| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: SMART_HDD und schwarzer BildschirmWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.04.2012, 16:12
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  SMART_HDD und schwarzer BildschirmZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.04.2012, 22:59
| #17 |
 | SMART_HDD und schwarzer Bildschirm o nein - Asche auf mein Haupt, hier noch mal:
__________________Code:
ATTFilter OTL logfile created on: 09.04.2012 23:08:33 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Mini-ZZ\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,43% Memory free
3,98 Gb Paging File | 3,10 Gb Available in Paging File | 77,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215,64 Gb Total Space | 177,16 Gb Free Space | 82,15% Space Free | Partition Type: NTFS
Drive D: | 16,95 Gb Total Space | 2,45 Gb Free Space | 14,46% Space Free | Partition Type: NTFS
Computer Name: HP-MINI-ZZ | User Name: Mini-ZZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.09 23:06:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Mini-ZZ\Downloads\OTL(1).exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.07.02 11:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.07.01 20:09:10 | 000,338,168 | ---- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010.06.25 13:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.06.25 13:53:28 | 000,309,816 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2010.06.18 16:26:18 | 000,363,064 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010.06.09 11:06:18 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2010.06.09 11:06:18 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\stacsv.exe
PRC - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
|
|
10.04.2012, 11:27
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Nun ist das Log unvollständig
__________________
__________________ |
|
10.04.2012, 15:02
| #19 |
| | SMART_HDD und schwarzer Bildschirm o Mann - frage mich echt, wie ich das wieder hingekriegt habe .... zu blöde. Sorry, sorry. Also noch einmal: OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.04.2012 15:27:00 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Mini-ZZ\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,52% Memory free
3,98 Gb Paging File | 3,06 Gb Available in Paging File | 76,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215,64 Gb Total Space | 177,90 Gb Free Space | 82,50% Space Free | Partition Type: NTFS
Drive D: | 16,95 Gb Total Space | 2,45 Gb Free Space | 14,46% Space Free | Partition Type: NTFS
Computer Name: HP-MINI-ZZ | User Name: Mini-ZZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.09 23:06:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Mini-ZZ\Downloads\OTL(1).exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE
PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.07.02 11:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.07.01 20:09:10 | 000,338,168 | ---- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010.06.25 13:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.06.25 13:53:28 | 000,309,816 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2010.06.18 16:26:18 | 000,363,064 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010.06.09 11:06:18 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2010.06.09 11:06:18 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\stacsv.exe
PRC - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.08 13:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.03.29 00:22:20 | 000,154,304 | ---- | M] (Zecter Inc.) -- C:\Programme\Hewlett-Packard\HP CloudDrive\zumodrive.exe
PRC - [2009.10.13 12:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Programme\IDT\WDM\AEstSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.10 15:23:25 | 000,379,904 | ---- | M] () -- C:\Users\Mini-ZZ\AppData\Local\Temp\libsqlitejdbc-815306645106366511.lib
MOD - [2012.04.10 15:23:03 | 000,198,144 | ---- | M] () -- C:\Users\Mini-ZZ\AppData\Local\Temp\WindowsAPI.dll
MOD - [2012.02.26 12:23:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012.02.19 11:21:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012.02.19 11:20:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012.02.19 11:19:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.02.19 11:17:08 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012.02.19 11:10:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.19 11:09:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.19 11:09:24 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012.02.19 11:08:23 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.19 11:07:15 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.19 11:06:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.19 11:06:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011.10.20 22:11:54 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 02:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.07.29 01:49:18 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2010.07.29 01:48:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.07.28 19:23:08 | 000,237,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010.06.18 16:26:18 | 000,267,832 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
MOD - [2010.06.18 16:26:18 | 000,052,280 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
MOD - [2010.06.18 16:26:18 | 000,030,264 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.07.01 20:09:10 | 000,338,168 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010.06.25 13:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.09 11:06:18 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Programme\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AEstSrv.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV - [2012.03.07 02:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 02:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 02:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.03.07 02:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 02:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 02:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.06.09 11:06:18 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010.05.07 19:18:10 | 000,230,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.04.07 17:05:00 | 000,204,800 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.11.11 14:09:22 | 000,018,136 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dvmio.sys -- (DVMIO)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\..\SearchScopes,DefaultScope = {FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}
IE - HKLM\..\SearchScopes\{C98E6371-953C-4ECC-AE37-766E85BC0C27}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{EFDC04E1-7F61-401E-9716-0321E0862E63}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes,DefaultScope = {FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{C98E6371-953C-4ECC-AE37-766E85BC0C27}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{EFDC04E1-7F61-401E-9716-0321E0862E63}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.18 12:30:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 23:59:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.19 11:09:20 | 000,000,000 | ---D | M]
[2011.03.19 19:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mini-ZZ\AppData\Roaming\mozilla\Extensions
[2011.03.19 19:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mini-ZZ\AppData\Roaming\mozilla\Firefox\Profiles\7af0eigr.default\extensions
[2012.03.19 23:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [ZumoDrive] C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C9F81D2-3215-4C6B-B179-6948B450327A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88849F3B-7B3F-482D-B6D8-C3CAE3E55DD8}: NameServer = 193.189.244.225 193.189.244.206
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.04.08 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.07 21:31:25 | 000,000,000 | ---D | C] -- C:\Users\Mini-ZZ\AppData\Roaming\Malwarebytes
[2012.04.07 21:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.07 21:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.07 21:31:11 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.07 21:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.07 18:45:19 | 000,000,000 | ---D | C] -- C:\Users\Mini-ZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD
[2012.03.18 12:30:54 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.04.10 15:30:54 | 000,014,128 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:30:54 | 000,014,128 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:22:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.10 15:22:35 | 1601,093,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.09 11:02:22 | 000,654,610 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.09 11:02:22 | 000,616,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.09 11:02:22 | 000,130,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.09 11:02:22 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.08 10:34:06 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.08 08:58:48 | 000,000,160 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPvr
[2012.04.08 08:58:48 | 000,000,000 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPv
[2012.04.07 21:31:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.07 20:13:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\g7wwMXfWUQJwPv
[2012.04.07 18:45:19 | 000,000,647 | ---- | M] () -- C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk
[2012.03.28 22:15:04 | 000,000,017 | ---- | M] () -- C:\Windows\System32\shortcut_ex.dat
[2012.03.19 23:59:54 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.03.18 12:25:16 | 000,267,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.08 22:55:46 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.08 22:55:46 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\HP CloudDrive.lnk
[2012.04.08 22:55:46 | 000,002,156 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012.04.08 22:55:46 | 000,002,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
[2012.04.08 22:55:46 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\HP Games spielen.lnk
[2012.04.08 22:55:46 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012.04.08 22:55:46 | 000,002,118 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk
[2012.04.08 22:55:46 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\HP QuickSync.lnk
[2012.04.08 22:55:46 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.08 22:55:46 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.04.08 22:55:46 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.04.08 22:55:46 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012.04.08 22:55:46 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012.04.08 22:55:46 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012.04.08 22:55:46 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012.04.08 22:55:46 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.04.08 22:55:46 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.04.08 22:55:46 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.04.08 22:55:45 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012.04.08 22:55:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.04.08 22:55:43 | 000,002,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012.04.08 22:55:42 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2012.04.07 21:31:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.07 18:45:20 | 000,000,160 | ---- | C] () -- C:\ProgramData\-g7wwMXfWUQJwPvr
[2012.04.07 18:45:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\-g7wwMXfWUQJwPv
[2012.04.07 18:45:19 | 000,000,647 | ---- | C] () -- C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk
[2012.04.07 18:45:15 | 000,000,256 | ---- | C] () -- C:\ProgramData\g7wwMXfWUQJwPv
[2012.03.28 22:15:04 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat
[2011.03.19 22:42:39 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.19 09:28:49 | 000,000,130 | ---- | C] () -- C:\Users\Mini-ZZ\AppData\Local\mv_Photo.xml
[2011.03.19 09:28:49 | 000,000,121 | ---- | C] () -- C:\Users\Mini-ZZ\AppData\Local\mv_music.xml
[2010.11.08 11:32:12 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.11.08 11:30:16 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.08 11:24:11 | 000,000,292 | ---- | C] () -- C:\Windows\System32\RStoneLog2.ini
[2010.11.08 11:24:11 | 000,000,233 | ---- | C] () -- C:\Windows\System32\RStoneLog.ini
[2010.07.29 01:51:32 | 000,654,610 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.07.29 01:51:32 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.07.29 01:51:32 | 000,130,192 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.07.29 01:51:32 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.07.28 19:37:48 | 000,000,202 | ---- | C] () -- C:\Windows\System32\HPWA.ini
[2010.07.28 17:28:20 | 000,000,180 | ---- | C] () -- C:\Windows\System32\HP Documentation.ini
========== LOP Check ==========
[2012.03.28 22:14:37 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\SoftGrid Client
[2011.03.19 19:21:23 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\TP
[2012.04.10 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\ZumoDrive
[2011.09.26 19:32:40 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
An welchen Stellen muss ich dieses SMART_HDD eigentlich überall löschen - taucht im Moment noch auf dem Desktop und unter alle Programme auf. |
|
10.04.2012, 15:32
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Diesmal ist es kein CustomScan nochmal laaangsam - Log vollständig posten in CODE-Tags - Haken bei ScanneAlleBenutzer - CustomScan!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.04.2012, 20:47
| #21 |
| | SMART_HDD und schwarzer Bildschirm danke, dass Du noch nicht die Geduld mit mir verloren hast - langsam verliere ich ja schon die Geduld mit mir selbst! Ich versuche es also noch mal: OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.04.2012 19:59:55 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Mini-ZZ\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,80% Memory free
3,98 Gb Paging File | 3,04 Gb Available in Paging File | 76,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215,64 Gb Total Space | 177,96 Gb Free Space | 82,53% Space Free | Partition Type: NTFS
Drive D: | 16,95 Gb Total Space | 2,45 Gb Free Space | 14,46% Space Free | Partition Type: NTFS
Computer Name: HP-MINI-ZZ | User Name: Mini-ZZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.09 23:06:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Mini-ZZ\Downloads\OTL(1).exe
PRC - [2012.03.07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.07.02 11:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.07.01 20:09:10 | 000,338,168 | ---- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010.06.25 13:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.06.25 13:53:28 | 000,309,816 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2010.06.18 16:26:18 | 000,363,064 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010.06.09 11:06:18 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2010.06.09 11:06:18 | 000,237,650 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\stacsv.exe
PRC - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010.05.08 13:48:26 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.03.29 00:22:20 | 000,154,304 | ---- | M] (Zecter Inc.) -- C:\Programme\Hewlett-Packard\HP CloudDrive\zumodrive.exe
PRC - [2009.10.13 12:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Programme\IDT\WDM\AEstSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.10 15:23:25 | 000,379,904 | ---- | M] () -- C:\Users\Mini-ZZ\AppData\Local\Temp\libsqlitejdbc-815306645106366511.lib
MOD - [2012.04.10 15:23:03 | 000,198,144 | ---- | M] () -- C:\Users\Mini-ZZ\AppData\Local\Temp\WindowsAPI.dll
MOD - [2012.02.26 12:23:00 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012.02.19 11:21:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012.02.19 11:20:17 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012.02.19 11:19:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.02.19 11:17:08 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012.02.19 11:10:06 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.19 11:09:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.19 11:09:24 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012.02.19 11:08:23 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.19 11:07:15 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.19 11:06:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.19 11:06:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011.10.20 22:11:54 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 02:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.07.29 01:49:18 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2010.07.29 01:48:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.07.28 19:23:08 | 000,237,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010.06.18 16:26:18 | 000,267,832 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
MOD - [2010.06.18 16:26:18 | 000,052,280 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
MOD - [2010.06.18 16:26:18 | 000,030,264 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.04 15:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.07.01 20:09:10 | 000,338,168 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010.06.25 13:55:34 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.09 11:06:18 | 000,237,650 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2010.05.08 13:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Programme\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.03 12:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AEstSrv.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV - [2012.03.07 02:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 02:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 02:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.03.07 02:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 02:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 02:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.06.09 11:06:18 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010.05.07 19:18:10 | 000,230,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2010.04.09 15:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.04.07 17:05:00 | 000,204,800 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010.03.25 10:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 11:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2009.11.11 14:09:22 | 000,018,136 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dvmio.sys -- (DVMIO)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\..\SearchScopes,DefaultScope = {FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}
IE - HKLM\..\SearchScopes\{C98E6371-953C-4ECC-AE37-766E85BC0C27}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{EFDC04E1-7F61-401E-9716-0321E0862E63}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes,DefaultScope = {FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{C98E6371-953C-4ECC-AE37-766E85BC0C27}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{EFDC04E1-7F61-401E-9716-0321E0862E63}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\SearchScopes\{FEDFEDCF-D5FC-44E0-92AB-3DF25938A90A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.18 12:30:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 23:59:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.19 11:09:20 | 000,000,000 | ---D | M]
[2011.03.19 19:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mini-ZZ\AppData\Roaming\mozilla\Extensions
[2011.03.19 19:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mini-ZZ\AppData\Roaming\mozilla\Firefox\Profiles\7af0eigr.default\extensions
[2012.03.19 23:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [ZumoDrive] C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C9F81D2-3215-4C6B-B179-6948B450327A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88849F3B-7B3F-482D-B6D8-C3CAE3E55DD8}: NameServer = 193.189.244.225 193.189.244.206
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B} - C:\Program Files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe "/installer"
ActiveX: {4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B} - C:\Windows\system32\wscript.exe "C:\Program Files\Hewlett-Packard\HP Media Suite\Home\PinItem.vbs"
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.04.08 21:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.07 21:31:25 | 000,000,000 | ---D | C] -- C:\Users\Mini-ZZ\AppData\Roaming\Malwarebytes
[2012.04.07 21:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.07 21:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.07 21:31:11 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.07 21:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.07 18:45:19 | 000,000,000 | ---D | C] -- C:\Users\Mini-ZZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD
[2012.03.18 12:30:54 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.04.10 19:56:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.10 15:30:54 | 000,014,128 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:30:54 | 000,014,128 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:22:35 | 1601,093,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.09 11:02:22 | 000,654,610 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.09 11:02:22 | 000,616,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.09 11:02:22 | 000,130,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.09 11:02:22 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.08 10:34:06 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.08 08:58:48 | 000,000,160 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPvr
[2012.04.08 08:58:48 | 000,000,000 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPv
[2012.04.07 21:31:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.07 20:13:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\g7wwMXfWUQJwPv
[2012.04.07 18:45:19 | 000,000,647 | ---- | M] () -- C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk
[2012.03.28 22:15:04 | 000,000,017 | ---- | M] () -- C:\Windows\System32\shortcut_ex.dat
[2012.03.19 23:59:54 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.03.18 12:25:16 | 000,267,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.04.08 22:55:46 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.08 22:55:46 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\HP CloudDrive.lnk
[2012.04.08 22:55:46 | 000,002,156 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012.04.08 22:55:46 | 000,002,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
[2012.04.08 22:55:46 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\HP Games spielen.lnk
[2012.04.08 22:55:46 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012.04.08 22:55:46 | 000,002,118 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk
[2012.04.08 22:55:46 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\HP QuickSync.lnk
[2012.04.08 22:55:46 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.04.08 22:55:46 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.04.08 22:55:46 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.04.08 22:55:46 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012.04.08 22:55:46 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012.04.08 22:55:46 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012.04.08 22:55:46 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012.04.08 22:55:46 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.04.08 22:55:46 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.04.08 22:55:46 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.04.08 22:55:45 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012.04.08 22:55:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.04.08 22:55:43 | 000,002,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012.04.08 22:55:42 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2012.04.07 21:31:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.07 18:45:20 | 000,000,160 | ---- | C] () -- C:\ProgramData\-g7wwMXfWUQJwPvr
[2012.04.07 18:45:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\-g7wwMXfWUQJwPv
[2012.04.07 18:45:19 | 000,000,647 | ---- | C] () -- C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk
[2012.04.07 18:45:15 | 000,000,256 | ---- | C] () -- C:\ProgramData\g7wwMXfWUQJwPv
[2012.03.28 22:15:04 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat
[2011.03.19 22:42:39 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.19 09:28:49 | 000,000,130 | ---- | C] () -- C:\Users\Mini-ZZ\AppData\Local\mv_Photo.xml
[2011.03.19 09:28:49 | 000,000,121 | ---- | C] () -- C:\Users\Mini-ZZ\AppData\Local\mv_music.xml
[2010.11.08 11:32:12 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.11.08 11:30:16 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.08 11:24:11 | 000,000,292 | ---- | C] () -- C:\Windows\System32\RStoneLog2.ini
[2010.11.08 11:24:11 | 000,000,233 | ---- | C] () -- C:\Windows\System32\RStoneLog.ini
[2010.07.29 01:51:32 | 000,654,610 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.07.29 01:51:32 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.07.29 01:51:32 | 000,130,192 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.07.29 01:51:32 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.07.28 19:37:48 | 000,000,202 | ---- | C] () -- C:\Windows\System32\HPWA.ini
[2010.07.28 17:28:20 | 000,000,180 | ---- | C] () -- C:\Windows\System32\HP Documentation.ini
========== LOP Check ==========
[2012.03.28 22:14:37 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\SoftGrid Client
[2011.03.19 19:21:23 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\TP
[2012.04.10 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\ZumoDrive
[2011.09.26 19:32:40 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.03.25 20:27:00 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Adobe
[2011.03.19 09:23:54 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Hewlett-Packard
[2011.03.19 09:28:41 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\hpqLog
[2011.03.19 09:28:12 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Identities
[2011.03.19 18:56:07 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Macromedia
[2012.04.07 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Malwarebytes
[2011.09.05 11:32:49 | 000,000,000 | --SD | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Microsoft
[2011.03.19 19:03:43 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Mozilla
[2012.03.11 15:30:37 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\Skype
[2012.03.10 20:14:11 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\skypePM
[2012.03.28 22:14:37 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\SoftGrid Client
[2011.03.19 19:21:23 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\TP
[2012.02.02 22:36:47 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\U3
[2012.04.10 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mini-ZZ\AppData\Roaming\ZumoDrive
< %APPDATA%\*.exe /s >
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Mini-ZZ\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Mini-ZZ\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_dd2bf0ef82c7be83\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_dd01b18982e7479e\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_ddb1bfd49be72b9f\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_dde1cf9a9bc40507\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.10.13 12:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.10.13 12:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Windows\System32\drivers\iaStor.sys
[2009.10.13 12:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_3f3653f13a033ed4\iaStor.sys
[2009.10.13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
< MD5 for: IASTORV.SYS >
[2010.07.29 02:22:39 | 000,332,168 | ---- | M] (Intel Corporation) MD5=2D2918606673C46769FB516A5ACE958E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_aed9db9de9265a3a\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
[2010.07.29 02:22:39 | 000,332,160 | ---- | M] (Intel Corporation) MD5=FE8186428F0AB44F0E500C7AA33E9B51 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_afb9f9af020317a3\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2010.07.29 02:22:39 | 000,143,752 | ---- | M] (NVIDIA Corporation) MD5=1D8B6A440DFF2BDEAA4EB209FCBA21BF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_39a34c4d205d0412\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
[2010.07.29 02:22:39 | 000,143,752 | ---- | M] (NVIDIA Corporation) MD5=F3596C8A63D3871890B0D3A0DFFEF0D0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_3a836a5e3939c17b\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.07.29 02:09:30 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010.07.29 02:09:30 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
|
|
11.04.2012, 12:09
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3045748316-1306930101-2035370094-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell - "" = AutoRun
O33 - MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
[2012.04.08 08:58:48 | 000,000,160 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPvr
[2012.04.08 08:58:48 | 000,000,000 | ---- | M] () -- C:\ProgramData\-g7wwMXfWUQJwPv
[2012.04.07 20:13:52 | 000,000,256 | ---- | M] () -- C:\ProgramData\g7wwMXfWUQJwPv
[2012.04.07 18:45:19 | 000,000,647 | ---- | M] () -- C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk
[2012.03.28 22:15:04 | 000,000,017 | ---- | M] () -- C:\Windows\System32\shortcut_ex.dat
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2012, 21:50
| #23 |
| | SMART_HDD und schwarzer Bildschirm ähm - habe da noch ne Frage: wie lange sollte dieser OTL Fix denn so dauern? Ich habe es versucht und 4 Stunden lang keinerlei Reaktion mehr am Rechner gehabt. Es wurde in OTL immer die Staus Meldung "Killing processes - Do not interrupt...." angezeigt. Keinerlei Funktion bei Tastatur oder Touchpad - auch ging der Rechner nicht mehr in den Energiesparmodus, Bildschirm permannent an... Ist das so normal? |
|
12.04.2012, 09:12
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Wiederhol den Fix im abgesicherten Modus bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2012, 12:46
| #25 |
| | SMART_HDD und schwarzer Bildschirm Habe ich so gemacht - ging jetzt. Ergebnis Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Programme\Microsoft\BingBar\BingExt.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_USERS\S-1-5-21-3045748316-1306930101-2035370094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb9b1c45-c385-11e0-9cd7-68b599d8f993}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb9b1c55-c385-11e0-9cd7-68b599d8f993}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\AutoRun.exe not found.
C:\ProgramData\-g7wwMXfWUQJwPvr moved successfully.
C:\ProgramData\-g7wwMXfWUQJwPv moved successfully.
C:\ProgramData\g7wwMXfWUQJwPv moved successfully.
C:\Users\Mini-ZZ\Desktop\SMART_HDD.lnk moved successfully.
C:\Windows\System32\shortcut_ex.dat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mini-ZZ
->Temp folder emptied: 263746661 bytes
->Temporary Internet Files folder emptied: 53593443 bytes
->Java cache emptied: 26516239 bytes
->FireFox cache emptied: 49396472 bytes
->Flash cache emptied: 479 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 116349957 bytes
RecycleBin emptied: 12770889 bytes
Total Files Cleaned = 498,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Mini-ZZ
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.39.2 log created on 04122012_133935
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
12.04.2012, 15:24
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2012, 18:24
| #27 |
| | SMART_HDD und schwarzer Bildschirm So hier ist das log: Code:
ATTFilter 19:10:25.0899 5932 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
19:10:26.0289 5932 ============================================================
19:10:26.0289 5932 Current date / time: 2012/04/12 19:10:26.0289
19:10:26.0289 5932 SystemInfo:
19:10:26.0289 5932
19:10:26.0289 5932 OS Version: 6.1.7601 ServicePack: 1.0
19:10:26.0289 5932 Product type: Workstation
19:10:26.0289 5932 ComputerName: HP-MINI-ZZ
19:10:26.0289 5932 UserName: Mini-ZZ
19:10:26.0289 5932 Windows directory: C:\Windows
19:10:26.0289 5932 System windows directory: C:\Windows
19:10:26.0289 5932 Processor architecture: Intel x86
19:10:26.0289 5932 Number of processors: 2
19:10:26.0289 5932 Page size: 0x1000
19:10:26.0289 5932 Boot type: Normal boot
19:10:26.0289 5932 ============================================================
19:10:27.0209 5932 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:10:27.0209 5932 \Device\Harddisk0\DR0:
19:10:27.0209 5932 MBR used
19:10:27.0209 5932 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:10:27.0209 5932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1AF48800
19:10:27.0209 5932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AFAC800, BlocksNum 0x21E5000
19:10:27.0209 5932 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
19:10:27.0287 5932 Initialize success
19:10:27.0287 5932 ============================================================
19:11:47.0690 5708 ============================================================
19:11:47.0690 5708 Scan started
19:11:47.0690 5708 Mode: Manual; SigCheck; TDLFS;
19:11:47.0690 5708 ============================================================
19:11:48.0361 5708 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:11:48.0595 5708 1394ohci - ok
19:11:49.0000 5708 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:11:49.0078 5708 ACPI - ok
19:11:49.0484 5708 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:11:49.0562 5708 AcpiPmi - ok
19:11:49.0983 5708 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:11:50.0077 5708 adp94xx - ok
19:11:50.0482 5708 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:11:50.0545 5708 adpahci - ok
19:11:50.0935 5708 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:11:50.0997 5708 adpu320 - ok
19:11:51.0294 5708 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:11:51.0372 5708 AeLookupSvc - ok
19:11:51.0512 5708 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Program Files\IDT\WDM\aestsrv.exe
19:11:51.0637 5708 AESTFilters - ok
19:11:52.0042 5708 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:11:52.0136 5708 AFD - ok
19:11:52.0510 5708 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:11:52.0557 5708 agp440 - ok
19:11:52.0978 5708 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:11:53.0041 5708 aic78xx - ok
19:11:53.0337 5708 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:11:53.0415 5708 ALG - ok
19:11:53.0790 5708 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:11:53.0836 5708 aliide - ok
19:11:54.0226 5708 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:11:54.0273 5708 amdagp - ok
19:11:54.0679 5708 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:11:54.0726 5708 amdide - ok
19:11:55.0131 5708 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:11:55.0194 5708 AmdK8 - ok
19:11:55.0599 5708 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:11:55.0693 5708 AmdPPM - ok
19:11:56.0098 5708 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:11:56.0145 5708 amdsata - ok
19:11:56.0551 5708 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:11:56.0598 5708 amdsbs - ok
19:11:57.0003 5708 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:11:57.0050 5708 amdxata - ok
19:11:57.0440 5708 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:11:57.0565 5708 AppID - ok
19:11:57.0861 5708 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:11:57.0970 5708 AppIDSvc - ok
19:11:58.0282 5708 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:11:58.0407 5708 Appinfo - ok
19:11:58.0813 5708 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:11:58.0844 5708 arc - ok
19:11:59.0296 5708 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:11:59.0343 5708 arcsas - ok
19:11:59.0796 5708 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\Windows\system32\drivers\aswFsBlk.sys
19:11:59.0889 5708 aswFsBlk - ok
19:12:00.0342 5708 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) C:\Windows\system32\drivers\aswMonFlt.sys
19:12:00.0388 5708 aswMonFlt - ok
19:12:00.0825 5708 aswRdr (225013c16fe096714d71649ad7a20e8b) C:\Windows\System32\Drivers\aswrdr2.sys
19:12:00.0872 5708 aswRdr - ok
19:12:01.0340 5708 aswSnx (dcb199b967375753b5019ec15f008f53) C:\Windows\system32\drivers\aswSnx.sys
19:12:01.0387 5708 aswSnx - ok
19:12:01.0839 5708 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\Windows\system32\drivers\aswSP.sys
19:12:01.0886 5708 aswSP - ok
19:12:02.0323 5708 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\Windows\system32\drivers\aswTdi.sys
19:12:02.0354 5708 aswTdi - ok
19:12:02.0760 5708 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:02.0869 5708 AsyncMac - ok
19:12:03.0243 5708 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:12:03.0290 5708 atapi - ok
19:12:03.0618 5708 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:12:03.0758 5708 AudioEndpointBuilder - ok
19:12:03.0774 5708 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:12:03.0852 5708 Audiosrv - ok
19:12:03.0961 5708 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:12:04.0008 5708 avast! Antivirus - ok
19:12:04.0304 5708 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:12:04.0398 5708 AxInstSV - ok
19:12:04.0803 5708 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:12:04.0881 5708 b06bdrv - ok
19:12:05.0302 5708 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:12:05.0396 5708 b57nd60x - ok
19:12:05.0630 5708 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:12:05.0692 5708 BBSvc - ok
19:12:05.0739 5708 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:12:05.0802 5708 BBUpdate - ok
19:12:06.0285 5708 BCM43XX (36a47e6ab1f0967c97722183e21adb1a) C:\Windows\system32\DRIVERS\bcmwl6.sys
19:12:06.0426 5708 BCM43XX - ok
19:12:06.0753 5708 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:12:06.0847 5708 BDESVC - ok
19:12:07.0252 5708 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:12:07.0377 5708 Beep - ok
19:12:07.0705 5708 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:12:07.0830 5708 BFE - ok
19:12:08.0173 5708 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:12:08.0344 5708 BITS - ok
19:12:08.0750 5708 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:08.0812 5708 blbdrive - ok
19:12:09.0218 5708 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:12:09.0296 5708 bowser - ok
19:12:09.0655 5708 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:09.0733 5708 BrFiltLo - ok
19:12:10.0123 5708 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:10.0248 5708 BrFiltUp - ok
19:12:10.0544 5708 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:12:10.0669 5708 Browser - ok
19:12:11.0059 5708 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:12:11.0152 5708 Brserid - ok
19:12:11.0558 5708 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:11.0636 5708 BrSerWdm - ok
19:12:12.0026 5708 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:12.0104 5708 BrUsbMdm - ok
19:12:12.0494 5708 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:12.0572 5708 BrUsbSer - ok
19:12:12.0946 5708 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:13.0040 5708 BTHMODEM - ok
19:12:13.0336 5708 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:12:13.0461 5708 bthserv - ok
19:12:13.0836 5708 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:12:13.0929 5708 cdfs - ok
19:12:14.0350 5708 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
19:12:14.0413 5708 cdrom - ok
19:12:14.0709 5708 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:12:14.0834 5708 CertPropSvc - ok
19:12:15.0224 5708 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:12:15.0302 5708 circlass - ok
19:12:15.0614 5708 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:12:15.0676 5708 CLFS - ok
19:12:15.0879 5708 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:15.0926 5708 clr_optimization_v2.0.50727_32 - ok
19:12:16.0269 5708 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:16.0316 5708 clr_optimization_v4.0.30319_32 - ok
19:12:16.0706 5708 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:16.0768 5708 CmBatt - ok
19:12:17.0143 5708 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:12:17.0190 5708 cmdide - ok
19:12:17.0595 5708 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
19:12:17.0673 5708 CNG - ok
19:12:18.0048 5708 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:12:18.0110 5708 Compbatt - ok
19:12:18.0516 5708 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:12:18.0594 5708 CompositeBus - ok
19:12:18.0874 5708 COMSysApp - ok
19:12:19.0264 5708 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:19.0311 5708 crcdisk - ok
19:12:19.0639 5708 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
19:12:19.0764 5708 CryptSvc - ok
19:12:19.0951 5708 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:12:20.0029 5708 cvhsvc - ok
19:12:20.0356 5708 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:12:20.0497 5708 DcomLaunch - ok
19:12:20.0653 5708 DCService.exe (cc8b5c964b777f4ec3e89f13b4b5ff0f) C:\ProgramData\DatacardService\DCService.exe
19:12:20.0700 5708 DCService.exe ( UnsignedFile.Multi.Generic ) - warning
19:12:20.0700 5708 DCService.exe - detected UnsignedFile.Multi.Generic (1)
19:12:20.0996 5708 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:12:21.0090 5708 defragsvc - ok
19:12:21.0480 5708 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:12:21.0604 5708 DfsC - ok
19:12:21.0916 5708 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:12:22.0057 5708 Dhcp - ok
19:12:22.0447 5708 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:12:22.0540 5708 discache - ok
19:12:22.0946 5708 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:12:22.0993 5708 Disk - ok
19:12:23.0289 5708 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:12:23.0383 5708 Dnscache - ok
19:12:23.0695 5708 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:12:23.0820 5708 dot3svc - ok
19:12:24.0132 5708 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:12:24.0256 5708 DPS - ok
19:12:24.0662 5708 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:12:24.0756 5708 drmkaud - ok
19:12:25.0177 5708 DVMIO (ff7a7a1e0f9a0ab892a454ffb9d14bbe) C:\Windows\system32\DRIVERS\dvmio.sys
19:12:25.0224 5708 DVMIO - ok
19:12:25.0364 5708 DvmMDES (489c4ec8baa2a458615f3248ff2ace7e) C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
19:12:25.0426 5708 DvmMDES - ok
19:12:25.0832 5708 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:12:25.0910 5708 DXGKrnl - ok
19:12:26.0206 5708 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:12:26.0331 5708 EapHost - ok
19:12:26.0815 5708 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:12:26.0986 5708 ebdrv - ok
19:12:27.0283 5708 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:12:27.0376 5708 EFS - ok
19:12:27.0782 5708 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:12:27.0860 5708 elxstor - ok
19:12:28.0250 5708 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:12:28.0328 5708 ErrDev - ok
19:12:28.0640 5708 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:12:28.0780 5708 EventSystem - ok
19:12:29.0217 5708 ewusbnet (5b250a1be34d4fde35287eec297104a7) C:\Windows\system32\DRIVERS\ewusbnet.sys
19:12:29.0326 5708 ewusbnet - ok
19:12:29.0748 5708 ew_hwusbdev (e98a64c7f106740a38fb2b78197816f8) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:12:29.0810 5708 ew_hwusbdev - ok
19:12:30.0216 5708 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:12:30.0325 5708 exfat - ok
19:12:30.0730 5708 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:12:30.0840 5708 fastfat - ok
19:12:31.0136 5708 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:12:31.0276 5708 Fax - ok
19:12:31.0651 5708 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:12:31.0729 5708 fdc - ok
19:12:32.0010 5708 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:12:32.0119 5708 fdPHost - ok
19:12:32.0431 5708 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:12:32.0571 5708 FDResPub - ok
19:12:32.0977 5708 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:12:33.0024 5708 FileInfo - ok
19:12:33.0414 5708 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:12:33.0538 5708 Filetrace - ok
19:12:33.0928 5708 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:34.0006 5708 flpydisk - ok
19:12:34.0412 5708 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:12:34.0459 5708 FltMgr - ok
19:12:34.0771 5708 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:12:34.0880 5708 FontCache - ok
19:12:35.0052 5708 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:12:35.0098 5708 FontCache3.0.0.0 - ok
19:12:35.0410 5708 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:12:35.0457 5708 FsDepends - ok
19:12:35.0878 5708 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
19:12:35.0910 5708 Fs_Rec - ok
19:12:36.0315 5708 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:12:36.0378 5708 fvevol - ok
19:12:36.0783 5708 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:12:36.0846 5708 gagp30kx - ok
19:12:36.0986 5708 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
19:12:37.0033 5708 GameConsoleService - ok
19:12:37.0345 5708 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:12:37.0485 5708 gpsvc - ok
19:12:37.0891 5708 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:12:37.0953 5708 hcw85cir - ok
19:12:38.0374 5708 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
19:12:38.0484 5708 HdAudAddService - ok
19:12:38.0889 5708 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:12:38.0983 5708 HDAudBus - ok
19:12:39.0388 5708 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:12:39.0451 5708 HidBatt - ok
19:12:39.0856 5708 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:12:39.0934 5708 HidBth - ok
19:12:40.0340 5708 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:12:40.0434 5708 HidIr - ok
19:12:40.0730 5708 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:12:40.0839 5708 hidserv - ok
19:12:41.0260 5708 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
19:12:41.0307 5708 HidUsb - ok
19:12:41.0619 5708 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:12:41.0744 5708 hkmsvc - ok
19:12:42.0040 5708 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:12:42.0118 5708 HomeGroupListener - ok
19:12:42.0430 5708 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:12:42.0555 5708 HomeGroupProvider - ok
19:12:42.0711 5708 HP Health Check Service (3f4add4196e2b860019539837be305f9) C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
19:12:42.0742 5708 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
19:12:42.0742 5708 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
19:12:42.0867 5708 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
19:12:42.0914 5708 HP Wireless Assistant Service - ok
19:12:42.0976 5708 HPDrvMntSvc.exe (881f74074963cdad8c475d09dc3a0bb6) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:12:43.0023 5708 HPDrvMntSvc.exe - ok
19:12:43.0117 5708 hpqwmiex (fe51b163a618b1cbf015485d21c1bc68) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
19:12:43.0195 5708 hpqwmiex - ok
19:12:43.0632 5708 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:12:43.0694 5708 HpSAMD - ok
19:12:43.0897 5708 HPWMISVC (9df9cf7840a3a99f2ffd614f0a13f2f9) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:12:43.0928 5708 HPWMISVC - ok
19:12:44.0599 5708 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:12:44.0724 5708 HTTP - ok
19:12:45.0114 5708 huawei_enumerator (22a4b14530194fc57c1c849fb5afee17) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:12:45.0192 5708 huawei_enumerator - ok
19:12:45.0582 5708 hwdatacard (0b3957226ec94b1ecb7b9348bb535a23) C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:12:45.0691 5708 hwdatacard - ok
19:12:46.0096 5708 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:12:46.0143 5708 hwpolicy - ok
19:12:46.0596 5708 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
19:12:46.0674 5708 i8042prt - ok
19:12:46.0798 5708 IAANTMON (660bf3255a1eb18ed803fd2fba6ae400) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:12:46.0845 5708 IAANTMON - ok
19:12:47.0251 5708 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\Windows\system32\DRIVERS\iaStor.sys
19:12:47.0298 5708 iaStor - ok
19:12:47.0719 5708 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:12:47.0781 5708 iaStorV - ok
19:12:48.0000 5708 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:12:48.0093 5708 idsvc - ok
19:12:48.0702 5708 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:12:48.0982 5708 igfx - ok
19:12:49.0388 5708 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:12:49.0450 5708 iirsp - ok
19:12:49.0778 5708 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:12:50.0012 5708 IKEEXT - ok
19:12:50.0402 5708 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:12:50.0464 5708 intelide - ok
19:12:51.0198 5708 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:12:51.0322 5708 intelppm - ok
19:12:51.0588 5708 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:12:51.0728 5708 IPBusEnum - ok
19:12:51.0915 5708 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:52.0056 5708 IpFilterDriver - ok
19:12:52.0399 5708 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:12:52.0586 5708 iphlpsvc - ok
19:12:52.0992 5708 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:12:53.0054 5708 IPMIDRV - ok
19:12:53.0444 5708 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:12:53.0600 5708 IPNAT - ok
19:12:53.0990 5708 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:12:54.0052 5708 IRENUM - ok
19:12:54.0442 5708 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:12:54.0474 5708 isapnp - ok
19:12:54.0895 5708 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:12:54.0942 5708 iScsiPrt - ok
19:12:55.0332 5708 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
19:12:55.0378 5708 kbdclass - ok
19:12:55.0800 5708 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
19:12:55.0878 5708 kbdhid - ok
19:12:56.0143 5708 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:12:56.0190 5708 KeyIso - ok
19:12:56.0580 5708 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
19:12:56.0642 5708 KSecDD - ok
19:12:57.0048 5708 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
19:12:57.0094 5708 KSecPkg - ok
19:12:57.0391 5708 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:12:57.0547 5708 KtmRm - ok
19:12:57.0874 5708 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:12:58.0046 5708 LanmanServer - ok
19:12:58.0358 5708 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:12:58.0467 5708 LanmanWorkstation - ok
19:12:58.0888 5708 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:12:58.0998 5708 lltdio - ok
19:12:59.0278 5708 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:12:59.0388 5708 lltdsvc - ok
19:12:59.0668 5708 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:12:59.0793 5708 lmhosts - ok
19:13:00.0199 5708 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:13:00.0261 5708 LSI_FC - ok
19:13:00.0651 5708 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:13:00.0714 5708 LSI_SAS - ok
19:13:01.0104 5708 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:13:01.0150 5708 LSI_SAS2 - ok
19:13:01.0556 5708 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:13:01.0603 5708 LSI_SCSI - ok
19:13:02.0008 5708 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:13:02.0102 5708 luafv - ok
19:13:02.0508 5708 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:13:02.0570 5708 megasas - ok
19:13:02.0991 5708 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:13:03.0038 5708 MegaSR - ok
19:13:03.0506 5708 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:13:03.0646 5708 MMCSS - ok
19:13:04.0052 5708 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:13:04.0177 5708 Modem - ok
19:13:04.0598 5708 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:13:04.0676 5708 monitor - ok
19:13:05.0097 5708 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
19:13:05.0128 5708 mouclass - ok
19:13:05.0659 5708 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:13:05.0737 5708 mouhid - ok
19:13:06.0142 5708 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:13:06.0205 5708 mountmgr - ok
19:13:06.0595 5708 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:13:06.0657 5708 mpio - ok
19:13:07.0047 5708 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:13:07.0156 5708 mpsdrv - ok
19:13:07.0468 5708 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:13:07.0656 5708 MpsSvc - ok
19:13:08.0046 5708 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:13:08.0155 5708 MRxDAV - ok
19:13:08.0545 5708 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:13:08.0638 5708 mrxsmb - ok
19:13:09.0044 5708 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:13:09.0122 5708 mrxsmb10 - ok
19:13:09.0496 5708 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:13:09.0590 5708 mrxsmb20 - ok
19:13:09.0980 5708 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:13:10.0011 5708 msahci - ok
19:13:10.0417 5708 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:13:10.0479 5708 msdsm - ok
19:13:10.0791 5708 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:13:10.0854 5708 MSDTC - ok
19:13:11.0259 5708 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:13:11.0353 5708 Msfs - ok
19:13:11.0743 5708 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:13:11.0821 5708 mshidkmdf - ok
19:13:12.0195 5708 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:13:12.0242 5708 msisadrv - ok
19:13:12.0538 5708 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:13:12.0663 5708 MSiSCSI - ok
19:13:12.0928 5708 msiserver - ok
19:13:13.0334 5708 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:13:13.0474 5708 MSKSSRV - ok
19:13:13.0880 5708 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:13:13.0989 5708 MSPCLOCK - ok
19:13:14.0410 5708 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:13:14.0520 5708 MSPQM - ok
19:13:14.0925 5708 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:13:14.0972 5708 MsRPC - ok
19:13:15.0378 5708 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:13:15.0424 5708 mssmbios - ok
19:13:15.0830 5708 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:13:15.0955 5708 MSTEE - ok
19:13:16.0345 5708 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:13:16.0423 5708 MTConfig - ok
19:13:16.0797 5708 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:13:16.0844 5708 Mup - ok
19:13:17.0156 5708 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:13:17.0312 5708 napagent - ok
19:13:17.0702 5708 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:13:17.0780 5708 NativeWifiP - ok
19:13:18.0217 5708 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:13:18.0310 5708 NDIS - ok
19:13:18.0700 5708 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:13:18.0825 5708 NdisCap - ok
19:13:19.0246 5708 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:13:19.0356 5708 NdisTapi - ok
19:13:19.0761 5708 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:13:19.0886 5708 Ndisuio - ok
19:13:20.0276 5708 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:13:20.0385 5708 NdisWan - ok
19:13:20.0791 5708 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:13:20.0900 5708 NDProxy - ok
19:13:21.0306 5708 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:13:21.0430 5708 NetBIOS - ok
19:13:21.0836 5708 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:13:21.0930 5708 NetBT - ok
19:13:22.0226 5708 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:13:22.0288 5708 Netlogon - ok
19:13:22.0600 5708 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:13:22.0741 5708 Netman - ok
19:13:23.0037 5708 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:13:23.0193 5708 netprofm - ok
19:13:23.0396 5708 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:13:23.0443 5708 NetTcpPortSharing - ok
19:13:23.0926 5708 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:13:24.0176 5708 netw5v32 - ok
19:13:24.0597 5708 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:13:24.0644 5708 nfrd960 - ok
19:13:24.0940 5708 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:13:25.0096 5708 NlaSvc - ok
19:13:25.0518 5708 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:13:25.0658 5708 Npfs - ok
19:13:25.0939 5708 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:13:26.0048 5708 nsi - ok
19:13:26.0422 5708 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:13:26.0547 5708 nsiproxy - ok
19:13:26.0984 5708 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:13:27.0109 5708 Ntfs - ok
19:13:27.0499 5708 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:13:27.0608 5708 Null - ok
19:13:28.0029 5708 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:13:28.0076 5708 nvraid - ok
19:13:28.0482 5708 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:13:28.0528 5708 nvstor - ok
19:13:28.0934 5708 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:13:28.0965 5708 nv_agp - ok
19:13:29.0371 5708 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:13:29.0449 5708 ohci1394 - ok
19:13:29.0574 5708 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:13:29.0620 5708 ose - ok
19:13:29.0808 5708 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:13:30.0104 5708 osppsvc - ok
19:13:30.0432 5708 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:13:30.0541 5708 p2pimsvc - ok
19:13:30.0853 5708 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:13:30.0962 5708 p2psvc - ok
19:13:31.0383 5708 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:13:31.0446 5708 Parport - ok
19:13:31.0851 5708 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
19:13:31.0898 5708 partmgr - ok
19:13:32.0304 5708 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:13:32.0366 5708 Parvdm - ok
19:13:32.0678 5708 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:13:32.0756 5708 PcaSvc - ok
19:13:33.0130 5708 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:13:33.0193 5708 pci - ok
19:13:33.0598 5708 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:13:33.0645 5708 pciide - ok
19:13:34.0035 5708 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:13:34.0098 5708 pcmcia - ok
19:13:34.0472 5708 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:13:34.0519 5708 pcw - ok
19:13:34.0956 5708 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:13:35.0096 5708 PEAUTH - ok
19:13:35.0486 5708 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:13:35.0689 5708 pla - ok
19:13:35.0985 5708 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:13:36.0063 5708 PlugPlay - ok
19:13:36.0360 5708 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:13:36.0453 5708 PNRPAutoReg - ok
19:13:36.0765 5708 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:13:36.0859 5708 PNRPsvc - ok
19:13:37.0171 5708 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:13:37.0342 5708 PolicyAgent - ok
19:13:37.0654 5708 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:13:37.0764 5708 Power - ok
19:13:38.0169 5708 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:13:38.0278 5708 PptpMiniport - ok
19:13:38.0684 5708 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:13:38.0762 5708 Processor - ok
19:13:39.0058 5708 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
19:13:39.0183 5708 ProfSvc - ok
19:13:39.0495 5708 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:13:39.0542 5708 ProtectedStorage - ok
19:13:39.0948 5708 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:13:40.0057 5708 Psched - ok
19:13:40.0494 5708 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:13:40.0650 5708 ql2300 - ok
19:13:41.0040 5708 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:13:41.0102 5708 ql40xx - ok
19:13:41.0398 5708 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:13:41.0492 5708 QWAVE - ok
19:13:41.0898 5708 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:13:41.0960 5708 QWAVEdrv - ok
19:13:42.0381 5708 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:13:42.0506 5708 RasAcd - ok
19:13:42.0912 5708 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:13:43.0005 5708 RasAgileVpn - ok
19:13:43.0302 5708 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:13:43.0411 5708 RasAuto - ok
19:13:43.0817 5708 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:13:43.0926 5708 Rasl2tp - ok
19:13:44.0253 5708 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:13:44.0409 5708 RasMan - ok
19:13:44.0815 5708 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:13:44.0909 5708 RasPppoe - ok
19:13:45.0299 5708 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:13:45.0408 5708 RasSstp - ok
19:13:45.0798 5708 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:13:45.0938 5708 rdbss - ok
19:13:46.0328 5708 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:13:46.0406 5708 rdpbus - ok
19:13:46.0827 5708 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:13:46.0937 5708 RDPCDD - ok
19:13:47.0451 5708 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:13:47.0576 5708 RDPENCDD - ok
19:13:48.0013 5708 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:13:48.0138 5708 RDPREFMP - ok
19:13:48.0543 5708 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
19:13:48.0621 5708 RDPWD - ok
19:13:49.0058 5708 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:13:49.0105 5708 rdyboost - ok
19:13:49.0417 5708 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:13:49.0542 5708 RemoteAccess - ok
19:13:49.0838 5708 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:13:49.0932 5708 RemoteRegistry - ok
19:13:50.0228 5708 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:13:50.0322 5708 RpcEptMapper - ok
19:13:50.0618 5708 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:13:50.0696 5708 RpcLocator - ok
19:13:51.0008 5708 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:13:51.0102 5708 RpcSs - ok
19:13:51.0585 5708 RSPCIESTOR (2ad7b2b3d7a10ae3d534877d543eed74) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:13:51.0632 5708 RSPCIESTOR - ok
19:13:52.0038 5708 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:13:52.0163 5708 rspndr - ok
19:13:52.0584 5708 RTL8167 (0516998076ad894ae7e362c3110aa071) C:\Windows\system32\DRIVERS\Rt86win7.sys
19:13:52.0631 5708 RTL8167 - ok
19:13:52.0927 5708 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:13:52.0989 5708 SamSs - ok
19:13:53.0411 5708 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:13:53.0457 5708 sbp2port - ok
19:13:53.0769 5708 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:13:53.0910 5708 SCardSvr - ok
19:13:54.0315 5708 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:13:54.0440 5708 scfilter - ok
19:13:54.0752 5708 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:13:54.0939 5708 Schedule - ok
19:13:55.0251 5708 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:13:55.0361 5708 SCPolicySvc - ok
19:13:55.0782 5708 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
19:13:55.0860 5708 sdbus - ok
19:13:56.0156 5708 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:13:56.0234 5708 SDRSVC - ok
19:13:56.0640 5708 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:13:56.0733 5708 secdrv - ok
19:13:57.0014 5708 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:13:57.0155 5708 seclogon - ok
19:13:57.0451 5708 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:13:57.0576 5708 SENS - ok
19:13:57.0981 5708 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:13:58.0028 5708 Serenum - ok
19:13:58.0449 5708 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:13:58.0527 5708 Serial - ok
19:13:58.0917 5708 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:13:58.0995 5708 sermouse - ok
19:13:59.0323 5708 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:13:59.0463 5708 SessionEnv - ok
19:13:59.0853 5708 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:13:59.0931 5708 sffdisk - ok
19:14:00.0337 5708 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:14:00.0431 5708 sffp_mmc - ok
19:14:00.0836 5708 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:14:00.0899 5708 sffp_sd - ok
19:14:01.0289 5708 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:14:01.0382 5708 sfloppy - ok
19:14:01.0835 5708 Sftfs (d9b734638dd8dba9d59aad3189cd0fad) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:14:01.0897 5708 Sftfs - ok
19:14:02.0022 5708 sftlist (cb73bc422c07fb611f194da18d1e7f36) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
19:14:02.0100 5708 sftlist - ok
19:14:02.0490 5708 Sftplay (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:14:02.0537 5708 Sftplay - ok
19:14:02.0927 5708 Sftredir (518bac0179f94304f422696b47c0ec12) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:14:02.0973 5708 Sftredir - ok
19:14:03.0379 5708 Sftvol (747325236d88b3f05ffd27ff9ec711c5) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:14:03.0426 5708 Sftvol - ok
19:14:03.0551 5708 sftvsa (a5812f0281ca5081bf696626f9bf324d) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
19:14:03.0597 5708 sftvsa - ok
19:14:03.0909 5708 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:14:04.0050 5708 SharedAccess - ok
19:14:04.0377 5708 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:14:04.0533 5708 ShellHWDetection - ok
19:14:04.0955 5708 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:14:05.0001 5708 sisagp - ok
19:14:05.0423 5708 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:14:05.0469 5708 SiSRaid2 - ok
19:14:05.0859 5708 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:14:05.0906 5708 SiSRaid4 - ok
19:14:06.0312 5708 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:14:06.0405 5708 Smb - ok
19:14:06.0717 5708 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:14:06.0795 5708 SNMPTRAP - ok
19:14:07.0154 5708 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:14:07.0217 5708 spldr - ok
19:14:07.0544 5708 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:14:07.0716 5708 Spooler - ok
19:14:08.0121 5708 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:14:08.0371 5708 sppsvc - ok
19:14:08.0714 5708 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:14:08.0839 5708 sppuinotify - ok
19:14:09.0260 5708 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:14:09.0338 5708 srv - ok
19:14:09.0744 5708 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:14:09.0837 5708 srv2 - ok
19:14:10.0243 5708 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:14:10.0321 5708 SrvHsfHDA - ok
19:14:10.0742 5708 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:14:10.0851 5708 SrvHsfV92 - ok
19:14:11.0273 5708 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:14:11.0351 5708 SrvHsfWinac - ok
19:14:11.0756 5708 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:14:11.0819 5708 srvnet - ok
19:14:12.0115 5708 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:14:12.0224 5708 SSDPSRV - ok
19:14:12.0521 5708 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:14:12.0630 5708 SstpSvc - ok
19:14:12.0801 5708 STacSV (f076ffe8af8398fdf2028f6eac5f1778) C:\Program Files\IDT\WDM\STacSV.exe
19:14:12.0879 5708 STacSV - ok
19:14:13.0254 5708 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:14:13.0301 5708 stexstor - ok
19:14:13.0737 5708 STHDA (f71736dc79731c98698b93326e01a6bd) C:\Windows\system32\DRIVERS\stwrt.sys
19:14:13.0815 5708 STHDA - ok
19:14:14.0127 5708 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:14:14.0252 5708 StiSvc - ok
19:14:14.0627 5708 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:14:14.0673 5708 swenum - ok
19:14:14.0985 5708 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:14:15.0141 5708 swprv - ok
19:14:15.0594 5708 SynTP (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\Windows\system32\DRIVERS\SynTP.sys
19:14:15.0672 5708 SynTP - ok
19:14:15.0999 5708 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:14:16.0124 5708 SysMain - ok
19:14:16.0452 5708 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:14:16.0530 5708 TabletInputService - ok
19:14:16.0842 5708 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:14:16.0998 5708 TapiSrv - ok
19:14:17.0294 5708 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:14:17.0419 5708 TBS - ok
19:14:17.0871 5708 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
19:14:17.0996 5708 Tcpip - ok
19:14:18.0433 5708 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
19:14:18.0511 5708 TCPIP6 - ok
19:14:18.0932 5708 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:14:19.0057 5708 tcpipreg - ok
19:14:19.0478 5708 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:14:19.0572 5708 TDPIPE - ok
19:14:19.0962 5708 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:14:20.0040 5708 TDTCP - ok
19:14:20.0461 5708 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:14:20.0570 5708 tdx - ok
19:14:20.0976 5708 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:14:21.0023 5708 TermDD - ok
19:14:21.0319 5708 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:14:21.0444 5708 TermService - ok
19:14:21.0725 5708 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:14:21.0834 5708 Themes - ok
19:14:22.0146 5708 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:14:22.0255 5708 THREADORDER - ok
19:14:22.0551 5708 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:14:22.0676 5708 TrkWks - ok
19:14:22.0817 5708 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:14:22.0941 5708 TrustedInstaller - ok
19:14:23.0285 5708 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:14:23.0363 5708 tssecsrv - ok
19:14:23.0831 5708 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:14:23.0893 5708 TsUsbFlt - ok
19:14:24.0330 5708 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:14:24.0455 5708 tunnel - ok
19:14:24.0845 5708 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:14:24.0891 5708 uagp35 - ok
19:14:25.0297 5708 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:14:25.0422 5708 udfs - ok
19:14:25.0718 5708 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:14:25.0827 5708 UI0Detect - ok
19:14:26.0217 5708 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:14:26.0264 5708 uliagpkx - ok
19:14:26.0654 5708 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
19:14:26.0717 5708 umbus - ok
19:14:27.0091 5708 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:14:27.0200 5708 UmPass - ok
19:14:27.0512 5708 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:14:27.0653 5708 upnphost - ok
19:14:28.0043 5708 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:14:28.0121 5708 usbccgp - ok
19:14:28.0511 5708 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:14:28.0604 5708 usbcir - ok
19:14:28.0994 5708 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
19:14:29.0057 5708 usbehci - ok
19:14:29.0525 5708 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:14:29.0634 5708 usbhub - ok
19:14:30.0507 5708 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
19:14:30.0585 5708 usbohci - ok
19:14:31.0225 5708 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:14:31.0319 5708 usbprint - ok
19:14:31.0709 5708 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:14:31.0787 5708 USBSTOR - ok
19:14:32.0223 5708 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
19:14:32.0317 5708 usbuhci - ok
19:14:32.0769 5708 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
19:14:32.0832 5708 usbvideo - ok
19:14:33.0128 5708 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:14:33.0269 5708 UxSms - ok
19:14:33.0581 5708 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:14:33.0659 5708 VaultSvc - ok
19:14:34.0080 5708 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:14:34.0127 5708 vdrvroot - ok
19:14:34.0454 5708 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:14:34.0641 5708 vds - ok
19:14:35.0047 5708 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:14:35.0141 5708 vga - ok
19:14:35.0531 5708 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:14:35.0640 5708 VgaSave - ok
19:14:36.0045 5708 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:14:36.0108 5708 vhdmp - ok
19:14:36.0498 5708 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:14:36.0560 5708 viaagp - ok
19:14:36.0935 5708 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:14:37.0028 5708 ViaC7 - ok
19:14:37.0418 5708 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:14:37.0465 5708 viaide - ok
19:14:37.0855 5708 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:14:37.0902 5708 volmgr - ok
19:14:38.0292 5708 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:14:38.0354 5708 volmgrx - ok
19:14:38.0775 5708 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:14:38.0822 5708 volsnap - ok
19:14:39.0228 5708 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:14:39.0290 5708 vsmraid - ok
19:14:39.0633 5708 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:14:39.0852 5708 VSS - ok
19:14:40.0242 5708 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
19:14:40.0335 5708 vwifibus - ok
19:14:40.0725 5708 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
19:14:40.0819 5708 vwififlt - ok
19:14:41.0209 5708 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
19:14:41.0256 5708 vwifimp - ok
19:14:41.0568 5708 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:14:41.0724 5708 W32Time - ok
19:14:42.0129 5708 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:14:42.0207 5708 WacomPen - ok
19:14:42.0613 5708 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:14:42.0738 5708 WANARP - ok
19:14:42.0738 5708 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:14:42.0816 5708 Wanarpv6 - ok
19:14:43.0143 5708 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:14:43.0299 5708 wbengine - ok
19:14:43.0611 5708 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:14:43.0689 5708 WbioSrvc - ok
19:14:43.0986 5708 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:14:44.0079 5708 wcncsvc - ok
19:14:44.0391 5708 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:14:44.0485 5708 WcsPlugInService - ok
19:14:44.0891 5708 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:14:44.0937 5708 Wd - ok
19:14:45.0359 5708 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:14:45.0437 5708 Wdf01000 - ok
19:14:45.0733 5708 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:14:45.0827 5708 WdiServiceHost - ok
19:14:45.0842 5708 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:14:45.0889 5708 WdiSystemHost - ok
19:14:46.0217 5708 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:14:46.0341 5708 WebClient - ok
19:14:46.0669 5708 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:14:46.0763 5708 Wecsvc - ok
19:14:47.0059 5708 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:14:47.0168 5708 wercplsupport - ok
19:14:47.0480 5708 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:14:47.0605 5708 WerSvc - ok
19:14:47.0995 5708 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:14:48.0104 5708 WfpLwf - ok
19:14:48.0494 5708 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:14:48.0541 5708 WIMMount - ok
19:14:48.0681 5708 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:14:48.0806 5708 WinDefend - ok
19:14:48.0822 5708 WinHttpAutoProxySvc - ok
19:14:49.0181 5708 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:14:49.0290 5708 Winmgmt - ok
19:14:49.0617 5708 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:14:49.0820 5708 WinRM - ok
19:14:50.0163 5708 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:14:50.0304 5708 Wlansvc - ok
19:14:50.0709 5708 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:14:50.0756 5708 WmiAcpi - ok
19:14:51.0146 5708 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:14:51.0224 5708 wmiApSrv - ok
19:14:51.0365 5708 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:14:51.0474 5708 WMPNetworkSvc - ok
19:14:51.0755 5708 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:14:51.0864 5708 WPCSvc - ok
19:14:52.0160 5708 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:14:52.0254 5708 WPDBusEnum - ok
19:14:52.0644 5708 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:14:52.0737 5708 ws2ifsl - ok
19:14:53.0049 5708 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:14:53.0127 5708 wscsvc - ok
19:14:53.0393 5708 WSearch - ok
19:14:53.0783 5708 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
19:14:54.0017 5708 wuauserv - ok
19:14:54.0438 5708 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:14:54.0531 5708 WudfPf - ok
19:14:54.0968 5708 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:14:55.0077 5708 WUDFRd - ok
19:14:55.0389 5708 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:14:55.0499 5708 wudfsvc - ok
19:14:55.0811 5708 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:14:55.0951 5708 WwanSvc - ok
19:14:56.0388 5708 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
19:14:56.0450 5708 yukonw7 - ok
19:14:56.0575 5708 MBR (0x1B8) (af16213c8d7c2ffd462507ceed3bfc6b) \Device\Harddisk0\DR0
19:14:56.0762 5708 \Device\Harddisk0\DR0 - ok
19:14:56.0809 5708 Boot (0x1200) (40f9be7f944102b933f64f2ae778cadb) \Device\Harddisk0\DR0\Partition0
19:14:56.0809 5708 \Device\Harddisk0\DR0\Partition0 - ok
19:14:56.0840 5708 Boot (0x1200) (9d2343a07d30c785f10ab0225b8bd6d4) \Device\Harddisk0\DR0\Partition1
19:14:56.0840 5708 \Device\Harddisk0\DR0\Partition1 - ok
19:14:56.0871 5708 Boot (0x1200) (32fd8968b40ffe44064e01afa23ca67d) \Device\Harddisk0\DR0\Partition2
19:14:56.0887 5708 \Device\Harddisk0\DR0\Partition2 - ok
19:14:56.0918 5708 Boot (0x1200) (ec57184e610e76e5c3ae4506d8a901b2) \Device\Harddisk0\DR0\Partition3
19:14:56.0918 5708 \Device\Harddisk0\DR0\Partition3 - ok
19:14:56.0918 5708 ============================================================
19:14:56.0918 5708 Scan finished
19:14:56.0918 5708 ============================================================
19:14:56.0965 3720 Detected object count: 2
19:14:56.0965 3720 Actual detected object count: 2
19:18:26.0505 3720 DCService.exe ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:26.0505 3720 DCService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:18:26.0505 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:26.0505 3720 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:01.0067 1700 Deinitialize success
|
|
12.04.2012, 19:52
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2012, 08:39
| #29 |
| | SMART_HDD und schwarzer Bildschirm ok - hier das nächste log: Combofix Logfile: Code:
ATTFilter ComboFix 12-04-12.03 - Mini-ZZ 13.04.2012 9:10.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.49.1031.18.2036.1086 [GMT 2:00]
ausgeführt von:: c:\users\Mini-ZZ\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-13 bis 2012-04-13 ))))))))))))))))))))))))))))))
.
.
2012-04-13 07:25 . 2012-04-13 07:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-12 17:27 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D29BCA23-4962-4118-BF1C-AAD9A27504D8}\mpengine.dll
2012-04-11 17:40 . 2012-04-11 17:40 -------- d-----w- C:\_OTL
2012-04-08 19:55 . 2012-04-08 19:55 -------- d-----w- c:\program files\ESET
2012-04-07 19:31 . 2012-04-07 19:31 -------- d-----w- c:\users\Mini-ZZ\AppData\Roaming\Malwarebytes
2012-04-07 19:31 . 2012-04-07 19:31 -------- d-----w- c:\programdata\Malwarebytes
2012-04-07 19:31 . 2012-04-07 19:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-07 19:31 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-19 21:59 . 2012-03-13 04:38 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-03-19 21:37 . 2012-03-13 04:36 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-19 21:37 . 2012-03-13 04:36 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 10:30 . 2012-03-07 00:02 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-18 09:46 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-18 09:45 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-17 08:45 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-17 08:45 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-17 08:42 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-17 08:42 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-17 08:42 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-17 08:42 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-17 08:42 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-17 08:42 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-11 09:27 . 2011-06-02 17:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-07 00:15 . 2011-03-19 16:23 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-03-19 16:23 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-03-19 16:23 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2011-03-19 16:23 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:01 . 2011-03-19 16:23 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-03-19 16:23 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2011-03-19 16:23 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 08:18 . 2011-03-19 17:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-13 04:38 . 2012-03-19 21:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-03-28 22:22 718848 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 150552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-09 495708]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-07-02 602680]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"ZumoDrive"="c:\program files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk" [2010-07-28 2038]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Media Suite.lnk - c:\program files\Hewlett-Packard\HP Media Suite\Home\ArcStart.exe [2010-4-1 91648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07 204800]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [2009-11-11 18136]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-07-01 338168]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-05-07 230944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B}]
2010-06-23 17:47 687104 ----a-w- c:\program files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B}]
2009-07-14 01:14 141824 ----a-w- c:\windows\System32\wscript.exe
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{88849F3B-7B3F-482D-B6D8-C3CAE3E55DD8}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Mini-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\7af0eigr.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1380)
c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
.
Zeit der Fertigstellung: 2012-04-13 09:31:59
ComboFix-quarantined-files.txt 2012-04-13 07:31
.
Vor Suchlauf: 12 Verzeichnis(se), 190.523.564.032 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 190.446.522.368 Bytes frei
.
- - End Of File - - D378C32131BC01A9B33200AA07557A2D
|
|
13.04.2012, 11:31
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SMART_HDD und schwarzer Bildschirm Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu SMART_HDD und schwarzer Bildschirm |
| angebliche, avast, bildschirm, dateisystem, explorer, fehlermeldungen, festplatte, gen, hallo zusammen, heuristiks/extra, heuristiks/shuriken, maus, maustaste, mozilla, papierkorb, platte, rechte, scan, scanner, schwarze, schwarzer, schwarzer bildschirm, situation, smart, windows, windows 7, windows 7 starter, zusammen, öffnen |
Linear-Darstellung
