| |
| |||||||
Log-Analyse und Auswertung: Trojan.Generic.7017515 von BitDefender nicht löschbar!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.12.2011, 12:34
| #1 |
 |  Trojan.Generic.7017515 von BitDefender nicht löschbar! Hallo, habe heute mehrere Meldungen bekommen, dass ein Virus blockiert wurde. Dann hab ich gescannt und es wurde der Trojan.Generic.7017515 gefunden. Jedoch kann BitDefender 2011 den Virus nicht löschen und sagt, dass mein PC nicht Virusfrei ist. Was soll ich tun? LG, binom Hier die Lof File von BitDefender: BitDefender Log File Product: BitDefender Internet Security 2011 Scanning task: QuickScan Log date: Donnerstag, 8. Dezember 2011 12:10:22 Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\da29f7c8-23b1-4974-8d11-209959ac694b\1323342462_1_03.xml Scan paths: Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll Path : C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll [-]Scan Results Summary [-]Remaining issues:Object Path Threat Name Final Status QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll Trojan.Generic.7017515 QuickScan:C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll Trojan.Generic.7017515 [-]Detailed Scan Summary [-]Basic Scanned items: 6049 Infected items: 7 Suspect items: 0 (no suspected items have been detected) Resolved items: 0 (infected or suspect items have been found and were ignored or could not be fixed) Unresolved items: 7 [-]Advanced Scan time: 00: 02: 40 Files per second: 37 Skipped items: 10668 Password-protected items: 0 Over-compressed items: 0 Scanned archives: 0 Input-output errors: 0 Scanned boot sectors: 4 Scanned processes: 2822 Infected processes: 0 Scanned registry keys: 1983 Infected registry keys: 0 Scanned cookies: 13 Infected cookies: 0 [-]Scan Options [-]Target Threat Types: Scan for viruses: Yes Scan for adware: Yes Scan for spyware: Yes Scan for applications: Yes Scan for dialers: Yes Scan for rootkits: Yes Scan for keyloggers: Yes [-]Virus Scanning Options: Scan registry keys: Yes Scan cookies: Yes Scan boot sectors: Yes Scan memory processes: Yes Scan archives: Yes Scan runtime packers: Yes Scan e-mails: Yes Scan all files: Yes Heuristic Scan: Yes Scanned extensions: not configured Excluded extensions: not configured [-]Target Processing: Default first action for infected objects: Disinfect Default second action for infected objects: Move files to quarantine Default first action for suspect objects : Move files to quarantine Default second action for suspicious objects: None Default action for hidden objects: Disinfect Default action for password-protected objects: Log only [-]Scan Engines Summary Virus signatures: 7818210 |
|
08.12.2011, 16:15
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojan.Generic.7017515 von BitDefender nicht löschbar! Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ |
|
10.12.2011, 13:33
| #3 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! Hallo Arne,
__________________Danke für die Antwort! Ich habe beides wie beschrieben laufen lassen, dabei wurde jedoch nichts entdeckt. War wohl ein Fehlalarm? Hier die Logs: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 8334 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 08.12.2011 17:50:44 mbam-log-2011-12-08 (17-50-43).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Durchsuchte Objekte: 340061 Laufzeit: 1 Stunde(n), 6 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=d352799febc32d4f9ca541efc38a0990 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-10 12:20:43 # local_time=2011-12-10 01:20:43 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 16053010 75148776 0 0 # compatibility_mode=8192 67108863 100 0 3961 3961 0 0 # scanned=288 # found=0 # cleaned=0 # scan_time=717 Gruß, binom |
|
10.12.2011, 13:35
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.7017515 von BitDefender nicht löschbar! CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.12.2011, 14:42
| #5 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! Hi, hier ist der Inhalt aus OTL.txt. Was hat das zu bedeuten? LG, binomOTL Logfile: Code:
ATTFilter OTL logfile created on: 10.12.2011 13:51:45 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Buttercreme\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.91 Gb Total Physical Memory | 2.61 Gb Available Physical Memory | 66.92% Memory free 7.81 Gb Paging File | 6.44 Gb Available in Paging File | 82.50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.99 Gb Total Space | 147.93 Gb Free Space | 51.73% Space Free | Partition Type: NTFS Computer Name: BUTTERCREME-PC | User Name: Buttercreme | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.10 13:43:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buttercreme\Desktop\OTL.exe PRC - [2011.06.01 22:18:58 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.06.01 22:19:18 | 002,660,624 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV) SRV:64bit: - [2011.06.01 22:18:29 | 000,053,224 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv) SRV:64bit: - [2010.11.30 06:18:06 | 000,467,248 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server) SRV:64bit: - [2010.10.28 11:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.07.01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.04 14:11:12 | 000,310,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.12.04 13:57:54 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.07.27 14:48:26 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:64bit: - [2011.03.24 14:36:22 | 000,431,176 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.29 13:14:36 | 001,186,272 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf) DRV:64bit: - [2010.11.29 13:14:30 | 000,591,968 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.09.13 17:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.08.24 18:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2010.08.24 18:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2010.08.20 17:42:04 | 000,099,408 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf) DRV:64bit: - [2010.08.20 14:42:08 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys -- (Bdfndisf) DRV:64bit: - [2010.05.13 15:52:08 | 000,162,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (bdfm) DRV:64bit: - [2009.09.15 19:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R) DRV:64bit: - [2009.09.02 18:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.01 05:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.07.01 05:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.07.01 05:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.07.01 05:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 14:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.05.16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm) DRV:64bit: - [2008.05.16 11:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV:64bit: - [2008.05.16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV:64bit: - [2008.05.16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex) DRV:64bit: - [2008.05.16 11:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV:64bit: - [2008.05.16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl) DRV:64bit: - [2008.05.16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV:64bit: - [2000.01.01 01:00:00 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "spiegel.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT\ [2011.10.12 22:36:55 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDTBEXT\ [2011.10.12 22:36:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.21 14:00:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011.10.12 22:36:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.15 16:57:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.10 12:05:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.29 14:34:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.29 14:34:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.12.08 11:00:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011.10.12 22:36:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.21 14:00:38 | 000,000,000 | ---D | M] [2011.01.14 17:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buttercreme\AppData\Roaming\mozilla\Extensions [2011.01.14 16:57:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buttercreme\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.12.07 21:36:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Buttercreme\AppData\Roaming\mozilla\Firefox\Profiles\jyanruaq.default\extensions [2011.01.14 17:23:42 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\Buttercreme\AppData\Roaming\mozilla\Firefox\Profiles\jyanruaq.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42} [2011.01.31 00:29:09 | 000,000,873 | ---- | M] () -- C:\Users\Buttercreme\AppData\Roaming\Mozilla\Firefox\Profiles\jyanruaq.default\searchplugins\conduit.xml [2011.11.10 12:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.01.14 17:01:06 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{988DA70D-B78D-44A1-A9C7-ED11832A9E2E}.XPI () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI () (No name found) -- C:\USERS\BUTTERCREME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JYANRUAQ.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2011.11.10 12:05:27 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 04:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.09.16 21:59:18 | 000,170,064 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011.10.01 18:31:42 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.01 18:31:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.01 18:31:42 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.01 18:31:42 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.01 18:31:42 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.01 18:31:42 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Buttercreme\AppData\Local\Google\Chrome\Application\9.0.597.98\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Buttercreme\AppData\Local\Google\Chrome\Application\9.0.597.98\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Buttercreme\AppData\Local\Google\Chrome\Application\9.0.597.98\gcswf32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Buttercreme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Buttercreme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe (BitDefender S.R.L.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Buttercreme\Desktop\PartyGammon.lnk File not found O9 - Extra 'Tools' menuitem : PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Buttercreme\Desktop\PartyGammon.lnk File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Buttercreme\Desktop\PartyPoker.lnk File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Buttercreme\Desktop\PartyPoker.lnk File not found O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CEB5226-0693-44DF-A25D-AE9E471D65F2}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig:64bit - StartUpFolder: C:^Users^Buttercreme^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\BUTTER~1\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) MsConfig:64bit - StartUpFolder: C:^Users^Buttercreme^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hot Corners.lnk - - File not found MsConfig:64bit - StartUpFolder: C:^Users^Buttercreme^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk - - File not found MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AmIcoSinglun64 - hkey= - key= - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: DivX Download Manager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) MsConfig:64bit - StartUpReg: hpqSRMon - hkey= - key= - File not found MsConfig:64bit - StartUpReg: openvpn-gui - hkey= - key= - C:\Program Files (x86)\OpenVPN\bin\openvpn-gui.exe () MsConfig:64bit - StartUpReg: PLFSetI - hkey= - key= - C:\Windows\PLFSetI.exe () MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - File not found MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - File not found MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: US30Sys.sys - Driver SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: US30Sys.sys - Driver SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.12.10 13:43:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Buttercreme\Desktop\OTL.exe [2011.12.10 13:05:51 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Cosmic_Cowboys_-_Notre_Jour_Viendra_(MGF019)-WEB-2011 [2011.12.10 13:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011.12.08 16:42:44 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\AppData\Roaming\Malwarebytes [2011.12.08 16:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.12.08 16:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.12.08 16:42:06 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.12.08 16:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.12.08 13:40:15 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Ruede_Hagelstein_and_The_Noblettes-A_Priori-(SOUVENIR040)-WEB-2011 [2011.12.08 13:32:43 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Andy_Kohlmann-Lilopo_Dancer-(DJS0261)-WEB-2011 [2011.12.07 00:17:00 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Moby - Lie Down In Darkness Bundle 2 (IDIOT014D3) [2011] [2011.12.06 23:47:22 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Darkside - darkside EP [2011.12.06 22:57:59 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Fairmont-3_Cities_EP-(TRAUMV130)-WEB-2010 [2011.12.06 14:53:40 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Turmspringer-Eminor_28-(EMINOR28)-WEB-2011 [2011.12.06 14:44:47 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Krause_Duo_feat_Ian_Simmonds-Hell_On_Earth-(MK034)-WEB-2011 [2011.12.06 14:39:52 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\VA--Tour_De_Traum_II_Mixed_By_Riley_Reinhold-(TRAUMCD23)-WEB-2011 [2011.12.06 14:13:51 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Veitengruber-Junk_EP-(8BIT040)-WEB-2011 [2011.12.06 14:07:10 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Mark_Romboy_and_kINK-Sampledelics_Vol.1-(OVM218)-WEB-2011 [2011.12.06 13:43:06 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Freund_Der_Familie-The_Symbian_Remixes-(FDF005)-WEB-2011 [2011.12.06 12:49:36 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Ryan_Davis-The_Wolve_Remixes_Part_1__David_Durango_Remix-(IRM019)-WEB-2011 [2011.12.04 16:35:03 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Solomun-Something_We_All_Adore-(SPN020)-WEB-2011 [2011.12.04 13:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701 - Der Fluch des Drachen [2011.12.04 13:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701 [2011.12.04 13:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anno 1701 [2011.12.03 23:48:25 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\The.Green.Wave.German.AC3.DVDRip.XviD-DiSTRiCT [2011.12.02 10:16:28 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\AppData\Local\DDMSettings [2011.11.29 13:21:00 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Florence & The Machine - [2009] Lungs [2011.11.25 12:53:19 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Philip_Bader-Good_For_Nothing-(HIGHGRADE106D)-WEB-2011 [2011.11.25 12:48:34 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Basti_Grub-Feat._Friends_EP-(MOVIDA007)-WEB-2011 [2011.11.25 12:37:23 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Philipp Weihn [2011.11.23 01:58:37 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Robag_Wrühme-Donnerkuppel-(KOM233)-WEB-2011 [2011.11.21 15:35:24 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Axel_Bartsch--Experiment_Musik-(SPORTCLUB27)-WEB-2011 [2011.11.21 15:02:42 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Ripperton-Lost_In_Colors-(SYST00153)-WEB-2011 [2011.11.21 14:51:49 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Florence And The Machine - Ceremonials [2011.11.18 11:53:49 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Dillon-This_Silence_Kills-(BPC244)-WEB-2011 [2011.11.18 11:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.11.15 16:54:26 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Minilogue-Cycles_EP-(ENEMY017)-WEB-2011 [2011.11.15 16:41:02 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Boris_Brejcha_-_Ruhrschussel-(HHMA0368)-WEB-2011 [2011.11.15 16:35:47 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Trentemøller-Reworked__Remixed-(IMR07CDBP)-WEB-2011 [2011.11.15 15:32:30 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\Marek_Hemmann--Infinity_EP-(FAT053)-WEB-2011 [2011.11.15 14:58:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.11.13 13:41:04 | 000,000,000 | ---D | C] -- C:\Users\Buttercreme\Desktop\SIS_-_Rote_Liebe_002-(RL002)-WEB-2011 ========== Files - Modified Within 30 Days ========== [2011.12.10 13:51:01 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.12.10 13:43:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Buttercreme\Desktop\OTL.exe [2011.12.10 12:56:00 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.10 12:56:00 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.10 12:48:54 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.12.10 12:48:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.10 12:47:41 | 3144,871,936 | -HS- | M] () -- C:\hiberfil.sys [2011.12.08 15:20:11 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.12.08 15:20:11 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.12.08 15:20:11 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.12.08 15:20:11 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.12.08 15:20:11 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.12.08 12:39:14 | 004,199,411 | ---- | M] () -- C:\Users\Buttercreme\Desktop\117 - when saints go machine - kelly.mp3 [2011.12.06 23:48:24 | 012,249,088 | ---- | M] () -- C:\Users\Buttercreme\Desktop\05 Always By Your Side (Nicolas Jaar 'Big' Version).mp3 [2011.12.04 14:11:12 | 000,310,984 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.12.04 13:57:54 | 000,042,696 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.11.17 13:51:40 | 000,204,648 | ---- | M] () -- C:\Users\Buttercreme\Documents\Studienbescheinigungyou.pdf [2011.11.14 15:49:12 | 006,117,504 | ---- | M] () -- C:\Users\Buttercreme\Desktop\Depeche Mode - Blasphemous Rumours.mp3 [2011.11.10 17:56:34 | 085,307,976 | ---- | M] () -- C:\Users\Buttercreme\Desktop\S. Shepherd - Space Ace.mp3 ========== Files Created - No Company Name ========== [2011.12.08 12:39:12 | 004,199,411 | ---- | C] () -- C:\Users\Buttercreme\Desktop\117 - when saints go machine - kelly.mp3 [2011.12.06 23:48:12 | 012,249,088 | ---- | C] () -- C:\Users\Buttercreme\Desktop\05 Always By Your Side (Nicolas Jaar 'Big' Version).mp3 [2011.12.04 13:53:18 | 000,310,984 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.12.04 13:53:17 | 000,042,696 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.11.17 13:51:39 | 000,204,648 | ---- | C] () -- C:\Users\Buttercreme\Documents\Studienbescheinigungyou.pdf [2011.11.14 15:49:03 | 006,117,504 | ---- | C] () -- C:\Users\Buttercreme\Desktop\Depeche Mode - Blasphemous Rumours.mp3 [2011.11.10 17:55:53 | 085,307,976 | ---- | C] () -- C:\Users\Buttercreme\Desktop\S. Shepherd - Space Ace.mp3 [2011.10.25 22:54:22 | 000,000,375 | ---- | C] () -- C:\Users\Buttercreme\AppData\Local\postgresinstall.bat [2011.10.25 22:45:48 | 001,591,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.01 14:29:49 | 000,587,473 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2011.02.28 13:27:15 | 000,003,584 | ---- | C] () -- C:\Users\Buttercreme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.25 18:13:01 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2011.01.21 13:46:59 | 000,180,835 | ---- | C] () -- C:\Windows\hppins20.dat [2011.01.21 13:46:58 | 000,006,259 | ---- | C] () -- C:\Windows\hppmdl20.dat [2011.01.19 17:25:29 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2011.01.19 17:25:29 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2011.01.19 17:25:29 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2011.01.19 17:25:29 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2011.01.18 17:32:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.07.08 08:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe [2009.09.02 18:52:46 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.06.03 18:14:52 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009.06.03 18:14:52 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009.06.03 18:14:52 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2002.09.18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe ========== LOP Check ========== [2011.05.06 13:26:31 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\BitDefender [2011.06.11 21:50:38 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Canneverbe Limited [2011.12.09 15:44:38 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Dropbox [2011.05.30 15:44:53 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Duden [2011.08.09 14:02:26 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoft [2011.01.24 15:05:30 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.25 18:13:08 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\FreeAudioPack [2011.06.27 23:43:19 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Gutscheinmieze [2011.05.16 10:43:00 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\ImgBurn [2011.01.19 13:39:23 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Leadertech [2011.08.03 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\LyX2.0 [2011.01.25 17:55:16 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\mp3DirectCut [2011.04.01 14:30:50 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\QuickScan [2011.01.14 16:57:58 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Thunderbird [2011.09.12 19:00:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.01.17 15:12:45 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Adobe [2011.10.29 20:45:13 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Apple Computer [2011.05.06 13:26:31 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\BitDefender [2011.06.11 21:50:38 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Canneverbe Limited [2011.06.02 08:34:29 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\DivX [2011.12.09 15:44:38 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Dropbox [2011.05.30 15:44:53 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Duden [2011.11.30 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\dvdcss [2011.08.09 14:02:26 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoft [2011.01.24 15:05:30 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.25 18:13:08 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\FreeAudioPack [2011.06.27 23:43:19 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Gutscheinmieze [2011.01.21 14:03:37 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\HP [2011.01.14 15:31:08 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Identities [2011.05.16 10:43:00 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\ImgBurn [2011.01.19 17:25:05 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\InstallShield [2011.07.20 15:22:15 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Intel Corporation [2011.01.19 13:39:23 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Leadertech [2011.01.19 13:36:56 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Logishrd [2011.01.19 13:39:35 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Logitech [2011.08.03 16:33:39 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\LyX2.0 [2011.01.14 17:02:12 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Macromedia [2011.12.08 16:42:44 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Malwarebytes [2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Media Center Programs [2011.08.22 23:21:35 | 000,000,000 | --SD | M] -- C:\Users\Buttercreme\AppData\Roaming\Microsoft [2011.01.14 17:01:20 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Mozilla [2011.07.04 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Mozilla-Cache [2011.01.25 17:55:16 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\mp3DirectCut [2011.11.06 16:40:03 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\NCH Software [2011.04.01 14:30:50 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\QuickScan [2011.10.28 17:21:10 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Skype [2011.07.05 12:56:01 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\skypePM [2011.01.14 16:57:58 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Thunderbird [2011.08.02 20:06:49 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\vlc [2011.07.22 13:11:48 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Winamp [2011.01.19 14:20:19 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Buttercreme\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011.05.25 21:07:42 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Buttercreme\AppData\Roaming\Dropbox\bin\Uninstall.exe [2011.08.01 11:02:03 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}\ARPPRODUCTICON.exe [2011.08.01 11:02:03 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}\NewShortcut1_D216F3B2761946D6B253BD0528BFB287.exe [2011.08.01 11:02:03 | 000,335,872 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}\NewShortcut2_D216F3B2761946D6B253BD0528BFB287.exe [2011.08.01 11:02:03 | 000,073,728 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}\NewShortcut5_D216F3B2761946D6B253BD0528BFB287.exe [2011.08.01 11:02:03 | 000,069,632 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}\NewShortcut7_D216F3B2761946D6B253BD0528BFB287.exe [2011.01.19 13:39:22 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2011.02.18 11:38:16 | 000,010,134 | R--- | M] () -- C:\Users\Buttercreme\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > [2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Buttercreme\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110720T133524016914\internal_ide_channel\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Buttercreme\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110720T133524016914\pci\cc_010601\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2010.11.30 06:18:08 | 000,007,840 | ---- | M] () MD5=701074DC5B0399CCE49A8E1A4D4EF88C -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\lib\eventlog.dll < MD5 for: IASTOR.SYS > [2010.09.13 17:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > < End of report > |
|
12.12.2011, 10:11
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.7017515 von BitDefender nicht löschbar! Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
[2011.01.31 00:29:09 | 000,000,873 | ---- | M] () -- C:\Users\Buttercreme\AppData\Roaming\Mozilla\Firefox\Profiles\jyanruaq.default\searchplugins\conduit.xml
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O9 - Extra Button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Buttercreme\Desktop\PartyGammon.lnk File not found
O9 - Extra 'Tools' menuitem : PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Buttercreme\Desktop\PartyGammon.lnk File not found
O9 - O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Buttercreme\Desktop\PartyPoker.lnk File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Buttercreme\Desktop\PartyPoker.lnk File not found
MsConfig:64bit - StartUpFolder: C:^Users^Buttercreme^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hot Corners.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Buttercreme^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk - - File not found
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
[2011.06.27 23:43:19 | 000,000,000 | ---D | M] -- C:\Users\Buttercreme\AppData\Roaming\Gutscheinmieze
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ --> Trojan.Generic.7017515 von BitDefender nicht löschbar! |
|
12.12.2011, 11:35
| #7 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! Hallo Arne, habe den fix durchgeführt und hier ist die log datei. LG,binom All processes killed ========== OTL ========== Prefs.js: "Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: false removed from browser.search.suggest.enabled C:\Users\Buttercreme\AppData\Roaming\Mozilla\Firefox\Profiles\jyanruaq.default\searchplugins\conduit.xml moved successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{59A861EE-32B3-42cd-8CCA-FC130EDF3A44}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59A861EE-32B3-42cd-8CCA-FC130EDF3A44}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{59A861EE-32B3-42cd-8CCA-FC130EDF3A44}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59A861EE-32B3-42cd-8CCA-FC130EDF3A44}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\WinampAgent\ not found. C:\Users\Buttercreme\AppData\Roaming\Gutscheinmieze folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: binom ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Buttercreme ->Temp folder emptied: 4466685524 bytes ->Temporary Internet Files folder emptied: 93391521 bytes ->Java cache emptied: 275274 bytes ->FireFox cache emptied: 43420962 bytes ->Google Chrome cache emptied: 10503631 bytes ->Flash cache emptied: 42252 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 210703703 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67807 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 4.602,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 12122011_112628 Files\Folders moved on Reboot... C:\Users\Buttercreme\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... |
|
12.12.2011, 13:04
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.7017515 von BitDefender nicht löschbar! Bitte nun (im normalen Modus!) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2011, 15:18
| #9 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! hi arne, hab nun auch den TDSS-Killer wie angegeben ausgeführt. unten steht der log. lg, binom 15:13:12.0230 4052 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 15:13:14.0242 4052 ============================================================ 15:13:14.0242 4052 Current date / time: 2011/12/12 15:13:14.0242 15:13:14.0242 4052 SystemInfo: 15:13:14.0242 4052 15:13:14.0242 4052 OS Version: 6.1.7601 ServicePack: 1.0 15:13:14.0242 4052 Product type: Workstation 15:13:14.0242 4052 ComputerName: BUTTERCREME-PC 15:13:14.0242 4052 UserName: Buttercreme 15:13:14.0242 4052 Windows directory: C:\Windows 15:13:14.0242 4052 System windows directory: C:\Windows 15:13:14.0242 4052 Running under WOW64 15:13:14.0242 4052 Processor architecture: Intel x64 15:13:14.0242 4052 Number of processors: 2 15:13:14.0242 4052 Page size: 0x1000 15:13:14.0242 4052 Boot type: Normal boot 15:13:14.0242 4052 ============================================================ 15:13:15.0334 4052 Initialize success 15:14:32.0976 2008 ============================================================ 15:14:32.0976 2008 Scan started 15:14:32.0976 2008 Mode: Manual; SigCheck; TDLFS; 15:14:32.0976 2008 ============================================================ 15:14:35.0331 2008 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 15:14:35.0487 2008 1394ohci - ok 15:14:35.0596 2008 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:14:35.0643 2008 ACPI - ok 15:14:35.0706 2008 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:14:35.0784 2008 AcpiPmi - ok 15:14:35.0971 2008 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:14:36.0018 2008 adp94xx - ok 15:14:36.0127 2008 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:14:36.0205 2008 adpahci - ok 15:14:36.0330 2008 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:14:36.0376 2008 adpu320 - ok 15:14:36.0439 2008 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 15:14:36.0548 2008 AFD - ok 15:14:36.0657 2008 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:14:36.0704 2008 agp440 - ok 15:14:36.0766 2008 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:14:36.0813 2008 aliide - ok 15:14:36.0922 2008 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:14:36.0969 2008 amdide - ok 15:14:37.0016 2008 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:14:37.0094 2008 AmdK8 - ok 15:14:37.0172 2008 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:14:37.0266 2008 AmdPPM - ok 15:14:37.0375 2008 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:14:37.0437 2008 amdsata - ok 15:14:37.0468 2008 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:14:37.0515 2008 amdsbs - ok 15:14:37.0624 2008 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:14:37.0671 2008 amdxata - ok 15:14:37.0749 2008 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS 15:14:37.0843 2008 AmUStor - ok 15:14:37.0952 2008 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:14:38.0077 2008 AppID - ok 15:14:38.0202 2008 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:14:38.0248 2008 arc - ok 15:14:38.0280 2008 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:14:38.0326 2008 arcsas - ok 15:14:38.0436 2008 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:14:38.0560 2008 AsyncMac - ok 15:14:38.0607 2008 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:14:38.0654 2008 atapi - ok 15:14:38.0794 2008 atksgt (f88ef61bcd43addf2c9555430c16cd96) C:\Windows\system32\DRIVERS\atksgt.sys 15:14:38.0919 2008 atksgt - ok 15:14:39.0060 2008 avc3 (34fc546a5c13dae1aa07defd579effe7) C:\Windows\system32\DRIVERS\avc3.sys 15:14:39.0106 2008 avc3 - ok 15:14:39.0294 2008 avckf (8a1fafe409b3d24d55be62bfc8ecec8e) C:\Windows\system32\DRIVERS\avckf.sys 15:14:39.0372 2008 avckf - ok 15:14:39.0496 2008 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:14:39.0559 2008 b06bdrv - ok 15:14:39.0684 2008 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:14:39.0777 2008 b57nd60a - ok 15:14:39.0933 2008 bdfm (57a812537b752e2b0409576120183e4f) C:\Windows\system32\DRIVERS\bdfm.sys 15:14:39.0964 2008 bdfm - ok 15:14:40.0120 2008 Bdfndisf (7afb43894a9bcea183ebca27d2baa48c) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 15:14:40.0152 2008 Bdfndisf - ok 15:14:40.0276 2008 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys 15:14:40.0339 2008 bdfsfltr - ok 15:14:40.0479 2008 bdfwfpf (37e7491ca07ab737e68d655d658e1e94) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys 15:14:40.0526 2008 bdfwfpf - ok 15:14:40.0620 2008 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:14:40.0744 2008 Beep - ok 15:14:40.0869 2008 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:14:40.0947 2008 blbdrive - ok 15:14:41.0010 2008 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:14:41.0088 2008 bowser - ok 15:14:41.0197 2008 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:14:41.0275 2008 BrFiltLo - ok 15:14:41.0368 2008 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:14:41.0431 2008 BrFiltUp - ok 15:14:41.0462 2008 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:14:41.0540 2008 Brserid - ok 15:14:41.0618 2008 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:14:41.0680 2008 BrSerWdm - ok 15:14:41.0774 2008 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:14:41.0883 2008 BrUsbMdm - ok 15:14:42.0008 2008 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:14:42.0070 2008 BrUsbSer - ok 15:14:42.0117 2008 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 15:14:42.0195 2008 BthEnum - ok 15:14:42.0273 2008 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:14:42.0351 2008 BTHMODEM - ok 15:14:42.0476 2008 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:14:42.0585 2008 BthPan - ok 15:14:42.0710 2008 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys 15:14:42.0804 2008 BTHPORT - ok 15:14:42.0897 2008 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys 15:14:42.0975 2008 BTHUSB - ok 15:14:43.0038 2008 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 15:14:43.0069 2008 btusbflt - ok 15:14:43.0194 2008 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys 15:14:43.0240 2008 btwaudio - ok 15:14:43.0287 2008 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys 15:14:43.0334 2008 btwavdt - ok 15:14:43.0490 2008 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 15:14:43.0521 2008 btwl2cap - ok 15:14:43.0568 2008 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys 15:14:43.0599 2008 btwrchid - ok 15:14:43.0708 2008 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:14:43.0818 2008 cdfs - ok 15:14:43.0958 2008 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 15:14:44.0036 2008 cdrom - ok 15:14:44.0145 2008 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:14:44.0239 2008 circlass - ok 15:14:44.0317 2008 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:14:44.0379 2008 CLFS - ok 15:14:44.0504 2008 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:14:44.0566 2008 CmBatt - ok 15:14:44.0629 2008 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:14:44.0660 2008 cmdide - ok 15:14:44.0785 2008 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 15:14:44.0863 2008 CNG - ok 15:14:44.0956 2008 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:14:45.0003 2008 Compbatt - ok 15:14:45.0066 2008 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 15:14:45.0112 2008 CompositeBus - ok 15:14:45.0206 2008 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:14:45.0237 2008 crcdisk - ok 15:14:45.0315 2008 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 15:14:45.0378 2008 CSC - ok 15:14:45.0518 2008 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:14:45.0643 2008 DfsC - ok 15:14:45.0674 2008 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:14:45.0768 2008 discache - ok 15:14:45.0877 2008 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:14:45.0924 2008 Disk - ok 15:14:46.0002 2008 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 15:14:46.0048 2008 Dot4 - ok 15:14:46.0158 2008 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys 15:14:46.0220 2008 Dot4Print - ok 15:14:46.0267 2008 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 15:14:46.0345 2008 dot4usb - ok 15:14:46.0438 2008 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:14:46.0501 2008 drmkaud - ok 15:14:46.0641 2008 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:14:46.0719 2008 DXGKrnl - ok 15:14:46.0906 2008 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:14:47.0078 2008 ebdrv - ok 15:14:47.0328 2008 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:14:47.0374 2008 elxstor - ok 15:14:47.0484 2008 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:14:47.0546 2008 ErrDev - ok 15:14:47.0671 2008 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:14:47.0796 2008 exfat - ok 15:14:47.0811 2008 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:14:47.0905 2008 fastfat - ok 15:14:47.0998 2008 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:14:48.0139 2008 fdc - ok 15:14:48.0264 2008 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:14:48.0310 2008 FileInfo - ok 15:14:48.0326 2008 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:14:48.0435 2008 Filetrace - ok 15:14:48.0529 2008 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:14:48.0576 2008 flpydisk - ok 15:14:48.0638 2008 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:14:48.0685 2008 FltMgr - ok 15:14:48.0794 2008 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:14:48.0841 2008 FsDepends - ok 15:14:48.0856 2008 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 15:14:48.0872 2008 Fs_Rec - ok 15:14:48.0997 2008 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:14:49.0059 2008 fvevol - ok 15:14:49.0090 2008 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:14:49.0122 2008 gagp30kx - ok 15:14:49.0293 2008 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:14:49.0356 2008 hcw85cir - ok 15:14:49.0480 2008 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 15:14:49.0574 2008 HdAudAddService - ok 15:14:49.0652 2008 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 15:14:49.0730 2008 HDAudBus - ok 15:14:49.0808 2008 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:14:49.0855 2008 HidBatt - ok 15:14:49.0886 2008 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:14:49.0933 2008 HidBth - ok 15:14:49.0964 2008 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:14:50.0011 2008 HidIr - ok 15:14:50.0104 2008 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:14:50.0182 2008 HidUsb - ok 15:14:50.0338 2008 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:14:50.0385 2008 HpSAMD - ok 15:14:50.0463 2008 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:14:50.0572 2008 HTTP - ok 15:14:50.0666 2008 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:14:50.0713 2008 hwpolicy - ok 15:14:50.0806 2008 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 15:14:50.0869 2008 i8042prt - ok 15:14:50.0994 2008 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys 15:14:51.0056 2008 iaStor - ok 15:14:51.0196 2008 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:14:51.0259 2008 iaStorV - ok 15:14:51.0508 2008 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:14:51.0789 2008 igfx - ok 15:14:51.0914 2008 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:14:51.0961 2008 iirsp - ok 15:14:52.0179 2008 IntcAzAudAddService (404561d4ee0cae109379a40247046b03) C:\Windows\system32\drivers\RTKVHD64.sys 15:14:52.0288 2008 IntcAzAudAddService - ok 15:14:52.0398 2008 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:14:52.0444 2008 intelide - ok 15:14:52.0491 2008 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:14:52.0554 2008 intelppm - ok 15:14:52.0663 2008 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:14:52.0788 2008 IpFilterDriver - ok 15:14:52.0834 2008 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:14:52.0928 2008 IPMIDRV - ok 15:14:53.0022 2008 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:14:53.0115 2008 IPNAT - ok 15:14:53.0224 2008 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:14:53.0302 2008 IRENUM - ok 15:14:53.0349 2008 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:14:53.0396 2008 isapnp - ok 15:14:53.0505 2008 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:14:53.0568 2008 iScsiPrt - ok 15:14:53.0614 2008 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:14:53.0630 2008 kbdclass - ok 15:14:53.0739 2008 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:14:53.0817 2008 kbdhid - ok 15:14:53.0864 2008 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 15:14:53.0895 2008 KSecDD - ok 15:14:54.0004 2008 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 15:14:54.0051 2008 KSecPkg - ok 15:14:54.0082 2008 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:14:54.0176 2008 ksthunk - ok 15:14:54.0301 2008 L1C (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys 15:14:54.0348 2008 L1C - ok 15:14:54.0504 2008 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys 15:14:54.0550 2008 LHidFilt - ok 15:14:54.0597 2008 lirsgt (8e4ca9afd55ef6b509c80a8715abf8c6) C:\Windows\system32\DRIVERS\lirsgt.sys 15:14:54.0644 2008 lirsgt - ok 15:14:54.0769 2008 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:14:54.0878 2008 lltdio - ok 15:14:54.0940 2008 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys 15:14:54.0956 2008 LMouFilt - ok 15:14:55.0081 2008 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:14:55.0128 2008 LSI_FC - ok 15:14:55.0143 2008 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:14:55.0174 2008 LSI_SAS - ok 15:14:55.0284 2008 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:14:55.0330 2008 LSI_SAS2 - ok 15:14:55.0362 2008 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:14:55.0408 2008 LSI_SCSI - ok 15:14:55.0502 2008 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:14:55.0611 2008 luafv - ok 15:14:55.0627 2008 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:14:55.0658 2008 megasas - ok 15:14:55.0752 2008 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:14:55.0814 2008 MegaSR - ok 15:14:55.0861 2008 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:14:55.0954 2008 Modem - ok 15:14:56.0064 2008 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:14:56.0142 2008 monitor - ok 15:14:56.0251 2008 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:14:56.0298 2008 mouclass - ok 15:14:56.0313 2008 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:14:56.0376 2008 mouhid - ok 15:14:56.0485 2008 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:14:56.0532 2008 mountmgr - ok 15:14:56.0594 2008 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:14:56.0641 2008 mpio - ok 15:14:56.0672 2008 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:14:56.0766 2008 mpsdrv - ok 15:14:56.0890 2008 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:14:56.0953 2008 MRxDAV - ok 15:14:57.0000 2008 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:14:57.0078 2008 mrxsmb - ok 15:14:57.0187 2008 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:14:57.0265 2008 mrxsmb10 - ok 15:14:57.0327 2008 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:14:57.0374 2008 mrxsmb20 - ok 15:14:57.0499 2008 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:14:57.0546 2008 msahci - ok 15:14:57.0592 2008 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:14:57.0655 2008 msdsm - ok 15:14:57.0764 2008 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:14:57.0842 2008 Msfs - ok 15:14:57.0889 2008 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:14:57.0982 2008 mshidkmdf - ok 15:14:58.0092 2008 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:14:58.0138 2008 msisadrv - ok 15:14:58.0248 2008 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:14:58.0357 2008 MSKSSRV - ok 15:14:58.0450 2008 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:14:58.0575 2008 MSPCLOCK - ok 15:14:58.0606 2008 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:14:58.0684 2008 MSPQM - ok 15:14:58.0809 2008 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:14:58.0872 2008 MsRPC - ok 15:14:58.0918 2008 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 15:14:58.0965 2008 mssmbios - ok 15:14:59.0059 2008 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:14:59.0168 2008 MSTEE - ok 15:14:59.0184 2008 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:14:59.0246 2008 MTConfig - ok 15:14:59.0340 2008 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:14:59.0386 2008 Mup - ok 15:14:59.0511 2008 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:14:59.0589 2008 NativeWifiP - ok 15:14:59.0745 2008 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 15:14:59.0808 2008 NDIS - ok 15:14:59.0901 2008 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:14:59.0995 2008 NdisCap - ok 15:15:00.0104 2008 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:15:00.0198 2008 NdisTapi - ok 15:15:00.0307 2008 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:15:00.0416 2008 Ndisuio - ok 15:15:00.0447 2008 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:15:00.0541 2008 NdisWan - ok 15:15:00.0650 2008 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:15:00.0759 2008 NDProxy - ok 15:15:00.0822 2008 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:15:00.0900 2008 NetBIOS - ok 15:15:01.0024 2008 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:15:01.0134 2008 NetBT - ok 15:15:01.0477 2008 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys 15:15:01.0773 2008 NETw5s64 - ok 15:15:02.0023 2008 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 15:15:02.0288 2008 netw5v64 - ok 15:15:02.0382 2008 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:15:02.0428 2008 nfrd960 - ok 15:15:02.0553 2008 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:15:02.0662 2008 Npfs - ok 15:15:02.0678 2008 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:15:02.0756 2008 nsiproxy - ok 15:15:02.0928 2008 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:15:03.0021 2008 Ntfs - ok 15:15:03.0115 2008 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:15:03.0240 2008 Null - ok 15:15:03.0364 2008 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:15:03.0411 2008 nvraid - ok 15:15:03.0442 2008 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:15:03.0474 2008 nvstor - ok 15:15:03.0505 2008 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:15:03.0536 2008 nv_agp - ok 15:15:03.0692 2008 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:15:03.0770 2008 ohci1394 - ok 15:15:03.0926 2008 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:15:03.0988 2008 Parport - ok 15:15:04.0035 2008 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 15:15:04.0066 2008 partmgr - ok 15:15:04.0129 2008 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:15:04.0176 2008 pci - ok 15:15:04.0285 2008 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:15:04.0332 2008 pciide - ok 15:15:04.0363 2008 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:15:04.0394 2008 pcmcia - ok 15:15:04.0488 2008 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:15:04.0550 2008 pcw - ok 15:15:04.0581 2008 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:15:04.0722 2008 PEAUTH - ok 15:15:04.0924 2008 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:15:05.0034 2008 PptpMiniport - ok 15:15:05.0080 2008 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:15:05.0127 2008 Processor - ok 15:15:05.0252 2008 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:15:05.0377 2008 Psched - ok 15:15:05.0533 2008 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:15:05.0611 2008 ql2300 - ok 15:15:05.0720 2008 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:15:05.0782 2008 ql40xx - ok 15:15:05.0798 2008 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:15:05.0860 2008 QWAVEdrv - ok 15:15:05.0938 2008 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:15:06.0048 2008 RasAcd - ok 15:15:06.0126 2008 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:15:06.0219 2008 RasAgileVpn - ok 15:15:06.0313 2008 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:15:06.0422 2008 Rasl2tp - ok 15:15:06.0531 2008 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:15:06.0640 2008 RasPppoe - ok 15:15:06.0734 2008 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:15:06.0859 2008 RasSstp - ok 15:15:06.0906 2008 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:15:06.0984 2008 rdbss - ok 15:15:07.0077 2008 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:15:07.0155 2008 rdpbus - ok 15:15:07.0171 2008 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:15:07.0264 2008 RDPCDD - ok 15:15:07.0374 2008 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 15:15:07.0452 2008 RDPDR - ok 15:15:07.0561 2008 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:15:07.0670 2008 RDPENCDD - ok 15:15:07.0686 2008 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:15:07.0764 2008 RDPREFMP - ok 15:15:07.0888 2008 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 15:15:07.0935 2008 RdpVideoMiniport - ok 15:15:07.0998 2008 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 15:15:08.0107 2008 RDPWD - ok 15:15:08.0216 2008 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:15:08.0278 2008 rdyboost - ok 15:15:08.0356 2008 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:15:08.0434 2008 RFCOMM - ok 15:15:08.0559 2008 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:15:08.0668 2008 rspndr - ok 15:15:08.0700 2008 s0016bus (ea268bce30691c2dd24f02e617fd2eb5) C:\Windows\system32\DRIVERS\s0016bus.sys 15:15:08.0731 2008 s0016bus - ok 15:15:08.0824 2008 s0016mdfl (f5f9deb89996d333ef976624d37e24e3) C:\Windows\system32\DRIVERS\s0016mdfl.sys 15:15:08.0871 2008 s0016mdfl - ok 15:15:08.0902 2008 s0016mdm (c17ce2aee67480febcc36eccb54c0be8) C:\Windows\system32\DRIVERS\s0016mdm.sys 15:15:08.0934 2008 s0016mdm - ok 15:15:09.0043 2008 s0016mgmt (cc267f04c54c5ec5b7bd658d7628469f) C:\Windows\system32\DRIVERS\s0016mgmt.sys 15:15:09.0090 2008 s0016mgmt - ok 15:15:09.0121 2008 s0016nd5 (30a35bbce09d9fe67482fd62c61911fc) C:\Windows\system32\DRIVERS\s0016nd5.sys 15:15:09.0152 2008 s0016nd5 - ok 15:15:09.0261 2008 s0016obex (ca394dcc38579c7ad82e83ee64d798a0) C:\Windows\system32\DRIVERS\s0016obex.sys 15:15:09.0308 2008 s0016obex - ok 15:15:09.0370 2008 s0016unic (eb267ccea84e6e8598d92f73332ac67b) C:\Windows\system32\DRIVERS\s0016unic.sys 15:15:09.0417 2008 s0016unic - ok 15:15:09.0526 2008 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 15:15:09.0589 2008 s3cap - ok 15:15:09.0636 2008 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:15:09.0667 2008 sbp2port - ok 15:15:09.0729 2008 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:15:09.0807 2008 scfilter - ok 15:15:09.0932 2008 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:15:10.0041 2008 secdrv - ok 15:15:10.0072 2008 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:15:10.0119 2008 Serenum - ok 15:15:10.0213 2008 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:15:10.0260 2008 Serial - ok 15:15:10.0306 2008 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:15:10.0338 2008 sermouse - ok 15:15:10.0462 2008 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:15:10.0525 2008 sffdisk - ok 15:15:10.0540 2008 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:15:10.0603 2008 sffp_mmc - ok 15:15:10.0696 2008 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:15:10.0774 2008 sffp_sd - ok 15:15:10.0806 2008 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:15:10.0852 2008 sfloppy - ok 15:15:10.0962 2008 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:15:11.0008 2008 SiSRaid2 - ok 15:15:11.0040 2008 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:15:11.0086 2008 SiSRaid4 - ok 15:15:11.0196 2008 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:15:11.0274 2008 Smb - ok 15:15:11.0320 2008 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:15:11.0352 2008 spldr - ok 15:15:11.0492 2008 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:15:11.0570 2008 srv - ok 15:15:11.0695 2008 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:15:11.0788 2008 srv2 - ok 15:15:11.0820 2008 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:15:11.0898 2008 srvnet - ok 15:15:12.0022 2008 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:15:12.0054 2008 stexstor - ok 15:15:12.0132 2008 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 15:15:12.0178 2008 storflt - ok 15:15:12.0303 2008 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 15:15:12.0350 2008 storvsc - ok 15:15:12.0459 2008 SWDUMon (0cd5e2c59264fad184685d2a61ad8473) C:\Windows\system32\DRIVERS\SWDUMon.sys 15:15:12.0506 2008 SWDUMon - ok 15:15:12.0553 2008 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 15:15:12.0600 2008 swenum - ok 15:15:12.0709 2008 Synth3dVsc - ok 15:15:12.0834 2008 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 15:15:12.0943 2008 Tcpip - ok 15:15:13.0099 2008 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 15:15:13.0177 2008 TCPIP6 - ok 15:15:13.0286 2008 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:15:13.0395 2008 tcpipreg - ok 15:15:13.0442 2008 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:15:13.0520 2008 TDPIPE - ok 15:15:13.0614 2008 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 15:15:13.0723 2008 TDTCP - ok 15:15:13.0832 2008 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:15:13.0957 2008 tdx - ok 15:15:13.0988 2008 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 15:15:14.0035 2008 TermDD - ok 15:15:14.0175 2008 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:15:14.0269 2008 tssecsrv - ok 15:15:14.0316 2008 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:15:14.0347 2008 TsUsbFlt - ok 15:15:14.0409 2008 tsusbhub - ok 15:15:14.0487 2008 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:15:14.0596 2008 tunnel - ok 15:15:14.0690 2008 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:15:14.0737 2008 uagp35 - ok 15:15:14.0815 2008 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:15:14.0924 2008 udfs - ok 15:15:15.0049 2008 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:15:15.0096 2008 uliagpkx - ok 15:15:15.0142 2008 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 15:15:15.0174 2008 umbus - ok 15:15:15.0267 2008 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:15:15.0330 2008 UmPass - ok 15:15:15.0486 2008 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 15:15:15.0548 2008 usbccgp - ok 15:15:15.0595 2008 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:15:15.0673 2008 usbcir - ok 15:15:15.0782 2008 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:15:15.0844 2008 usbehci - ok 15:15:15.0891 2008 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:15:15.0985 2008 usbhub - ok 15:15:16.0110 2008 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:15:16.0172 2008 usbohci - ok 15:15:16.0234 2008 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:15:16.0312 2008 usbprint - ok 15:15:16.0406 2008 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:15:16.0484 2008 usbscan - ok 15:15:16.0562 2008 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:15:16.0624 2008 USBSTOR - ok 15:15:16.0718 2008 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 15:15:16.0796 2008 usbuhci - ok 15:15:16.0905 2008 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 15:15:16.0968 2008 usbvideo - ok 15:15:17.0014 2008 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:15:17.0046 2008 vdrvroot - ok 15:15:17.0155 2008 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:15:17.0217 2008 vga - ok 15:15:17.0233 2008 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:15:17.0311 2008 VgaSave - ok 15:15:17.0373 2008 VGPU - ok 15:15:17.0451 2008 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:15:17.0514 2008 vhdmp - ok 15:15:17.0560 2008 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:15:17.0576 2008 viaide - ok 15:15:17.0701 2008 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 15:15:17.0748 2008 vmbus - ok 15:15:17.0779 2008 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 15:15:17.0826 2008 VMBusHID - ok 15:15:17.0919 2008 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:15:17.0982 2008 volmgr - ok 15:15:18.0044 2008 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:15:18.0091 2008 volmgrx - ok 15:15:18.0138 2008 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:15:18.0200 2008 volsnap - ok 15:15:18.0309 2008 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:15:18.0356 2008 vsmraid - ok 15:15:18.0403 2008 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 15:15:18.0450 2008 vwifibus - ok 15:15:18.0559 2008 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:15:18.0606 2008 vwififlt - ok 15:15:18.0715 2008 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:15:18.0793 2008 vwifimp - ok 15:15:18.0824 2008 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:15:18.0871 2008 WacomPen - ok 15:15:18.0980 2008 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:15:19.0105 2008 WANARP - ok 15:15:19.0167 2008 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:15:19.0261 2008 Wanarpv6 - ok 15:15:19.0386 2008 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:15:19.0432 2008 Wd - ok 15:15:19.0479 2008 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:15:19.0557 2008 Wdf01000 - ok 15:15:19.0713 2008 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:15:19.0822 2008 WfpLwf - ok 15:15:19.0854 2008 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:15:19.0916 2008 WIMMount - ok 15:15:20.0134 2008 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:15:20.0212 2008 WinUsb - ok 15:15:20.0431 2008 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 15:15:20.0524 2008 WmiAcpi - ok 15:15:20.0649 2008 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:15:20.0758 2008 ws2ifsl - ok 15:15:20.0821 2008 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:15:20.0930 2008 WudfPf - ok 15:15:21.0055 2008 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:15:21.0164 2008 WUDFRd - ok 15:15:21.0226 2008 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:15:21.0382 2008 \Device\Harddisk0\DR0 - ok 15:15:21.0414 2008 Boot (0x1200) (7919020c90b687126ec2e3dd992fcc8a) \Device\Harddisk0\DR0\Partition0 15:15:21.0414 2008 \Device\Harddisk0\DR0\Partition0 - ok 15:15:21.0445 2008 Boot (0x1200) (6bb8fb6cf506dc34084694d4c49bfa4b) \Device\Harddisk0\DR0\Partition1 15:15:21.0445 2008 \Device\Harddisk0\DR0\Partition1 - ok 15:15:21.0445 2008 ============================================================ 15:15:21.0445 2008 Scan finished 15:15:21.0445 2008 ============================================================ 15:15:21.0492 2384 Detected object count: 0 15:15:21.0492 2384 Actual detected object count: 0 |
|
12.12.2011, 15:29
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.7017515 von BitDefender nicht löschbar! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2011, 17:47
| #11 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! hi arne, ich konnte mein anti viren programm bitdefender internet security 2011 nicht komplett schließen (werder über task manager noch über systemstart + neustart). habe zwar alles bei bitdefender deaktiviert, aber combofix warnt mich dennoch davor, dass mein virenprogramm noch läuft und das zu schäden führen kann. soll ich combofix trotzdem laufen lassen oder weißt du wie man bitdefender komplett beenden kann? lg, binom |
|
12.12.2011, 21:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Generic.7017515 von BitDefender nicht löschbar! Bitdefener IS notfalls deinstallieren. Eine Suite ist kontraproduktiv, nimm lieber für die Zukunft einen schlankeren reinen Virenscanner plus Windows-Firewall.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.12.2011, 12:35
| #13 |
| | Trojan.Generic.7017515 von BitDefender nicht löschbar! hi arne, nun gibt es auch von bitdefender eine stellungnahme zur Virusmeldung Trojan.Generic.7017515. Demnach handelt es sich um einen Fehlalarm: hxxp://forum.bitdefender.com/index.php?showtopic=31001 Danke für deine Hilfe! LG, binom |
|
| Themen zu Trojan.Generic.7017515 von BitDefender nicht löschbar! |
| adware, bitdefender, blockiert, boot, defender, desktop, detected, e-mails, explorer, file, gen, internet, internet explorer, log, log file, löschen, meldungen, nicht löschbar, nicht löschen, not, object, registry, rootkits, security, spyware, trojan.generic., virus |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
