:33.0449 7448 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
16:06:33.0480 7448 WerSvc - ok
16:06:33.0496 7448 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
16:06:33.0527 7448 WfpLwf - ok
16:06:33.0558 7448 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
16:06:33.0574 7448 WIMMount - ok
16:06:33.0699 7448 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
16:06:33.0777 7448 WinDefend - ok
16:06:33.0792 7448 WinHttpAutoProxySvc - ok
16:06:33.0855 7448 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
16:06:33.0933 7448 Winmgmt - ok
16:06:34.0042 7448 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
16:06:34.0136 7448 WinRM - ok
16:06:34.0214 7448 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
16:06:34.0245 7448 WinUsb - ok
16:06:34.0370 7448 WinVNC4 (f3edc9909a02e6bca863eb702d37b505) c:\Programme\Systemprogramme\RealVNC\VNC4\WinVNC4.exe
16:06:34.0401 7448 WinVNC4 - ok
16:06:34.0463 7448 WisLMSvc (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files\Launch Manager\WisLMSvc.exe
16:06:34.0479 7448 WisLMSvc - ok
16:06:34.0572 7448 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
16:06:34.0650 7448 Wlansvc - ok
16:06:34.0822 7448 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:06:34.0869 7448 wlidsvc - ok
16:06:35.0025 7448 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:06:35.0072 7448 WmiAcpi - ok
16:06:35.0134 7448 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
16:06:35.0196 7448 wmiApSrv - ok
16:06:35.0368 7448 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:06:35.0430 7448 WMPNetworkSvc - ok
16:06:35.0524 7448 WMZuneComm (017695393afffed8de58abd1b085be6d) C:\Program Files\Zune\WMZuneComm.exe
16:06:35.0571 7448 WMZuneComm - ok
16:06:35.0711 7448 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
16:06:35.0758 7448 WPCSvc - ok
16:06:35.0789 7448 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
16:06:35.0820 7448 WPDBusEnum - ok
16:06:35.0883 7448 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
16:06:35.0961 7448 ws2ifsl - ok
16:06:35.0992 7448 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\System32\wscsvc.dll
16:06:36.0023 7448 wscsvc - ok
16:06:36.0039 7448 WSearch - ok
16:06:36.0195 7448 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:06:36.0304 7448 wuauserv - ok
16:06:36.0460 7448 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
16:06:36.0554 7448 WudfPf - ok
16:06:36.0585 7448 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:06:36.0647 7448 WUDFRd - ok
16:06:36.0694 7448 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
16:06:36.0741 7448 wudfsvc - ok
16:06:36.0772 7448 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
16:06:36.0834 7448 WwanSvc - ok
16:06:37.0193 7448 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) C:\Program Files\Zune\ZuneNss.exe
16:06:37.0443 7448 ZuneNetworkSvc - ok
16:06:37.0568 7448 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
16:06:37.0614 7448 ZuneWlanCfgSvc - ok
16:06:37.0646 7448 MBR (0x1B8) (8a1c59e4dfef87510470928550466632) \Device\Harddisk0\DR0
16:06:40.0610 7448 \Device\Harddisk0\DR0 - ok
16:06:40.0625 7448 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1
16:06:43.0168 7448 \Device\Harddisk1\DR1 - ok
16:06:43.0184 7448 Boot (0x1200) (f31dc2512ad53822a7e28369d1c5e63f) \Device\Harddisk0\DR0\Partition0
16:06:43.0184 7448 \Device\Harddisk0\DR0\Partition0 - ok
16:06:43.0230 7448 Boot (0x1200) (880637bea931fe8c03abed6dd053f59b) \Device\Harddisk0\DR0\Partition1
16:06:43.0230 7448 \Device\Harddisk0\DR0\Partition1 - ok
16:06:43.0262 7448 Boot (0x1200) (41300ec0d0bbc9dab6d46fb8d03c5f51) \Device\Harddisk0\DR0\Partition2
16:06:43.0262 7448 \Device\Harddisk0\DR0\Partition2 - ok
16:06:43.0262 7448 Boot (0x1200) (ab965133ae643175db92613dfc0b7cf4) \Device\Harddisk1\DR1\Partition0
16:06:43.0262 7448 \Device\Harddisk1\DR1\Partition0 - ok
16:06:43.0262 7448 ============================================================
16:06:43.0262 7448 Scan finished
16:06:43.0262 7448 ============================================================
16:06:43.0277 3764 Detected object count: 2
16:06:43.0277 3764 Actual detected object count: 2
16:06:57.0739 3764 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
16:06:57.0739 3764 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:06:57.0739 3764 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:06:57.0739 3764 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich hoffe, dass das mit den Code-Tags so hingehauen hat.
Leider ist die Meldung "...roper0dun.exe..." immer noch vorhanden, die Links im Internet funktionieren aber schon einmal wieder!
Bis hierhin schon einmal DANKE!
Gruß
Thomas |
