Code:
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft) C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [BrowserMask] - C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101328 2012-08-14] (Microsoft)
MountPoints2: {43b27acf-ac7d-11df-95ad-806e6f6e6963} - G:\start.exe
MountPoints2: {4aa59d0a-ee64-11df-9942-001999734202} - L:\start.exe
MountPoints2: {7bc6dbf3-acaa-11df-b137-806e6f6e6963} - G:\Start.exe
MountPoints2: {c54fad6a-f27a-11e0-98ed-001999734202} - M:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {c54fad75-f27a-11e0-98ed-001999734202} - M:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-13] ()
AppInit_DLLs-x32: [0 ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=90d611e1-f6a9-44d1-84e5-d91cd0a6d099&searchtype=ds&q={searchTerms}&installDate=08/07/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=90d611e1-f6a9-44d1-84e5-d91cd0a6d099&searchtype=ds&q={searchTerms}&installDate=08/07/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0470E62C-C97E-4317-81E5-0774D8CBF7B7} hxxp://www.gfi.com/endpointscan/EndPointScan.cab
DPF: HKLM-x32 {7253A666-804A-1107-A4DC-00E04C504708} hxxp://98.126.13.202/bmc.cab
DPF: HKLM-x32 {7253A666-804A-1107-A4DC-00E04C504788} hxxp://server1.blue-mms.com/inc/bmc.cab
DPF: HKLM-x32 {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/asquared.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Khorasanzada\AppData\Roaming\Mozilla\Firefox\Profiles\pbz0ytug.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Khorasanzada\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Khorasanzada\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Khorasanzada\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] C:\Users\Khorasanzada\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Khorasanzada\AppData\Roaming\IDM\idmmzcc5
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] C:\Users\Khorasanzada\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Khorasanzada\AppData\Roaming\IDM\idmmzcc5
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Khorasanzada\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Khorasanzada\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Khorasanzada\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (avast! Ad Blocker) - C:\Users\KHORAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (IDM Integration) - C:\Users\KHORAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.17.4_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\KHORAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\HaDTMan.exe [384792 2010-09-24] (Fujitsu Technology Solutions)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-21] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-22] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-22] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 hcw85cir; C:\Windows\System32\drivers\hcw85cir3.sys [32768 2009-08-24] (Hauppauge Computer Works, Inc.)
S2 lirsgt; C:\Windows\SysWow64\DRIVERS\lirsgt.sys [18048 2011-05-03] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 ShredderVolumeDriver; C:\Windows\System32\Drivers\ShredderDriver64.sys [33152 2011-05-09] (ITOS)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S2 lirsgt; system32\DRIVERS\lirsgt.sys [x]
S3 nmwcdx64; system32\drivers\nmwcdx64.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]
U2 TMAgent;
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 0BAEFD3F648C6E7AB52990DD9565E4E2
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\Drivers\aswrdr2.sys 64E2BAB4096C13D2342BC4661C967E07
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 8C0800CDB501CFC1164B286A0478DC10
C:\Windows\System32\Drivers\aswSP.sys 3815DB16CDA62190F5C0A65118F3D714
C:\Windows\System32\Drivers\aswTdi.sys 29DD8E458A84171202AA4979364C30C0
C:\Windows\System32\Drivers\aswVmm.sys 22F521108881DC59837F6FC614E0568F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys B9430166FEB246F6070A62B3554932C9
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys 9A47AC3DFCF81D30922CDAAF1C2D579F
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbnet.sys 251AF86E0A4DDF3A6B181ED5103B06B1
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\GEARAspiWDM.sys 7508FCFB8D93556213F530DFFAEDEC45
C:\Windows\System32\drivers\HCW85BDA.sys CDF3E6F65007CE30845FF3CECF11773E
C:\Windows\System32\drivers\hcw85cir3.sys AF84E64405113B84CEA7B57FA6368DC7
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 4B5C07DB91A0099272FAAE732E1152BD
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbfake.sys 9C13A2691AC410CC7469F298684DCA5D
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 728D82A4A2A875F96AEF1F0A44B9A309
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys EE64207F2F5C20BFE5F73DB2566C4601
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\SysWow64\DRIVERS\lirsgt.sys 975B6CF65F44E95883F3855BAE8CECAF
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys FC1D590039EF06A381768710E6C07E75
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 8FB3C853E886E1E4D57271672486111C
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\System32\drivers\nvhda64v.sys 1F07B814C0BB5AABA703ABFF1F31F2E8
C:\Windows\System32\DRIVERS\nvlddmkm.sys AAF5559039E99D0CC22E25255F3DC06E
C:\Windows\System32\DRIVERS\nvmf6264.sys BD25E03EAD63AC3365F25175B4DBD56A
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\DRIVERS\nvstor64.sys EBFE363AAB0D6E4086ADBF04C41EBDF8
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ShredderDriver64.sys 153E31A70871F73EBEC85532F391F196
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys C692C94FE55CAD0633440236022C27B3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VClone.sys 84BB306B7863883018D7F3EB0C453BD5
C:\Windows\System32\DRIVERS\vcsvad.sys 3A4B01C2BDB07DFEF29B0B369487503A
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-24 20:32 - 2013-07-24 20:32 - 00000000 ___DC C:\FRST
2013-07-24 20:31 - 2013-07-24 20:32 - 01779761 _____ (Farbar) C:\Users\Khorasanzada\Downloads\FRST64.exe
2013-07-24 17:33 - 2013-07-24 17:33 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Registry Mechanic
2013-07-24 17:25 - 2013-07-24 17:25 - 00003212 _____ C:\Windows\System32\Tasks\{36B1A804-2669-4850-B978-8F52801DA213}
2013-07-23 23:18 - 2013-07-24 14:59 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\IDM
2013-07-23 23:18 - 2013-07-24 14:42 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\DMCache
2013-07-23 23:18 - 2013-07-24 14:01 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Compressed
2013-07-23 23:18 - 2013-07-23 23:18 - 00000000 ____D C:\ProgramData\IDM
2013-07-23 23:17 - 2013-07-24 13:14 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-07-23 23:17 - 2013-07-23 23:18 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2013-07-23 20:26 - 2013-07-23 20:26 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Opera
2013-07-22 20:11 - 2013-07-22 20:11 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-07-22 19:59 - 2013-07-24 17:00 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\vlc
2013-07-22 19:58 - 2013-07-22 19:58 - 00001062 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-07-22 19:55 - 2013-07-22 19:55 - 00001148 _____ C:\Users\Public\Desktop\DivX Plus Converter.lnk
2013-07-22 19:43 - 2013-07-22 19:43 - 00009412 _____ C:\Windows\SysWOW64\RunLegacyCPLElevated.exe.Z-missing.txt
2013-07-22 19:43 - 2013-07-22 19:43 - 00003174 _____ C:\Windows\System32\Tasks\{5A852D1B-B84D-447E-826E-F2A97E9D3720}
2013-07-22 19:38 - 2013-07-24 14:23 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-22 19:38 - 2013-07-24 14:23 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-22 19:38 - 2013-07-22 19:38 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-22 19:38 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-22 19:38 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-22 19:38 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-22 19:38 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-22 19:38 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-22 19:38 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-22 19:37 - 2013-07-22 19:37 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-22 19:37 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-22 19:36 - 2013-07-22 19:37 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-22 19:23 - 2013-07-22 19:23 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\PDF Architect
2013-07-22 18:40 - 2013-07-22 18:40 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\EZDownloader
2013-07-22 17:58 - 2013-07-22 17:58 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\Updater
2013-07-22 17:58 - 2013-07-22 17:58 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\AdobeStockPhotos
2013-07-22 17:54 - 2013-07-22 17:54 - 00003196 _____ C:\Windows\System32\Tasks\{0E8B80A5-4DBD-415D-9237-C991F82A758F}
2013-07-22 17:49 - 2004-08-17 02:40 - 00016384 _____ C:\Windows\SysWOW64\FileOps.exe
2013-07-22 17:44 - 2013-07-22 17:44 - 00003196 _____ C:\Windows\System32\Tasks\{CE201D5A-A75B-44F8-A11F-265E73CDDD65}
2013-07-22 17:30 - 2013-07-22 17:30 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-07-22 17:12 - 2013-07-22 17:12 - 00001075 _____ C:\Users\Khorasanzada\Desktop\AntiBrowserSpy.lnk
2013-07-22 17:12 - 2013-07-22 17:12 - 00000000 ____D C:\Program Files (x86)\AntiBrowserSpy
2013-07-22 16:18 - 2013-07-22 16:18 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-07-22 16:13 - 2013-07-22 16:13 - 00000000 ____D C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2013-07-21 14:28 - 2013-07-24 17:12 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-21 14:28 - 2013-07-22 16:14 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\WinZipper
2013-07-21 14:09 - 2013-07-21 14:09 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\Abelssoft
2013-07-20 22:23 - 2013-07-21 12:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-20 22:23 - 2013-07-21 12:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-20 22:17 - 2013-07-20 22:17 - 00000584 _____ C:\Windows\system32\TmInstall.log
2013-07-20 21:33 - 2013-07-20 22:12 - 00000000 ____D C:\Users\KHORAS~1\AppData\Local\Trend Micro
2013-07-20 21:30 - 2013-07-20 22:12 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-07-20 21:26 - 2013-07-20 22:13 - 00000000 ____D C:\ProgramData\Trend Micro
2013-07-20 21:09 - 2013-07-20 22:16 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-20 20:49 - 2013-07-20 20:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 20:48 - 2013-07-20 20:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-20 20:46 - 2013-07-20 20:46 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\DownLite
2013-07-20 20:43 - 2013-07-20 20:43 - 00000865 _____ C:\Users\Khorasanzada\Desktop\µTorrent.lnk
2013-07-20 20:43 - 2013-07-20 20:43 - 00000845 _____ C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-07-20 20:42 - 2013-07-22 21:18 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\uTorrent
2013-07-20 18:46 - 2013-07-20 18:46 - 00000000 ____C C:\autoexec.bat
2013-07-20 18:45 - 2013-07-20 18:45 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 18:44 - 2013-07-20 18:47 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 00:37 - 2013-07-20 00:37 - 00035116 _____ C:\Users\Khorasanzada\Downloads\Secret document reveals Afghan language policy.odt
2013-07-20 00:23 - 2013-07-20 00:24 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Islam. Sammlung
2013-07-19 21:14 - 2013-07-19 23:10 - 00000000 ____D C:\Users\Khorasanzada\Downloads\The Bitches
2013-07-19 14:06 - 2013-06-27 11:57 - 00172920 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2013-07-18 23:42 - 2013-07-21 21:49 - 00001075 _____ C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2013-07-18 22:11 - 2013-07-18 22:16 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Sport u. Ernährung
2013-07-17 18:42 - 2013-07-17 18:43 - 00000000 ____D C:\Windows\system32\MRT
2013-07-15 16:21 - 2013-07-15 16:21 - 00027569 _____ C:\Users\Khorasanzada\Downloads\Ashraf Ghani Ahmadzai.odt
2013-07-12 16:25 - 2013-07-12 16:25 - 00000000 ____D C:\ProgramData\Real
2013-07-11 09:04 - 2013-07-11 09:04 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-07-10 19:22 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 19:22 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 19:22 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 19:22 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 19:22 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 19:22 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 19:22 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 19:22 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 19:22 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 19:22 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 19:22 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:22 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 17:19 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 17:19 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 17:19 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 17:19 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 17:19 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 17:19 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 17:19 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-08 20:14 - 2013-07-08 20:14 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\my games
2013-07-08 20:12 - 2013-07-08 20:12 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-07-08 19:53 - 2013-07-08 19:53 - 00001069 _____ C:\Users\Khorasanzada\Desktop\Men of War.lnk
2013-07-08 19:47 - 2013-07-11 12:29 - 00000000 ____D C:\Program Files (x86)\1C
2013-07-08 15:27 - 2013-07-08 15:27 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Apowersoft
==================== One Month Modified Files and Folders =======
2013-07-24 20:32 - 2013-07-24 20:32 - 00000000 ___DC C:\FRST
2013-07-24 20:32 - 2013-07-24 20:31 - 01779761 _____ (Farbar) C:\Users\Khorasanzada\Downloads\FRST64.exe
2013-07-24 20:29 - 2011-08-13 18:42 - 07289505 _____ C:\Users\KHORAS~1\AppData\Local\census.cache
2013-07-24 20:24 - 2013-01-06 22:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 20:24 - 2011-08-13 18:40 - 00103068 _____ C:\Users\KHORAS~1\AppData\Local\ars.cache
2013-07-24 19:56 - 2013-02-12 12:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 19:55 - 2013-02-22 01:55 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001UA.job
2013-07-24 19:40 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 19:40 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 18:18 - 2011-12-09 17:26 - 00001869 _____ C:\Users\Khorasanzada\Desktop\Google Chrome.lnk
2013-07-24 17:36 - 2010-08-20 22:47 - 00000000 ____D C:\Users\KHORAS~1\AppData\Local\Adobe
2013-07-24 17:34 - 2013-01-06 22:51 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-24 17:34 - 2012-04-05 13:28 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-24 17:34 - 2012-01-12 15:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-24 17:33 - 2013-07-24 17:33 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Registry Mechanic
2013-07-24 17:25 - 2013-07-24 17:25 - 00003212 _____ C:\Windows\System32\Tasks\{36B1A804-2669-4850-B978-8F52801DA213}
2013-07-24 17:25 - 2012-02-19 18:29 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-24 17:13 - 2012-04-05 21:05 - 01835647 ____N C:\Windows\WindowsUpdate.log
2013-07-24 17:12 - 2013-07-21 14:28 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-24 17:12 - 2013-02-12 12:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 17:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 17:00 - 2013-07-22 19:59 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\vlc
2013-07-24 14:59 - 2013-07-23 23:18 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\IDM
2013-07-24 14:42 - 2013-07-23 23:18 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\DMCache
2013-07-24 14:23 - 2013-07-22 19:38 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-24 14:23 - 2013-07-22 19:38 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-24 14:01 - 2013-07-23 23:18 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Compressed
2013-07-24 13:56 - 2010-08-21 12:15 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-07-24 13:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-24 13:14 - 2013-07-23 23:17 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-07-24 13:07 - 2010-08-20 22:47 - 00000000 ____D C:\ProgramData\Adobe
2013-07-24 13:04 - 2011-05-24 23:13 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Adobe
2013-07-24 13:00 - 2011-06-17 22:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-24 10:55 - 2013-02-22 01:55 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001Core.job
2013-07-23 23:18 - 2013-07-23 23:18 - 00000000 ____D C:\ProgramData\IDM
2013-07-23 23:18 - 2013-07-23 23:17 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2013-07-23 21:43 - 2009-07-14 04:34 - 00000403 _____ C:\Windows\win.ini
2013-07-23 20:26 - 2013-07-23 20:26 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Opera
2013-07-23 13:09 - 2012-05-18 13:36 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-07-22 21:19 - 2010-08-21 16:52 - 00002700 _____ C:\Users\Khorasanzada\Dokumente\cc_20100821_165221.reg
2013-07-22 21:18 - 2013-07-20 20:42 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\uTorrent
2013-07-22 20:11 - 2013-07-22 20:11 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-07-22 20:00 - 2010-08-21 13:59 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-22 20:00 - 2010-08-21 13:59 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 19:58 - 2013-07-22 19:58 - 00001062 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-07-22 19:56 - 2011-04-22 22:41 - 00001619 _____ C:\Users\Khorasanzada\Desktop\DivX Movies.lnk
2013-07-22 19:56 - 2010-12-13 15:22 - 00000000 ____D C:\Program Files (x86)\DivX
2013-07-22 19:56 - 2010-12-13 15:20 - 00000000 ____D C:\ProgramData\DivX
2013-07-22 19:55 - 2013-07-22 19:55 - 00001148 _____ C:\Users\Public\Desktop\DivX Plus Converter.lnk
2013-07-22 19:55 - 2012-06-30 21:31 - 00001108 _____ C:\Users\Public\Desktop\DivX Plus Player.lnk
2013-07-22 19:55 - 2010-12-13 15:29 - 00000000 ____D C:\Program Files\DivX
2013-07-22 19:43 - 2013-07-22 19:43 - 00009412 _____ C:\Windows\SysWOW64\RunLegacyCPLElevated.exe.Z-missing.txt
2013-07-22 19:43 - 2013-07-22 19:43 - 00003174 _____ C:\Windows\System32\Tasks\{5A852D1B-B84D-447E-826E-F2A97E9D3720}
2013-07-22 19:38 - 2013-07-22 19:38 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-22 19:38 - 2013-07-22 19:38 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-22 19:38 - 2013-07-22 19:38 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-22 19:37 - 2013-07-22 19:37 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-22 19:37 - 2013-07-22 19:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-22 19:23 - 2013-07-22 19:23 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\PDF Architect
2013-07-22 18:51 - 2013-01-04 04:53 - 00000000 ____D C:\Windows\pss
2013-07-22 18:44 - 2010-08-20 20:11 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-07-22 18:40 - 2013-07-22 18:40 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\EZDownloader
2013-07-22 17:58 - 2013-07-22 17:58 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\Updater
2013-07-22 17:58 - 2013-07-22 17:58 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\AdobeStockPhotos
2013-07-22 17:58 - 2010-08-20 19:15 - 00000000 ___RD C:\Users\Khorasanzada\Dokumente
2013-07-22 17:54 - 2013-07-22 17:54 - 00003196 _____ C:\Windows\System32\Tasks\{0E8B80A5-4DBD-415D-9237-C991F82A758F}
2013-07-22 17:44 - 2013-07-22 17:44 - 00003196 _____ C:\Windows\System32\Tasks\{CE201D5A-A75B-44F8-A11F-265E73CDDD65}
2013-07-22 17:30 - 2013-07-22 17:30 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-07-22 17:12 - 2013-07-22 17:12 - 00001075 _____ C:\Users\Khorasanzada\Desktop\AntiBrowserSpy.lnk
2013-07-22 17:12 - 2013-07-22 17:12 - 00000000 ____D C:\Program Files (x86)\AntiBrowserSpy
2013-07-22 16:18 - 2013-07-22 16:18 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-07-22 16:14 - 2013-07-21 14:28 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\WinZipper
2013-07-22 16:13 - 2013-07-22 16:13 - 00000000 ____D C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2013-07-21 21:49 - 2013-07-18 23:42 - 00001075 _____ C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2013-07-21 21:49 - 2012-02-14 22:13 - 00001045 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 21:49 - 2011-12-09 17:26 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-07-21 21:49 - 2010-08-20 19:16 - 00001009 _____ C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-21 18:14 - 2010-08-21 05:05 - 00000000 ____D C:\Windows\PANTHER
2013-07-21 14:09 - 2013-07-21 14:09 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\Abelssoft
2013-07-21 14:09 - 2011-11-21 21:02 - 00001173 _____ C:\Users\Public\Desktop\YouTube Song Downloader.lnk
2013-07-21 14:09 - 2011-11-21 21:02 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-07-21 14:09 - 2011-11-21 21:02 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-07-21 14:09 - 2011-07-23 18:12 - 00000000 ____D C:\Users\KHORAS~1\AppData\Local\Abelssoft
2013-07-21 12:38 - 2013-07-20 22:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-21 12:38 - 2013-07-20 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-21 12:38 - 2012-04-05 13:30 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-20 22:17 - 2013-07-20 22:17 - 00000584 _____ C:\Windows\system32\TmInstall.log
2013-07-20 22:16 - 2013-07-20 21:09 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-20 22:13 - 2013-07-20 21:26 - 00000000 ____D C:\ProgramData\Trend Micro
2013-07-20 22:12 - 2013-07-20 21:33 - 00000000 ____D C:\Users\KHORAS~1\AppData\Local\Trend Micro
2013-07-20 22:12 - 2013-07-20 21:30 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-07-20 21:30 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-20 20:48 - 2013-07-20 20:49 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 20:48 - 2013-07-20 20:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 20:48 - 2013-07-20 20:48 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-20 20:48 - 2012-06-30 13:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-20 20:48 - 2010-08-23 17:00 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-20 20:46 - 2013-07-20 20:46 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\DownLite
2013-07-20 20:43 - 2013-07-20 20:43 - 00000865 _____ C:\Users\Khorasanzada\Desktop\µTorrent.lnk
2013-07-20 20:43 - 2013-07-20 20:43 - 00000845 _____ C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-07-20 18:47 - 2013-07-20 18:44 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 18:46 - 2013-07-20 18:46 - 00000000 ____C C:\autoexec.bat
2013-07-20 18:45 - 2013-07-20 18:45 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 18:24 - 2012-03-20 17:53 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Dreck
2013-07-20 16:03 - 2010-08-20 22:45 - 00000000 ____D C:\DeskUpdate.tmp
2013-07-20 12:50 - 2010-08-21 00:34 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-07-20 00:46 - 2013-02-10 14:20 - 00057397 _____ C:\Users\Khorasanzada\Downloads\paschtunischer Terror - Pashtunisierung.odt
2013-07-20 00:44 - 2012-06-08 21:27 - 00036972 _____ C:\Users\Khorasanzada\Downloads\PAKISTAN-AFGHANISTANDAWOODKHAN.odt
2013-07-20 00:43 - 2013-02-10 14:20 - 00036105 _____ C:\Users\Khorasanzada\Downloads\Taliban und ihr Zug nach Norden.odt
2013-07-20 00:37 - 2013-07-20 00:37 - 00035116 _____ C:\Users\Khorasanzada\Downloads\Secret document reveals Afghan language policy.odt
2013-07-20 00:33 - 2011-09-15 13:54 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Khorasan
2013-07-20 00:24 - 2013-07-20 00:23 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Islam. Sammlung
2013-07-19 23:10 - 2013-07-19 21:14 - 00000000 ____D C:\Users\Khorasanzada\Downloads\The Bitches
2013-07-18 23:34 - 2010-08-20 19:16 - 00000000 ___RD C:\Users\Khorasanzada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-18 23:30 - 2012-08-29 14:37 - 00000000 ____D C:\Program Files (x86)\Brother
2013-07-18 23:30 - 2010-08-20 19:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-18 23:26 - 2010-11-05 17:01 - 00001013 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-18 23:26 - 2010-08-20 19:36 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-07-18 22:58 - 2011-10-22 13:09 - 00000000 ____D C:\Users\Khorasanzada\Tamim
2013-07-18 22:51 - 2010-08-20 19:15 - 00000000 ____D C:\Users\Khorasanzada
2013-07-18 22:50 - 2010-08-21 13:33 - 00000000 ____D C:\Users\Khorasanzada\Samim
2013-07-18 22:16 - 2013-07-18 22:11 - 00000000 ____D C:\Users\Khorasanzada\Downloads\Sport u. Ernährung
2013-07-18 21:07 - 2010-10-16 19:34 - 00000000 ____D C:\Users\KHORAS~1\AppData\Local\Windows Live
2013-07-17 18:43 - 2013-07-17 18:42 - 00000000 ____D C:\Windows\system32\MRT
2013-07-17 18:38 - 2010-08-20 22:46 - 00001149 _____ C:\Users\Public\Desktop\DeskUpdate.lnk
2013-07-15 16:21 - 2013-07-15 16:21 - 00027569 _____ C:\Users\Khorasanzada\Downloads\Ashraf Ghani Ahmadzai.odt
2013-07-13 10:51 - 2013-02-12 12:02 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 10:51 - 2013-02-12 12:02 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 10:50 - 2013-02-22 01:55 - 00004132 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001UA
2013-07-13 10:50 - 2013-02-22 01:55 - 00003736 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001Core
2013-07-12 16:25 - 2013-07-12 16:25 - 00000000 ____D C:\ProgramData\Real
2013-07-11 12:29 - 2013-07-08 19:47 - 00000000 ____D C:\Program Files (x86)\1C
2013-07-11 09:04 - 2013-07-11 09:04 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-07-10 20:13 - 2013-03-16 04:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 20:13 - 2013-03-16 04:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 20:13 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 20:13 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 20:13 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 19:27 - 2010-08-21 05:05 - 00707324 _____ C:\Windows\system32\perfh007.dat
2013-07-10 19:27 - 2010-08-21 05:05 - 00152916 _____ C:\Windows\system32\perfc007.dat
2013-07-10 19:27 - 2009-07-14 07:13 - 01663308 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-08 20:14 - 2013-07-08 20:14 - 00000000 ____D C:\Users\Khorasanzada\Dokumente\my games
2013-07-08 20:12 - 2013-07-08 20:12 - 00000000 ____D C:\Program Files (x86)\1C Company
2013-07-08 19:53 - 2013-07-08 19:53 - 00001069 _____ C:\Users\Khorasanzada\Desktop\Men of War.lnk
2013-07-08 15:27 - 2013-07-08 15:27 - 00000000 ____D C:\Users\Khorasanzada\AppData\Roaming\Apowersoft
2013-07-08 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2013-07-04 21:02 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-04 13:24 - 2010-08-20 19:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 11:57 - 2013-07-19 14:06 - 00172920 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2013-06-24 00:57 - 2010-08-20 19:58 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\ProgramData\ntuser.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=C:
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {fa8addc0-acd0-11df-9009-df3f2cf18d3f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {fa8addc2-acd0-11df-9009-df3f2cf18d3f}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {fa8addc0-acd0-11df-9009-df3f2cf18d3f}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {fa8addc2-acd0-11df-9009-df3f2cf18d3f}
device ramdisk=[C:]\Recovery\fa8addc2-acd0-11df-9009-df3f2cf18d3f\Winre.wim,{fa8addc3-acd0-11df-9009-df3f2cf18d3f}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\fa8addc2-acd0-11df-9009-df3f2cf18d3f\Winre.wim,{fa8addc3-acd0-11df-9009-df3f2cf18d3f}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {fa8addc0-acd0-11df-9009-df3f2cf18d3f}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {fa8addc3-acd0-11df-9009-df3f2cf18d3f}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\fa8addc2-acd0-11df-9009-df3f2cf18d3f\boot.sdi
LastRegBack: 2013-07-23 12:41
==================== End Of Log ============================ Code:
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
µTorrent (HKCU Version: 3.3.1.29812)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
AntiBrowserSpy (x32 Version: 4.0.110)
avast! Ad Blocker (x32 Version: 1.0.0.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.42)
D3DX10 (x32 Version: 15.4.2368.0902)
DeskUpdate (x32 Version: 4.14.0122)
DivX-Setup (x32 Version: 2.6.1.44)
eaner (Version: 4.03)
ElsterFormular für Privatanwender (x32 Version: 13.2.0.8623p)
EPSON Copy Utility 3 (x32 Version: 3.1.5.0)
EPSON File Manager (x32 Version: 1.1.0.0)
EPSON Image Clip Palette (x32 Version: 1.02.00)
EPSON Scan (x32)
EPSON Scan Assistant (x32 Version: 1.10.00)
FileWing Pro (x32 Version: 2.3)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
Google Chrome (HKCU Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
Internet Download Manager (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
Men of War (Nur entfernen) (x32 Version: 1.0.2.0)
Men of War patch Version 1.17.5.1 (x32 Version: 1.17.5.1)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.3)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (x32 Version: 9.09.0814)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Paltalk Messenger 10.2 (x32 Version: 10.2.0)
PDF Architect (x32 Version: 1.1.83.9982)
Picasa 3 (x32 Version: 3.9)
POIbase 1.041 (x32)
PVSonyDll (Version: 1.00.0001)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5953)
Skype™ 5.10 (x32 Version: 5.10.116)
Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0)
swMSM (x32 Version: 12.0.0.1)
SystemDiagnostics (x32 Version: 3.02.0010)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VirtualCloneDrive (x32)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 5.00 beta 7 (64-bit) (Version: 5.00.7)
WinZipper (x32 Version: 1.4.8)
Yahoo! Messenger (x32)
YouTube Song Downloader (x32 Version: 8.2)
==================== Restore Points =========================
24-07-2013 11:19:25 Windows Update
24-07-2013 15:05:25 Panda ZAcccess init
24-07-2013 15:13:01 Panda ZAcccess Cleanup
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-07-24 16:54 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 google-analytics.com
==================== Scheduled Tasks (whitelisted) =============
Task: {13CB4D35-4C1B-4C2D-9609-6899D1B8AE6C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {2D7DB19E-A12E-4BD8-9245-42CD5D446BA9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {2E3957F4-1F7A-4F1B-93B2-DBF4E4F22A33} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001Core => C:\Users\Khorasanzada\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-02] (Google Inc.)
Task: {7868A7CC-4C1C-412B-918C-9A25180814D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28] (Google Inc.)
Task: {80B2DB78-120B-4CC3-9F04-02153DC80BA0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-64600392-19469391-1865109702-1001
Task: {8C470DD6-1FDD-466D-AA15-052F134CD3AC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {91193B73-E658-42B0-BC6A-F9E9C98989AD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {91BE0421-445D-40B5-AA6B-808A5FEFB67D} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {A71746F2-C25C-409A-8E9C-081EC523CAD8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24] (Adobe Systems Incorporated)
Task: {BC5DC250-66F0-4A05-8026-1801C00311DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001UA => C:\Users\Khorasanzada\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-02] (Google Inc.)
Task: {C423D20A-3360-4ED6-AF8A-E27FC0C4C642} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28] (Google Inc.)
Task: {C81D0E07-3DA4-4542-BFBB-11E356AF2914} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {E75A15F5-1338-4BB7-A3EF-546A499A53B2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {EBD5B1EF-9802-4813-883E-13E2BB527D29} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [2013-05-17] (Fujitsu Technology Solutions)
Task: {EE36F17C-1069-4ED5-BB3F-F97CDA1F656F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001Core.job => C:\Users\Khorasanzada\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64600392-19469391-1865109702-1001UA.job => C:\Users\Khorasanzada\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/24/2013 04:20:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0xed8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:20:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x4a0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:20:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:20:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0xf3c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:19:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x604
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:19:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x1140
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:18:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/24/2013 04:18:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce6c3
ID des fehlerhaften Prozesses: 0x13e0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (07/23/2013 10:50:34 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/23/2013 10:50:34 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (07/24/2013 06:21:29 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "KHORASANZADA-PC" auf Transport "NetBT_Tcpip_{6DB7F341-449E-49C2-9C9A-F4E8AB6DCE06}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (07/24/2013 06:21:21 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "KHORASANZADA-PC" auf Transport "NetBT_Tcpip_{6DB7F341-449E-49C2-9C9A-F4E8AB6DCE06}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (07/24/2013 05:09:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/24/2013 05:09:40 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/24/2013 04:54:24 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (07/24/2013 04:44:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/24/2013 04:44:43 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/24/2013 02:38:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/24/2013 02:38:32 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lirsgt.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/24/2013 02:38:09 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 24.07.2013 um 14:33:43 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (07/24/2013 04:20:53 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3ed801ce8878fbdd7404C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll3f0fefa4-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:20:42 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c34a001ce8878f55ff444C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll387840c4-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:20:22 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c385801ce8878e96f8ec4C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll2ca46bc4-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:20:05 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3f3c01ce8878d0e1d63cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll2292b924-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:19:13 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c360401ce8878c3b4d9dcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll03aaf6fc-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:19:08 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3114001ce887897e6964cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll002e535c-f46c-11e2-81de-001999734202
Error: (07/24/2013 04:18:57 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c365001ce8878b9a1621cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dllf9b5965c-f46b-11e2-81de-001999734202
Error: (07/24/2013 04:18:37 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1663551b7a921ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c313e001ce88786c36fa64C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dlledf2f79c-f46b-11e2-81de-001999734202
Error: (07/23/2013 10:50:34 AM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (07/23/2013 10:50:34 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
CodeIntegrity Errors:
===================================
Date: 2013-07-21 15:51:40.278
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:40.278
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:33.819
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:33.819
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:08.703
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:08.703
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:07.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:07.767
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:00.903
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-21 15:51:00.903
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 4094.42 MB
Available physical RAM: 2512.84 MB
Total Pagefile: 8187.03 MB
Available Pagefile: 6552.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:889.64 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32 (Disk=1 Partition=1)
Drive e: () (Fixed) (Total:40 GB) (Free:39.87 GB) NTFS (Disk=1 Partition=2)
Drive f: () (Fixed) (Total:15 GB) (Free:15 GB) FAT32 (Disk=1 Partition=3)
Drive g: (GS0113DVD16) (CDROM) (Total:7.04 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1883EF77)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 241C6624)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================ Ich hoffe, dass das erstmal reicht :)
Was ich vergessen habe zu erwähnen ist, dass heute einmal mein Microsoft Security Essential deaktiviert war nach einem Neustart... vlt hilft das auch bei der Problembehandlung? |