Ukash Windows Secure Trojaner eingefangen, und nun?

Mustang81 · 20.05.2012, 13:53

Hallo Community,
Ich habe mir heut morgen den Ukash Windows Security Virus eingefangen, und hab nun unbedacht einige Datein manuell gelöscht. beim Scan über Kaspersky wurde gemeldet, das die Datein gefunden wurden, aber nicht gelöscht werden können. hier mal die Logs von DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0
Run by Mustang-Mobil at 14:39:40 on 2012-05-20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1033.18.3836.1992 [GMT 2:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
c:\Program Files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe
C:\windows\system32\lxddcoms.exe
C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\wuauclt.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
mWinlogon: Userinit=userinit.exe,
BHO: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: IE5BarLauncherBHO Class: {78f3a323-798e-4aea-9a57-88f4b05fd5dd} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
TB: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: QuickStores-Toolbar: {10edb994-47f8-43f7-ae96-f2ea63e9f90f} - mscoree.dll
TB: VShareToolBar: {7ac3e13b-3bca-4158-b330-f66dbb03c1b5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
TB: loadtbs: {dfefcdee-cf1a-4fc8-88ad-129872198372} - C:\Users\Mustang-Mobil\AppData\Roaming\loadtbs\toolbar.dll
TB: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
uRun: [782B1C26] C:\Users\Mustang-Mobil\AppData\Roaming\Gdgnpynpsu\14F5FAAD782B1C26D06F.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TMMONI~1.LNK - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
uPolicies-system: <NO NAME> =
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - C:\Users\Mustang-Mobil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
TCP: DhcpNameServer = 80.69.100.214 80.69.100.230
TCP: Interfaces\{2C68BD31-19C4-4FFD-B4F5-0A52518DAF3D} : DhcpNameServer = 192.168.43.1
TCP: Interfaces\{2C68BD31-19C4-4FFD-B4F5-0A52518DAF3D}\4516E6A61637D29627275637D275C414E4 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{2C68BD31-19C4-4FFD-B4F5-0A52518DAF3D}\64F62746563736F62747 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3624C1DF-8BA0-4D46-BF9B-450C07B89BAB} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{62374014-7B22-444C-956C-25DBE7D46542} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{6C2C1480-E1BE-43E4-98ED-FDF5BEE17DDE} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{805C8F04-78C0-46B3-835B-2263BD210FA2} : DhcpNameServer = 80.69.100.214 80.69.100.230
TCP: Interfaces\{809B2854-6F90-4EAE-8AC9-1A80B05F7A2E} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{B8AE499B-B810-408E-B440-B344EC45240C} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C80EE47A-AD7A-4085-AFF2-CA452C64E2F3} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{CB36B0DC-8806-4DCC-8F1E-3D9FCF1B6935} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D09135F6-BB75-42D0-8854-B42CA44B49AA} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D4597125-8867-4693-8809-10D6CA7B0FA7} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E4801499-8E11-4C92-BBEF-3FDB8CCBAC1F} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E497D829-5F77-4385-9BF7-222B91BBDEA5} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{F0E902F6-65FB-4306-B140-DFC583F23AA5} : DhcpNameServer = 192.168.42.129
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
BHO-X64: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
BHO-X64: GIGA Deutsch - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: IE5BarLauncherBHO Class: {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Sopcast Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
TB-X64: Sopcast Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll
TB-X64: VShareToolBar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
TB-X64: loadtbs: {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Mustang-Mobil\AppData\Roaming\loadtbs\toolbar.dll
TB-X64: GIGA Deutsch Toolbar: {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - C:\Program Files (x86)\GIGA_Deutsch\prxtbGIGA.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mustang-Mobil\AppData\Roaming\Mozilla\Firefox\Profiles\ojhvxj6r.default\
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: C:\Users\Mustang-Mobil\AppData\Roaming\Mozilla\Firefox\Profiles\ojhvxj6r.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\FFExternalAlert.dll
FF - component: C:\Users\Mustang-Mobil\AppData\Roaming\Mozilla\Firefox\Profiles\ojhvxj6r.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Mustang-Mobil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Mustang-Mobil\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R0 SmartDefragDriver;SmartDefragDriver;C:\windows\system32\Drivers\SmartDefragDriver.sys --> C:\windows\system32\Drivers\SmartDefragDriver.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-11-2 365336]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-11 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-15 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-11 46448]
R2 fbdpinger;fbdpinger;C:\Program Files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe [2010-6-5 322416]
R2 lxdd_device;lxdd_device;C:\windows\system32\lxddcoms.exe -service --> C:\windows\system32\lxddcoms.exe -service [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-20 654408]
R2 NvtlService;NovaCore SDK Service;C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2009-8-25 82432]
R2 SearchAnonymizer;SearchAnonymizer;C:\Users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-2-6 40960]
R2 taisregispinger;taisregispinger;C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2009-11-13 297344]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-9 2337144]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-12 252272]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\windows\system32\DRIVERS\teamviewervpn.sys --> C:\windows\system32\DRIVERS\teamviewervpn.sys [?]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-4 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-17 257696]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\system32\Drivers\ssadadb.sys --> C:\windows\system32\Drivers\ssadadb.sys [?]
S3 copperhd;Razer Copperhead Driver;C:\windows\system32\drivers\copperhd.sys --> C:\windows\system32\drivers\copperhd.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudbus.sys --> C:\windows\system32\DRIVERS\ssudbus.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\system32\DRIVERS\ewusbnet.sys --> C:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\windows\system32\DRIVERS\ewusbdev.sys --> C:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 129976]
S3 NWVMModem;Virgin Mobile USB Modem Driver;C:\windows\system32\DRIVERS\nwvmmdm.sys --> C:\windows\system32\DRIVERS\nwvmmdm.sys [?]
S3 NWVMPort;Virgin Mobile USB Status Port Driver;C:\windows\system32\DRIVERS\nwvmser.sys --> C:\windows\system32\DRIVERS\nwvmser.sys [?]
S3 NWVMPort2;Virgin Mobile USB Status2 Port Driver;C:\windows\system32\DRIVERS\nwvmser2.sys --> C:\windows\system32\DRIVERS\nwvmser2.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2011-4-6 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2011-4-6 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2011-4-6 38944]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\system32\DRIVERS\ssadbus.sys --> C:\windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\system32\DRIVERS\ssadmdfl.sys --> C:\windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\system32\DRIVERS\ssadmdm.sys --> C:\windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudmdm.sys --> C:\windows\system32\DRIVERS\ssudmdm.sys [?]
S3 ssudnflt;Remote NDIS Filter Driver;C:\windows\system32\DRIVERS\ssudnflt.sys --> C:\windows\system32\DRIVERS\ssudnflt.sys [?]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-2-7 16392]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-5-11 51512]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== File Associations ===============
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-05-20 11:54:26 -------- d-----w- C:\Users\Mustang-Mobil\AppData\Roaming\Malwarebytes
2012-05-20 11:54:10 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-20 11:54:09 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-05-20 11:54:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-18 18:55:46 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60510378-AB7F-4C30-BE2F-AC904DB125AD}\mpengine.dll
2012-05-11 17:33:59 75632 ----a-w- C:\windows\System32\drivers\partmgr.sys
2012-05-11 17:33:50 1895280 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-05-11 17:33:45 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33:45 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-11 17:33:45 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33:44 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-11 17:33:44 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-04 23:03:32 -------- d-----w- C:\Program Files (x86)\URS Maximum Speed (Deinert & Kracke Gbr)
2012-05-04 19:01:12 8744608 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-27 17:15:15 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-27 17:14:51 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-27 17:14:51 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-26 17:45:59 637848 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
.
==================== Find3M ====================
.
2012-05-04 19:01:36 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-04 19:01:36 419488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-04-26 17:45:19 567696 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-04-02 05:34:04 5504880 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\windows\System32\win32k.sys
2012-03-17 19:28:49 178800 ----a-w- C:\windows\SysWow64\CmdLineExt_x64.dll
2012-03-03 06:29:57 1541120 ----a-w- C:\windows\System32\DWrite.dll
2012-03-03 06:29:42 320512 ----a-w- C:\windows\System32\d3d10_1core.dll
2012-03-03 06:29:42 197120 ----a-w- C:\windows\System32\d3d10_1.dll
2012-03-03 06:29:42 1837568 ----a-w- C:\windows\System32\d3d10warp.dll
2012-03-03 06:29:41 902656 ----a-w- C:\windows\System32\d2d1.dll
2012-03-03 05:40:21 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-03 05:40:10 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2012-03-03 05:40:09 739840 ----a-w- C:\windows\SysWow64\d2d1.dll
2012-03-03 05:40:09 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2012-03-03 05:40:09 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2012-03-01 06:54:38 22896 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2012-03-01 06:45:41 220672 ----a-w- C:\windows\System32\wintrust.dll
2012-03-01 06:40:14 80896 ----a-w- C:\windows\System32\imagehlp.dll
2012-03-01 06:35:16 5120 ----a-w- C:\windows\System32\wmi.dll
2012-03-01 05:49:05 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-03-01 05:45:05 158720 ----a-w- C:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40:44 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-02-23 08:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 14:44:39,77 ===============

Die ATTACH File:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 05.06.2010 07:47:07
System Uptime: 20.05.2012 14:24:53 (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: AMD Turion(tm) II Dual-Core Mobile M500 | Socket S1G3 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 28,665 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP469: 13.05.2012 23:19:13 - Windows Backup
RP470: 15.05.2012 19:40:17 - Windows Update
RP471: 18.05.2012 20:53:25 - Windows Update
RP472: 20.05.2012 05:01:20 - osoft Security Update 018437-15420
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
3D Kirmesworld - Airwolf Eberhard V. 3.0
3D Xtreme Mega Rides - Devil Rock 1.0
7-Zip 9.20
AC3Filter 1.63b
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.0
Advanced Tactical Center™ 1.0
Airline Tycoon 2 Patch v1.10
AIRLINE7
Apple Application Support
Apple Software Update
ArcSoft TotalMedia 3.5
Ask Toolbar
ATI Catalyst Registration
Battlefield: Bad Company™ 2
Broadband2Go
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
ChicagoFlights_KORD_Update
Command & Conquer 3
Compatibility Pack for the 2007 Office system
Direct Show Ogg Vorbis Filter (remove only)
DivX-Setup
Driver San Francisco
EVEREST Home Edition v2.20
Facebook Plug-In
Facebook Video Calling 1.2.0.159
FIFA 11
Free YouTube to MP3 Converter version 3.10.15.1228
FSC
FSFDT FSCopilot
FSFDT FSInn
FSX - Boeing 777-200 Basepack
FSX - Boeing 777-200 United Airlines
FUSSBALL MANAGER 12
Future Dance Simulatie v.2
Game Booster
German Railroads - Vol 2 - Rollbahn
GIANTS Editor 4.1.7
GIGA Deutsch Toolbar
Google Update Helper
Grand Theft Auto: Episodes from Liberty City
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
ICQ Status Checker 1.8
ICQ7.4
Install Führerstand BR 103
InstallVC90Support
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 7 Update 3
Junk Mail filter update
Kaspersky Internet Security 2011
Landwirtschafts Simulator 2011
LEGO Digital Designer
loadtbs-2.1
Mafia II
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes Anti-Malware Version 1.61.0.1400
MegaDev - FM11 Additions V1.1.0.3
MegaTrainer eXperience V1.0.8.3
Microsoft Choice Guard
Microsoft Flight
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Train Simulator
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Mobile Partner
Mozilla Firefox 12.0 (x86 de)
Mozilla Maintenance Service
MSTS Patch 1.7.0519
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser und SDK
NoLimits Coasters 1.7 (remove only)
NoLimits Fairground 1.5 Demo
NVIDIA PhysX
Octava SD4
OpenAL
Pando Media Booster
Polyp Simulation
Power Wave Simulatie
PunkBuster Services
QuickStores-Toolbar 1.2.0
QuickTime
RCT3 Soaked
REALTEK DTV USB DEVICE
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
RollerCoaster Tycoon 3
Roxio Burn
Roxio Express Labeler 3
Roxio Roxio Burn
Roxio Update Manager
Samsung Kies
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Shake And Roll Simulatie v.1.1
Skype Click to Call
Skype™ 5.5
SL-6640 Black Widow Flightstick
Smart Defrag 2
SopCast 3.2.9
SquawkBox
Steam
Summer Party Polyp Simulatie
TeamViewer 6
The Lord of the Rings FREE Trial
Tomb Raider: Underworld 1.1
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TubeBox!
Ubisoft Game Launcher
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
URS 2.0 Airwolf -Eberhard-
URS Flipper (Splitt) v.2.0
VAFINANCIALS 4.0.1.26
VAFS4
vasFMC 2.1
VC80CRTRedist - 8.0.50727.6195
Veetle TV 0.9.18
Virgin Mobile Broadband Modem Drivers
VirtualDJ Home FREE
VLC media player 1.0.5
VoiceOver Kit
VR No.1 Demo #1
vShare.tv plugin 1.3
VshareComplete
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
World of Tanks v.0.6.4
World of Tanks v.0.7.2_CT
.
==== Event Viewer Messages From Past Week ========
.
20.05.2012 14:40:56, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Kaspersky Anti-Virus Service service, but this action failed with the following error: An instance of the service is already running.
20.05.2012 14:40:46, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
20.05.2012 14:32:14, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: After starting, the service hung in a start-pending state.
20.05.2012 14:28:26, Error: Service Control Manager [7022] - The Peer Name Resolution Protocol service hung on starting.
20.05.2012 14:25:08, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
20.05.2012 14:25:08, Error: atikmdag [43029] - Display is not active
20.05.2012 14:15:19, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
20.05.2012 06:18:01, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
20.05.2012 05:56:14, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:56:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
20.05.2012 05:56:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
20.05.2012 05:56:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
20.05.2012 05:56:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
20.05.2012 05:56:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
20.05.2012 05:56:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
20.05.2012 05:54:25, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache kl2 KLIF KLIM6 NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
20.05.2012 05:54:24, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
20.05.2012 05:52:08, Error: sptd [4] - Driver detected an internal error in its data structures for .
20.05.2012 05:45:14, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
20.05.2012 05:44:44, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting.
19.05.2012 19:54:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
19.05.2012 19:54:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
18.05.2012 20:47:46, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
18.05.2012 20:47:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
16.05.2012 21:28:15, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
15.05.2012 23:20:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Kaspersky Anti-Virus Service service to connect.
15.05.2012 23:20:28, Error: Service Control Manager [7000] - The Kaspersky Anti-Virus Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
15.05.2012 23:17:28, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service.
13.05.2012 23:11:52, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
.
==== End Of File ===========================

Psychotic · 21.05.2012, 10:48

Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass du clean bist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren) - wenn du die anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!
Poste die Logfiles direkt in deinen Thread. Nicht anhängen, außer, ich fordere dich dazu auf. Erschwert mir nämlich das Auswerten.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1: aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Schritt 2: Scan mit TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe
Klicke Change parameters, wähle Detect TDLFS file system, klicke OK.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Mustang81 · 22.05.2012, 04:19

Gemacht wie beschrieben: Ergebnisse:

aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-22 00:52:34
-----------------------------
00:52:34.767 OS Version: Windows x64 6.1.7600
00:52:34.767 Number of processors: 2 586 0x602
00:52:34.770 ComputerName: MUSTANGMOBIL UserName:
00:54:07.664 Initialize success
00:55:31.880 AVAST engine defs: 12052101
00:55:55.056 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
00:55:55.060 Disk 0 Vendor: FUJITSU_MJA2320BH_G2 00400018 Size: 305245MB BusType: 11
00:55:55.077 Disk 0 MBR read successfully
00:55:55.081 Disk 0 MBR scan
00:55:55.104 Disk 0 Windows VISTA default MBR code
00:55:55.134 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
00:55:55.149 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 294514 MB offset 3074048
00:55:55.177 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 9230 MB offset 606238720
00:55:55.214 Disk 0 scanning C:\windows\system32\drivers
00:56:10.502 Service scanning
00:56:51.480 Modules scanning
00:56:51.488 Disk 0 trace - called modules:
00:56:51.532 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:56:51.864 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800432f060]
00:56:51.869 3 CLASSPNP.SYS[fffff8800216c43f] -> nt!IofCallDriver -> [0xfffffa8004332560]
00:56:51.874 5 ACPI.sys[fffff88000f48781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004308060]
00:56:53.427 AVAST engine scan C:\windows
00:56:57.918 AVAST engine scan C:\windows\system32
01:01:16.761 AVAST engine scan C:\windows\system32\drivers
01:01:35.873 AVAST engine scan C:\Users\Mustang-Mobil
01:33:41.183 AVAST engine scan C:\ProgramData
01:46:52.278 Scan finished successfully
05:13:37.096 Disk 0 MBR has been saved successfully to "C:\Users\Mustang-Mobil\Desktop\MBR.dat"
05:13:37.101 The log file has been saved successfully to "C:\Users\Mustang-Mobil\Desktop\aswMBR.txt"

TDSS-Killer:
05:14:47.0721 1512 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
05:14:47.0979 1512 ============================================================
05:14:47.0979 1512 Current date / time: 2012/05/22 05:14:47.0979
05:14:47.0980 1512 SystemInfo:
05:14:47.0980 1512
05:14:47.0980 1512 OS Version: 6.1.7600 ServicePack: 0.0
05:14:47.0980 1512 Product type: Workstation
05:14:47.0980 1512 ComputerName: MUSTANGMOBIL
05:14:47.0981 1512 UserName: Mustang-Mobil
05:14:47.0981 1512 Windows directory: C:\windows
05:14:47.0981 1512 System windows directory: C:\windows
05:14:47.0981 1512 Running under WOW64
05:14:47.0981 1512 Processor architecture: Intel x64
05:14:47.0981 1512 Number of processors: 2
05:14:47.0981 1512 Page size: 0x1000
05:14:47.0981 1512 Boot type: Normal boot
05:14:47.0981 1512 ============================================================
05:14:49.0492 1512 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:14:49.0551 1512 ============================================================
05:14:49.0551 1512 \Device\Harddisk0\DR0:
05:14:49.0558 1512 MBR partitions:
05:14:49.0558 1512 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23F39000
05:14:49.0558 1512 ============================================================
05:14:49.0578 1512 C: <-> \Device\Harddisk0\DR0\Partition0
05:14:49.0579 1512 ============================================================
05:14:49.0579 1512 Initialize success
05:14:49.0579 1512 ============================================================
05:15:38.0047 5924 ============================================================
05:15:38.0047 5924 Scan started
05:15:38.0047 5924 Mode: Manual; TDLFS;
05:15:38.0047 5924 ============================================================
05:15:41.0617 5924 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
05:15:41.0626 5924 1394ohci - ok
05:15:41.0794 5924 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
05:15:41.0811 5924 ACDaemon - ok
05:15:41.0865 5924 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
05:15:41.0878 5924 ACPI - ok
05:15:41.0904 5924 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
05:15:41.0907 5924 AcpiPmi - ok
05:15:42.0046 5924 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
05:15:42.0050 5924 AdobeFlashPlayerUpdateSvc - ok
05:15:42.0134 5924 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
05:15:42.0162 5924 adp94xx - ok
05:15:42.0215 5924 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
05:15:42.0228 5924 adpahci - ok
05:15:42.0272 5924 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
05:15:42.0284 5924 adpu320 - ok
05:15:42.0319 5924 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
05:15:42.0327 5924 AeLookupSvc - ok
05:15:42.0466 5924 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
05:15:42.0470 5924 Afc - ok
05:15:42.0567 5924 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
05:15:42.0594 5924 AFD - ok
05:15:42.0711 5924 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
05:15:42.0736 5924 AgereSoftModem - ok
05:15:42.0759 5924 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
05:15:42.0767 5924 agp440 - ok
05:15:42.0803 5924 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
05:15:42.0810 5924 ALG - ok
05:15:42.0829 5924 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
05:15:42.0831 5924 aliide - ok
05:15:42.0878 5924 AMD External Events Utility (98a2774d3f18c107874c8c1163ebe484) C:\windows\system32\atiesrxx.exe
05:15:42.0890 5924 AMD External Events Utility - ok
05:15:42.0915 5924 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
05:15:42.0918 5924 amdide - ok
05:15:42.0950 5924 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
05:15:42.0957 5924 AmdK8 - ok
05:15:42.0979 5924 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
05:15:42.0982 5924 AmdPPM - ok
05:15:43.0043 5924 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
05:15:43.0059 5924 amdsata - ok
05:15:43.0104 5924 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
05:15:43.0115 5924 amdsbs - ok
05:15:43.0132 5924 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
05:15:43.0136 5924 amdxata - ok
05:15:43.0193 5924 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\windows\system32\Drivers\ssadadb.sys
05:15:43.0197 5924 androidusb - ok
05:15:43.0283 5924 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
05:15:43.0286 5924 AppID - ok
05:15:43.0317 5924 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
05:15:43.0320 5924 AppIDSvc - ok
05:15:43.0335 5924 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
05:15:43.0342 5924 Appinfo - ok
05:15:43.0501 5924 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:15:43.0505 5924 Apple Mobile Device - ok
05:15:43.0541 5924 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
05:15:43.0547 5924 arc - ok
05:15:43.0582 5924 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
05:15:43.0598 5924 arcsas - ok
05:15:43.0629 5924 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
05:15:43.0632 5924 AsyncMac - ok
05:15:43.0645 5924 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
05:15:43.0647 5924 atapi - ok
05:15:43.0768 5924 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
05:15:43.0815 5924 athr - ok
05:15:44.0424 5924 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys
05:15:44.0551 5924 atikmdag - ok
05:15:44.0698 5924 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
05:15:44.0700 5924 AtiPcie - ok
05:15:44.0781 5924 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
05:15:44.0808 5924 AudioEndpointBuilder - ok
05:15:44.0817 5924 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
05:15:44.0822 5924 AudioSrv - ok
05:15:44.0949 5924 AVP (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
05:15:44.0956 5924 AVP - ok
05:15:45.0002 5924 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
05:15:45.0007 5924 AxInstSV - ok
05:15:45.0075 5924 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
05:15:45.0092 5924 b06bdrv - ok
05:15:45.0132 5924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
05:15:45.0149 5924 b57nd60a - ok
05:15:45.0189 5924 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
05:15:45.0194 5924 BDESVC - ok
05:15:45.0218 5924 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
05:15:45.0221 5924 Beep - ok
05:15:45.0338 5924 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll
05:15:45.0360 5924 BFE - ok
05:15:45.0464 5924 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll
05:15:45.0491 5924 BITS - ok
05:15:45.0546 5924 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
05:15:45.0549 5924 blbdrive - ok
05:15:45.0609 5924 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
05:15:45.0614 5924 bowser - ok
05:15:45.0638 5924 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
05:15:45.0641 5924 BrFiltLo - ok
05:15:45.0653 5924 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
05:15:45.0655 5924 BrFiltUp - ok
05:15:45.0695 5924 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
05:15:45.0709 5924 Browser - ok
05:15:45.0757 5924 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
05:15:45.0775 5924 Brserid - ok
05:15:45.0797 5924 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
05:15:45.0799 5924 BrSerWdm - ok
05:15:45.0809 5924 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
05:15:45.0812 5924 BrUsbMdm - ok
05:15:45.0826 5924 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
05:15:45.0829 5924 BrUsbSer - ok
05:15:45.0861 5924 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
05:15:45.0869 5924 BTHMODEM - ok
05:15:45.0893 5924 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
05:15:45.0899 5924 bthserv - ok
05:15:45.0936 5924 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
05:15:45.0941 5924 cdfs - ok
05:15:45.0979 5924 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
05:15:45.0992 5924 cdrom - ok
05:15:46.0031 5924 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
05:15:46.0038 5924 CertPropSvc - ok
05:15:46.0168 5924 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
05:15:46.0171 5924 cfWiMAXService - ok
05:15:46.0197 5924 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
05:15:46.0200 5924 circlass - ok
05:15:46.0269 5924 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
05:15:46.0281 5924 CLFS - ok
05:15:46.0341 5924 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:15:46.0349 5924 clr_optimization_v2.0.50727_32 - ok
05:15:46.0398 5924 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:15:46.0404 5924 clr_optimization_v2.0.50727_64 - ok
05:15:46.0468 5924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:15:46.0471 5924 clr_optimization_v4.0.30319_32 - ok
05:15:46.0508 5924 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:15:46.0522 5924 clr_optimization_v4.0.30319_64 - ok
05:15:46.0550 5924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
05:15:46.0552 5924 CmBatt - ok
05:15:46.0570 5924 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
05:15:46.0572 5924 cmdide - ok
05:15:46.0673 5924 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
05:15:46.0690 5924 CNG - ok
05:15:46.0723 5924 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
05:15:46.0725 5924 Compbatt - ok
05:15:46.0743 5924 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
05:15:46.0746 5924 CompositeBus - ok
05:15:46.0755 5924 COMSysApp - ok
05:15:46.0874 5924 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
05:15:46.0879 5924 ConfigFree Gadget Service - ok
05:15:46.0891 5924 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
05:15:46.0894 5924 ConfigFree Service - ok
05:15:46.0949 5924 copperhd (71879a4ab90d21bccf9e3cfcf0bb5f4a) C:\windows\system32\drivers\copperhd.sys
05:15:46.0950 5924 copperhd - ok
05:15:46.0976 5924 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
05:15:46.0979 5924 crcdisk - ok
05:15:47.0045 5924 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
05:15:47.0057 5924 CryptSvc - ok
05:15:47.0140 5924 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
05:15:47.0155 5924 DcomLaunch - ok
05:15:47.0200 5924 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
05:15:47.0216 5924 defragsvc - ok
05:15:47.0274 5924 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
05:15:47.0291 5924 DfsC - ok
05:15:47.0329 5924 dgderdrv - ok
05:15:47.0387 5924 dg_ssudbus (a64cc0b5d93f25bf5d052a1febe71e68) C:\windows\system32\DRIVERS\ssudbus.sys
05:15:47.0394 5924 dg_ssudbus - ok
05:15:47.0452 5924 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
05:15:47.0467 5924 Dhcp - ok
05:15:47.0490 5924 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
05:15:47.0492 5924 discache - ok
05:15:47.0523 5924 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
05:15:47.0530 5924 Disk - ok
05:15:47.0597 5924 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll
05:15:47.0608 5924 Dnscache - ok
05:15:47.0649 5924 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
05:15:47.0657 5924 dot3svc - ok
05:15:47.0679 5924 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
05:15:47.0693 5924 DPS - ok
05:15:47.0724 5924 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
05:15:47.0727 5924 drmkaud - ok
05:15:47.0849 5924 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
05:15:47.0884 5924 DXGKrnl - ok
05:15:47.0921 5924 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
05:15:47.0937 5924 EapHost - ok
05:15:48.0217 5924 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
05:15:48.0281 5924 ebdrv - ok
05:15:48.0671 5924 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe
05:15:48.0679 5924 EFS - ok
05:15:48.0779 5924 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe
05:15:48.0808 5924 ehRecvr - ok
05:15:48.0841 5924 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
05:15:48.0856 5924 ehSched - ok
05:15:48.0948 5924 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
05:15:48.0972 5924 elxstor - ok
05:15:48.0997 5924 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
05:15:48.0999 5924 ErrDev - ok
05:15:49.0063 5924 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
05:15:49.0095 5924 EventSystem - ok
05:15:49.0166 5924 ewusbnet (8adacffad67394c711698ea074ce3bab) C:\windows\system32\DRIVERS\ewusbnet.sys
05:15:49.0185 5924 ewusbnet - ok
05:15:49.0240 5924 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
05:15:49.0252 5924 exfat - ok
05:15:49.0278 5924 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
05:15:49.0288 5924 fastfat - ok
05:15:49.0371 5924 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
05:15:49.0406 5924 Fax - ok
05:15:49.0539 5924 fbdpinger (54984a631463aa7db9090788122a0aff) c:\Program Files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe
05:15:49.0555 5924 fbdpinger - ok
05:15:49.0582 5924 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
05:15:49.0584 5924 fdc - ok
05:15:49.0607 5924 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
05:15:49.0610 5924 fdPHost - ok
05:15:49.0628 5924 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
05:15:49.0631 5924 FDResPub - ok
05:15:49.0653 5924 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
05:15:49.0661 5924 FileInfo - ok
05:15:49.0681 5924 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
05:15:49.0683 5924 Filetrace - ok
05:15:49.0704 5924 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
05:15:49.0707 5924 flpydisk - ok
05:15:49.0750 5924 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
05:15:49.0766 5924 FltMgr - ok
05:15:49.0897 5924 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll
05:15:49.0942 5924 FontCache - ok
05:15:49.0993 5924 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:15:49.0995 5924 FontCache3.0.0.0 - ok
05:15:50.0041 5924 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
05:15:50.0048 5924 FsDepends - ok
05:15:50.0087 5924 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys
05:15:50.0089 5924 Fs_Rec - ok
05:15:50.0147 5924 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
05:15:50.0157 5924 fvevol - ok
05:15:50.0187 5924 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
05:15:50.0191 5924 FwLnk - ok
05:15:50.0221 5924 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
05:15:50.0224 5924 gagp30kx - ok
05:15:50.0249 5924 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
05:15:50.0252 5924 GEARAspiWDM - ok
05:15:50.0325 5924 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
05:15:50.0346 5924 gpsvc - ok
05:15:50.0468 5924 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:15:50.0470 5924 gupdate - ok
05:15:50.0502 5924 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:15:50.0505 5924 gupdatem - ok
05:15:50.0530 5924 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
05:15:50.0533 5924 hcw85cir - ok
05:15:50.0587 5924 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
05:15:50.0600 5924 HdAudAddService - ok
05:15:50.0639 5924 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
05:15:50.0654 5924 HDAudBus - ok
05:15:50.0687 5924 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
05:15:50.0689 5924 HidBatt - ok
05:15:50.0709 5924 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
05:15:50.0725 5924 HidBth - ok
05:15:50.0749 5924 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
05:15:50.0752 5924 HidIr - ok
05:15:50.0773 5924 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
05:15:50.0782 5924 hidserv - ok
05:15:50.0818 5924 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
05:15:50.0820 5924 HidUsb - ok
05:15:50.0838 5924 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
05:15:50.0854 5924 hkmsvc - ok
05:15:50.0890 5924 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
05:15:50.0899 5924 HomeGroupListener - ok
05:15:50.0937 5924 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
05:15:50.0948 5924 HomeGroupProvider - ok
05:15:50.0988 5924 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
05:15:50.0994 5924 HpSAMD - ok
05:15:51.0066 5924 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
05:15:51.0088 5924 HTTP - ok
05:15:51.0180 5924 hwdatacard (d969d0e26c5b1e813b17066a8318d5d4) C:\windows\system32\DRIVERS\ewusbmdm.sys
05:15:51.0196 5924 hwdatacard - ok
05:15:51.0213 5924 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
05:15:51.0215 5924 hwpolicy - ok
05:15:51.0292 5924 hwusbdev (b45b3647ba32749b94fa689175ec8c26) C:\windows\system32\DRIVERS\ewusbdev.sys
05:15:51.0307 5924 hwusbdev - ok
05:15:51.0357 5924 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
05:15:51.0373 5924 i8042prt - ok
05:15:51.0461 5924 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
05:15:51.0481 5924 iaStorV - ok
05:15:51.0646 5924 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:15:51.0653 5924 IDriverT - ok
05:15:51.0780 5924 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:15:51.0807 5924 idsvc - ok
05:15:51.0939 5924 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
05:15:51.0942 5924 iirsp - ok
05:15:52.0027 5924 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
05:15:52.0054 5924 IKEEXT - ok
05:15:52.0256 5924 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys
05:15:52.0305 5924 IntcAzAudAddService - ok
05:15:52.0447 5924 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
05:15:52.0449 5924 intelide - ok
05:15:52.0477 5924 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
05:15:52.0480 5924 intelppm - ok
05:15:52.0519 5924 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
05:15:52.0524 5924 IPBusEnum - ok
05:15:52.0549 5924 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
05:15:52.0555 5924 IpFilterDriver - ok
05:15:52.0620 5924 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll
05:15:52.0641 5924 iphlpsvc - ok
05:15:52.0668 5924 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
05:15:52.0675 5924 IPMIDRV - ok
05:15:52.0715 5924 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
05:15:52.0731 5924 IPNAT - ok
05:15:52.0854 5924 iPod Service (f8e8676d1b6b2cc12df9aa6b1a43d929) C:\Program Files\iPod\bin\iPodService.exe
05:15:52.0875 5924 iPod Service - ok
05:15:52.0911 5924 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
05:15:52.0913 5924 IRENUM - ok
05:15:52.0933 5924 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
05:15:52.0935 5924 isapnp - ok
05:15:52.0969 5924 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
05:15:52.0979 5924 iScsiPrt - ok
05:15:52.0997 5924 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
05:15:53.0005 5924 kbdclass - ok
05:15:53.0037 5924 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
05:15:53.0039 5924 kbdhid - ok
05:15:53.0096 5924 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
05:15:53.0104 5924 KeyIso - ok
05:15:53.0218 5924 KL1 (8d7120743a0973ceab548b475c9d4289) C:\windows\system32\DRIVERS\kl1.sys
05:15:53.0236 5924 KL1 - ok
05:15:53.0261 5924 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\windows\system32\DRIVERS\kl2.sys
05:15:53.0267 5924 kl2 - ok
05:15:53.0411 5924 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\windows\system32\DRIVERS\klif.sys
05:15:53.0433 5924 KLIF - ok
05:15:53.0501 5924 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\windows\system32\DRIVERS\klim6.sys
05:15:53.0511 5924 KLIM6 - ok
05:15:53.0539 5924 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\windows\system32\DRIVERS\klmouflt.sys
05:15:53.0549 5924 klmouflt - ok
05:15:53.0652 5924 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
05:15:53.0659 5924 KSecDD - ok
05:15:53.0681 5924 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
05:15:53.0694 5924 KSecPkg - ok
05:15:53.0728 5924 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
05:15:53.0730 5924 ksthunk - ok
05:15:53.0792 5924 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
05:15:53.0805 5924 KtmRm - ok
05:15:53.0878 5924 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll
05:15:53.0897 5924 LanmanServer - ok
05:15:53.0932 5924 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
05:15:53.0947 5924 LanmanWorkstation - ok
05:15:53.0978 5924 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
05:15:53.0986 5924 lltdio - ok
05:15:54.0032 5924 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
05:15:54.0047 5924 lltdsvc - ok
05:15:54.0059 5924 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
05:15:54.0063 5924 lmhosts - ok
05:15:54.0109 5924 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
05:15:54.0124 5924 LSI_FC - ok
05:15:54.0142 5924 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
05:15:54.0147 5924 LSI_SAS - ok
05:15:54.0187 5924 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
05:15:54.0194 5924 LSI_SAS2 - ok
05:15:54.0215 5924 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
05:15:54.0231 5924 LSI_SCSI - ok
05:15:54.0261 5924 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
05:15:54.0276 5924 luafv - ok
05:15:54.0291 5924 lxdd_device - ok
05:15:54.0364 5924 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
05:15:54.0368 5924 MBAMProtector - ok
05:15:54.0519 5924 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:15:54.0526 5924 MBAMService - ok
05:15:54.0601 5924 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\windows\system32\DRIVERS\mcdbus.sys
05:15:54.0619 5924 mcdbus - ok
05:15:54.0657 5924 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
05:15:54.0664 5924 Mcx2Svc - ok
05:15:54.0678 5924 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
05:15:54.0680 5924 megasas - ok
05:15:54.0731 5924 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
05:15:54.0747 5924 MegaSR - ok
05:15:54.0789 5924 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
05:15:54.0796 5924 MMCSS - ok
05:15:54.0815 5924 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
05:15:54.0818 5924 Modem - ok
05:15:54.0856 5924 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
05:15:54.0858 5924 monitor - ok
05:15:54.0885 5924 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
05:15:54.0888 5924 mouclass - ok
05:15:54.0913 5924 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
05:15:54.0915 5924 mouhid - ok
05:15:54.0941 5924 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
05:15:54.0947 5924 mountmgr - ok
05:15:55.0066 5924 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:15:55.0081 5924 MozillaMaintenance - ok
05:15:55.0117 5924 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
05:15:55.0130 5924 mpio - ok
05:15:55.0148 5924 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
05:15:55.0154 5924 mpsdrv - ok
05:15:55.0242 5924 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll
05:15:55.0269 5924 MpsSvc - ok
05:15:55.0308 5924 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
05:15:55.0322 5924 MRxDAV - ok
05:15:55.0385 5924 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
05:15:55.0398 5924 mrxsmb - ok
05:15:55.0469 5924 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
05:15:55.0484 5924 mrxsmb10 - ok
05:15:55.0510 5924 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
05:15:55.0525 5924 mrxsmb20 - ok
05:15:55.0560 5924 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
05:15:55.0563 5924 msahci - ok
05:15:55.0592 5924 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
05:15:55.0606 5924 msdsm - ok
05:15:55.0652 5924 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
05:15:55.0665 5924 MSDTC - ok
05:15:55.0692 5924 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
05:15:55.0694 5924 Msfs - ok
05:15:55.0735 5924 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
05:15:55.0737 5924 mshidkmdf - ok
05:15:55.0748 5924 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
05:15:55.0750 5924 msisadrv - ok
05:15:55.0791 5924 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
05:15:55.0805 5924 MSiSCSI - ok
05:15:55.0809 5924 msiserver - ok
05:15:55.0857 5924 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
05:15:55.0859 5924 MSKSSRV - ok
05:15:55.0868 5924 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
05:15:55.0870 5924 MSPCLOCK - ok
05:15:55.0875 5924 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
05:15:55.0878 5924 MSPQM - ok
05:15:55.0926 5924 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
05:15:55.0936 5924 MsRPC - ok
05:15:55.0950 5924 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
05:15:55.0952 5924 mssmbios - ok
05:15:55.0977 5924 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
05:15:55.0980 5924 MSTEE - ok
05:15:55.0999 5924 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
05:15:56.0001 5924 MTConfig - ok
05:15:56.0016 5924 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
05:15:56.0024 5924 Mup - ok
05:15:56.0084 5924 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
05:15:56.0101 5924 napagent - ok
05:15:56.0157 5924 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
05:15:56.0173 5924 NativeWifiP - ok
05:15:56.0262 5924 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
05:15:56.0293 5924 NDIS - ok
05:15:56.0314 5924 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
05:15:56.0316 5924 NdisCap - ok
05:15:56.0341 5924 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
05:15:56.0343 5924 NdisTapi - ok
05:15:56.0364 5924 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
05:15:56.0367 5924 Ndisuio - ok
05:15:56.0395 5924 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
05:15:56.0407 5924 NdisWan - ok
05:15:56.0415 5924 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
05:15:56.0418 5924 NDProxy - ok
05:15:56.0449 5924 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
05:15:56.0452 5924 NetBIOS - ok
05:15:56.0481 5924 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
05:15:56.0498 5924 NetBT - ok
05:15:56.0563 5924 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
05:15:56.0572 5924 Netlogon - ok
05:15:56.0637 5924 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
05:15:56.0649 5924 Netman - ok
05:15:56.0697 5924 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
05:15:56.0714 5924 netprofm - ok
05:15:56.0792 5924 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:15:56.0809 5924 NetTcpPortSharing - ok
05:15:56.0850 5924 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
05:15:56.0858 5924 nfrd960 - ok
05:15:56.0919 5924 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
05:15:56.0933 5924 NlaSvc - ok
05:15:56.0955 5924 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
05:15:56.0958 5924 Npfs - ok
05:15:56.0973 5924 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
05:15:56.0976 5924 nsi - ok
05:15:56.0987 5924 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
05:15:56.0990 5924 nsiproxy - ok
05:15:57.0168 5924 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
05:15:57.0202 5924 Ntfs - ok
05:15:57.0336 5924 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
05:15:57.0338 5924 Null - ok
05:15:57.0407 5924 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
05:15:57.0421 5924 nvraid - ok
05:15:57.0479 5924 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
05:15:57.0493 5924 nvstor - ok
05:15:57.0617 5924 NvtlService (23e6a6a7d4930b70d9fffd371450ef1c) C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
05:15:57.0635 5924 NvtlService - ok
05:15:57.0688 5924 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
05:15:57.0704 5924 nv_agp - ok
05:15:57.0757 5924 NWVMModem (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwvmmdm.sys
05:15:57.0766 5924 NWVMModem - ok
05:15:57.0808 5924 NWVMPort (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwvmser.sys
05:15:57.0817 5924 NWVMPort - ok
05:15:57.0856 5924 NWVMPort2 (a3fadcf96abf4803e7a946cd48641ac3) C:\windows\system32\DRIVERS\nwvmser2.sys
05:15:57.0865 5924 NWVMPort2 - ok
05:15:57.0981 5924 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:15:58.0002 5924 odserv - ok
05:15:58.0038 5924 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
05:15:58.0045 5924 ohci1394 - ok
05:15:58.0102 5924 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:15:58.0106 5924 ose - ok
05:15:58.0159 5924 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
05:15:58.0172 5924 p2pimsvc - ok
05:15:58.0235 5924 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
05:15:58.0252 5924 p2psvc - ok
05:15:58.0289 5924 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
05:15:58.0295 5924 Parport - ok
05:15:58.0344 5924 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\windows\system32\drivers\partmgr.sys
05:15:58.0351 5924 partmgr - ok
05:15:58.0388 5924 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
05:15:58.0398 5924 PcaSvc - ok
05:15:58.0437 5924 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
05:15:58.0447 5924 pci - ok
05:15:58.0460 5924 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
05:15:58.0463 5924 pciide - ok
05:15:58.0496 5924 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
05:15:58.0505 5924 pcmcia - ok
05:15:58.0523 5924 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
05:15:58.0531 5924 pcw - ok
05:15:58.0606 5924 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
05:15:58.0622 5924 PEAUTH - ok
05:15:59.0105 5924 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
05:15:59.0109 5924 PerfHost - ok
05:15:59.0245 5924 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
05:15:59.0249 5924 PGEffect - ok
05:15:59.0383 5924 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
05:15:59.0424 5924 pla - ok
05:15:59.0516 5924 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll
05:15:59.0548 5924 PlugPlay - ok
05:15:59.0569 5924 PnkBstrA - ok
05:15:59.0587 5924 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
05:15:59.0590 5924 PNRPAutoReg - ok
05:15:59.0626 5924 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
05:15:59.0630 5924 PNRPsvc - ok
05:15:59.0693 5924 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
05:15:59.0721 5924 PolicyAgent - ok
05:15:59.0760 5924 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
05:15:59.0772 5924 Power - ok
05:15:59.0836 5924 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
05:15:59.0851 5924 PptpMiniport - ok
05:15:59.0882 5924 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
05:15:59.0889 5924 Processor - ok
05:15:59.0947 5924 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
05:15:59.0957 5924 ProfSvc - ok
05:16:00.0009 5924 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
05:16:00.0017 5924 ProtectedStorage - ok
05:16:00.0067 5924 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
05:16:00.0081 5924 Psched - ok
05:16:00.0113 5924 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
05:16:00.0121 5924 PxHlpa64 - ok
05:16:00.0267 5924 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
05:16:00.0309 5924 ql2300 - ok
05:16:00.0459 5924 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
05:16:00.0473 5924 ql40xx - ok
05:16:00.0522 5924 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
05:16:00.0541 5924 QWAVE - ok
05:16:00.0557 5924 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
05:16:00.0565 5924 QWAVEdrv - ok
05:16:00.0584 5924 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
05:16:00.0588 5924 RasAcd - ok
05:16:00.0629 5924 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
05:16:00.0637 5924 RasAgileVpn - ok
05:16:00.0659 5924 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
05:16:00.0675 5924 RasAuto - ok
05:16:00.0711 5924 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
05:16:00.0726 5924 Rasl2tp - ok
05:16:00.0770 5924 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
05:16:00.0783 5924 RasMan - ok
05:16:00.0813 5924 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
05:16:00.0819 5924 RasPppoe - ok
05:16:00.0847 5924 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
05:16:00.0853 5924 RasSstp - ok
05:16:00.0885 5924 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
05:16:00.0901 5924 rdbss - ok
05:16:00.0919 5924 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
05:16:00.0922 5924 rdpbus - ok
05:16:00.0939 5924 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
05:16:00.0942 5924 RDPCDD - ok
05:16:00.0969 5924 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
05:16:00.0972 5924 RDPENCDD - ok
05:16:00.0979 5924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
05:16:00.0982 5924 RDPREFMP - ok
05:16:01.0053 5924 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys
05:16:01.0063 5924 RDPWD - ok
05:16:01.0112 5924 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
05:16:01.0122 5924 rdyboost - ok
05:16:01.0152 5924 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
05:16:01.0168 5924 RemoteAccess - ok
05:16:01.0201 5924 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
05:16:01.0214 5924 RemoteRegistry - ok
05:16:01.0248 5924 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
05:16:01.0256 5924 RpcEptMapper - ok
05:16:01.0284 5924 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
05:16:01.0288 5924 RpcLocator - ok
05:16:01.0358 5924 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
05:16:01.0365 5924 RpcSs - ok
05:16:01.0440 5924 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
05:16:01.0446 5924 rspndr - ok
05:16:01.0528 5924 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys
05:16:01.0538 5924 RSUSBSTOR - ok
05:16:01.0599 5924 RTL2832UBDA (9b7514eede8d7916aa5c8ab4cec57d9e) C:\windows\system32\drivers\RTL2832UBDA.sys
05:16:01.0613 5924 RTL2832UBDA - ok
05:16:01.0709 5924 RTL2832UUSB (df9bedf967b3b6727b0db75c29e3ac2b) C:\windows\system32\Drivers\RTL2832UUSB.sys
05:16:01.0718 5924 RTL2832UUSB - ok
05:16:01.0774 5924 RTL2832U_IRHID (19faa5e7cf3d5263f4e79450a03e50ca) C:\windows\system32\DRIVERS\RTL2832U_IRHID.sys
05:16:01.0782 5924 RTL2832U_IRHID - ok
05:16:01.0845 5924 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys
05:16:01.0865 5924 RTL8167 - ok
05:16:01.0972 5924 rtl8192se (7cd14bf5b42931fb80bee5d3e6ba7089) C:\windows\system32\DRIVERS\rtl8192se.sys
05:16:02.0004 5924 rtl8192se - ok
05:16:02.0016 5924 RtsUIR - ok
05:16:02.0077 5924 SaiMini (9e7e53891d1747a01f491ab25b95135d) C:\windows\system32\DRIVERS\SaiMini.sys
05:16:02.0081 5924 SaiMini - ok
05:16:02.0150 5924 SaiNtBus (b3b86be19a0caf025f679c39fd21e735) C:\windows\system32\drivers\SaiBus.sys
05:16:02.0153 5924 SaiNtBus - ok
05:16:02.0212 5924 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
05:16:02.0220 5924 SamSs - ok
05:16:02.0254 5924 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
05:16:02.0269 5924 sbp2port - ok
05:16:02.0311 5924 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
05:16:02.0322 5924 SCardSvr - ok
05:16:02.0334 5924 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
05:16:02.0337 5924 scfilter - ok
05:16:02.0472 5924 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll
05:16:02.0503 5924 Schedule - ok
05:16:02.0527 5924 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
05:16:02.0529 5924 SCPolicySvc - ok
05:16:02.0564 5924 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
05:16:02.0576 5924 SDRSVC - ok
05:16:02.0715 5924 SearchAnonymizer (0f4a80438e7286a0e623582f5f2395bd) C:\Users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
05:16:02.0717 5924 SearchAnonymizer - ok
05:16:02.0770 5924 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
05:16:02.0774 5924 secdrv - ok
05:16:02.0791 5924 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
05:16:02.0794 5924 seclogon - ok
05:16:02.0814 5924 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
05:16:02.0821 5924 SENS - ok
05:16:02.0835 5924 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
05:16:02.0839 5924 SensrSvc - ok
05:16:02.0849 5924 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
05:16:02.0853 5924 Serenum - ok
05:16:02.0878 5924 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
05:16:02.0884 5924 Serial - ok
05:16:02.0929 5924 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
05:16:02.0932 5924 sermouse - ok
05:16:02.0965 5924 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
05:16:02.0982 5924 SessionEnv - ok
05:16:02.0999 5924 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
05:16:03.0002 5924 sffdisk - ok
05:16:03.0014 5924 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
05:16:03.0017 5924 sffp_mmc - ok
05:16:03.0022 5924 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys
05:16:03.0026 5924 sffp_sd - ok
05:16:03.0046 5924 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
05:16:03.0049 5924 sfloppy - ok
05:16:03.0116 5924 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
05:16:03.0126 5924 SharedAccess - ok
05:16:03.0174 5924 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
05:16:03.0196 5924 ShellHWDetection - ok
05:16:03.0223 5924 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
05:16:03.0226 5924 SiSRaid2 - ok
05:16:03.0254 5924 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
05:16:03.0261 5924 SiSRaid4 - ok
05:16:03.0415 5924 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
05:16:03.0421 5924 SkypeUpdate - ok
05:16:03.0547 5924 SmartDefragDriver (94ce7845af6a2065b829e0126cd56236) C:\windows\system32\Drivers\SmartDefragDriver.sys
05:16:03.0549 5924 SmartDefragDriver - ok
05:16:03.0580 5924 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
05:16:03.0585 5924 Smb - ok
05:16:03.0623 5924 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
05:16:03.0626 5924 SNMPTRAP - ok
05:16:03.0651 5924 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
05:16:03.0654 5924 spldr - ok
05:16:03.0723 5924 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe
05:16:03.0742 5924 Spooler - ok
05:16:04.0183 5924 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
05:16:04.0272 5924 sppsvc - ok
05:16:04.0383 5924 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
05:16:04.0391 5924 sppuinotify - ok
05:16:04.0543 5924 sptd (602884696850c86434530790b110e8eb) C:\windows\System32\Drivers\sptd.sys
05:16:04.0582 5924 sptd - ok
05:16:04.0667 5924 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
05:16:04.0695 5924 srv - ok
05:16:04.0778 5924 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
05:16:04.0810 5924 srv2 - ok
05:16:04.0872 5924 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
05:16:04.0886 5924 srvnet - ok
05:16:04.0953 5924 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\windows\system32\DRIVERS\ssadbus.sys
05:16:04.0967 5924 ssadbus - ok
05:16:04.0985 5924 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\windows\system32\DRIVERS\ssadmdfl.sys
05:16:04.0991 5924 ssadmdfl - ok
05:16:05.0019 5924 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\windows\system32\DRIVERS\ssadmdm.sys
05:16:05.0031 5924 ssadmdm - ok
05:16:05.0089 5924 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\windows\system32\DRIVERS\sscdbus.sys
05:16:05.0104 5924 sscdbus - ok
05:16:05.0126 5924 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\windows\system32\DRIVERS\sscdmdfl.sys
05:16:05.0129 5924 sscdmdfl - ok
05:16:05.0156 5924 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\windows\system32\DRIVERS\sscdmdm.sys
05:16:05.0169 5924 sscdmdm - ok
05:16:05.0230 5924 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
05:16:05.0241 5924 SSDPSRV - ok
05:16:05.0263 5924 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
05:16:05.0269 5924 SstpSvc - ok
05:16:05.0336 5924 ssudmdm (a3db02b3fe0884e9167e457d167c8a73) C:\windows\system32\DRIVERS\ssudmdm.sys
05:16:05.0347 5924 ssudmdm - ok
05:16:05.0412 5924 ssudnflt (29207b1d7fc5692c2feacf5aab5dc066) C:\windows\system32\DRIVERS\ssudnflt.sys
05:16:05.0414 5924 ssudnflt - ok
05:16:05.0517 5924 Steam Client Service - ok
05:16:05.0544 5924 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
05:16:05.0548 5924 stexstor - ok
05:16:05.0625 5924 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
05:16:05.0657 5924 stisvc - ok
05:16:05.0706 5924 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
05:16:05.0710 5924 stllssvr - ok
05:16:05.0736 5924 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
05:16:05.0739 5924 swenum - ok
05:16:05.0801 5924 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
05:16:05.0827 5924 swprv - ok
05:16:05.0901 5924 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys
05:16:05.0918 5924 SynTP - ok
05:16:06.0079 5924 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
05:16:06.0131 5924 SysMain - ok
05:16:06.0260 5924 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
05:16:06.0278 5924 TabletInputService - ok
05:16:06.0391 5924 taisregispinger (ebda96b7801f93e337f34d1068424790) C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe
05:16:06.0407 5924 taisregispinger - ok
05:16:06.0452 5924 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
05:16:06.0467 5924 TapiSrv - ok
05:16:06.0480 5924 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
05:16:06.0487 5924 TBS - ok
05:16:06.0703 5924 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\drivers\tcpip.sys
05:16:06.0750 5924 Tcpip - ok
05:16:07.0058 5924 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\DRIVERS\tcpip.sys
05:16:07.0070 5924 TCPIP6 - ok
05:16:07.0170 5924 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
05:16:07.0174 5924 tcpipreg - ok
05:16:07.0215 5924 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
05:16:07.0218 5924 tdcmdpst - ok
05:16:07.0228 5924 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
05:16:07.0232 5924 TDPIPE - ok
05:16:07.0275 5924 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys
05:16:07.0278 5924 TDTCP - ok
05:16:07.0319 5924 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
05:16:07.0335 5924 tdx - ok
05:16:07.0627 5924 TeamViewer6 (8a9828975a857e477efef5a61ba45ac0) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
05:16:07.0679 5924 TeamViewer6 - ok
05:16:07.0835 5924 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\windows\system32\DRIVERS\teamviewervpn.sys
05:16:07.0837 5924 teamviewervpn - ok
05:16:07.0866 5924 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
05:16:07.0873 5924 TermDD - ok
05:16:07.0951 5924 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
05:16:07.0958 5924 TermService - ok
05:16:08.0031 5924 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\windows\System32\Drivers\TFsExDisk.sys
05:16:08.0036 5924 TFsExDisk - ok
05:16:08.0058 5924 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
05:16:08.0067 5924 Themes - ok
05:16:08.0104 5924 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
05:16:08.0108 5924 THREADORDER - ok
05:16:08.0212 5924 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
05:16:08.0218 5924 TMachInfo - ok
05:16:08.0254 5924 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
05:16:08.0268 5924 TODDSrv - ok
05:16:08.0375 5924 TosCoSrv (06c61275adc64f1e36240a2287998a5e) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
05:16:08.0392 5924 TosCoSrv - ok
05:16:08.0441 5924 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe
05:16:08.0459 5924 TOSHIBA eco Utility Service - ok
05:16:08.0502 5924 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
05:16:08.0506 5924 TOSHIBA HDD SSD Alert Service - ok
05:16:08.0606 5924 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
05:16:08.0621 5924 tos_sps64 - ok
05:16:08.0716 5924 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
05:16:08.0743 5924 TPCHSrv - ok
05:16:08.0875 5924 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
05:16:08.0890 5924 TrkWks - ok
05:16:08.0929 5924 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
05:16:08.0931 5924 TrustedInstaller - ok
05:16:08.0984 5924 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
05:16:08.0988 5924 tssecsrv - ok
05:16:09.0035 5924 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
05:16:09.0049 5924 tunnel - ok
05:16:09.0231 5924 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
05:16:09.0277 5924 TVALZ - ok
05:16:09.0337 5924 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
05:16:09.0341 5924 TVALZFL - ok
05:16:09.0357 5924 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
05:16:09.0365 5924 uagp35 - ok
05:16:09.0419 5924 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
05:16:09.0477 5924 udfs - ok
05:16:09.0546 5924 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
05:16:09.0555 5924 UI0Detect - ok
05:16:09.0578 5924 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
05:16:09.0586 5924 uliagpkx - ok
05:16:09.0622 5924 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
05:16:09.0631 5924 umbus - ok
05:16:09.0651 5924 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
05:16:09.0655 5924 UmPass - ok
05:16:09.0707 5924 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
05:16:09.0719 5924 upnphost - ok
05:16:09.0772 5924 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
05:16:09.0775 5924 USBAAPL64 - ok
05:16:09.0861 5924 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
05:16:09.0876 5924 usbaudio - ok
05:16:09.0931 5924 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
05:16:09.0947 5924 usbccgp - ok
05:16:09.0966 5924 USBCCID - ok
05:16:10.0004 5924 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
05:16:10.0020 5924 usbcir - ok
05:16:10.0073 5924 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\DRIVERS\usbehci.sys
05:16:10.0081 5924 usbehci - ok
05:16:10.0135 5924 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
05:16:10.0148 5924 usbhub - ok
05:16:10.0165 5924 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\DRIVERS\usbohci.sys
05:16:10.0169 5924 usbohci - ok
05:16:10.0212 5924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
05:16:10.0216 5924 usbprint - ok
05:16:10.0265 5924 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
05:16:10.0267 5924 usbscan - ok
05:16:10.0312 5924 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
05:16:10.0329 5924 USBSTOR - ok
05:16:10.0350 5924 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
05:16:10.0354 5924 usbuhci - ok
05:16:10.0440 5924 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
05:16:10.0452 5924 usbvideo - ok
05:16:10.0497 5924 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\windows\system32\DRIVERS\usb8023x.sys
05:16:10.0499 5924 usb_rndisx - ok
05:16:10.0532 5924 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
05:16:10.0541 5924 UxSms - ok
05:16:10.0591 5924 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
05:16:10.0599 5924 VaultSvc - ok
05:16:10.0633 5924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
05:16:10.0636 5924 vdrvroot - ok
05:16:10.0695 5924 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
05:16:10.0720 5924 vds - ok
05:16:10.0736 5924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
05:16:10.0739 5924 vga - ok
05:16:10.0755 5924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
05:16:10.0758 5924 VgaSave - ok
05:16:10.0794 5924 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
05:16:10.0803 5924 vhdmp - ok
05:16:10.0825 5924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
05:16:10.0828 5924 viaide - ok
05:16:10.0860 5924 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
05:16:10.0866 5924 volmgr - ok
05:16:10.0905 5924 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
05:16:10.0917 5924 volmgrx - ok
05:16:10.0951 5924 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
05:16:10.0956 5924 volsnap - ok
05:16:10.0998 5924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
05:16:11.0010 5924 vsmraid - ok
05:16:11.0155 5924 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
05:16:11.0168 5924 VSS - ok
05:16:11.0308 5924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
05:16:11.0311 5924 vwifibus - ok
05:16:11.0339 5924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
05:16:11.0348 5924 vwififlt - ok
05:16:11.0371 5924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
05:16:11.0374 5924 vwifimp - ok
05:16:11.0440 5924 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
05:16:11.0461 5924 W32Time - ok
05:16:11.0486 5924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
05:16:11.0489 5924 WacomPen - ok
05:16:11.0519 5924 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
05:16:11.0525 5924 WANARP - ok
05:16:11.0529 5924 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
05:16:11.0532 5924 Wanarpv6 - ok
05:16:11.0670 5924 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
05:16:11.0704 5924 WatAdminSvc - ok
05:16:11.0846 5924 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
05:16:11.0880 5924 wbengine - ok
05:16:12.0004 5924 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
05:16:12.0014 5924 WbioSrvc - ok
05:16:12.0092 5924 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll
05:16:12.0114 5924 wcncsvc - ok
05:16:12.0141 5924 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
05:16:12.0150 5924 WcsPlugInService - ok
05:16:12.0198 5924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
05:16:12.0201 5924 Wd - ok
05:16:12.0265 5924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
05:16:12.0292 5924 Wdf01000 - ok
05:16:12.0315 5924 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
05:16:12.0320 5924 WdiServiceHost - ok
05:16:12.0324 5924 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
05:16:12.0328 5924 WdiSystemHost - ok
05:16:12.0401 5924 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll
05:16:12.0419 5924 WebClient - ok
05:16:12.0463 5924 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
05:16:12.0483 5924 Wecsvc - ok
05:16:12.0507 5924 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
05:16:12.0525 5924 wercplsupport - ok
05:16:12.0554 5924 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
05:16:12.0561 5924 WerSvc - ok
05:16:12.0624 5924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
05:16:12.0628 5924 WfpLwf - ok
05:16:12.0650 5924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
05:16:12.0654 5924 WIMMount - ok
05:16:12.0698 5924 WinDefend - ok
05:16:12.0706 5924 WinHttpAutoProxySvc - ok
05:16:12.0772 5924 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
05:16:12.0780 5924 Winmgmt - ok
05:16:12.0964 5924 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
05:16:13.0009 5924 WinRM - ok
05:16:13.0177 5924 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
05:16:13.0180 5924 WinUsb - ok
05:16:13.0269 5924 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
05:16:13.0293 5924 Wlansvc - ok
05:16:13.0576 5924 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:16:13.0630 5924 wlidsvc - ok
05:16:13.0763 5924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
05:16:13.0766 5924 WmiAcpi - ok
05:16:13.0826 5924 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
05:16:13.0836 5924 wmiApSrv - ok
05:16:13.0907 5924 WMPNetworkSvc - ok
05:16:13.0936 5924 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
05:16:13.0940 5924 WPCSvc - ok
05:16:13.0966 5924 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
05:16:13.0980 5924 WPDBusEnum - ok
05:16:14.0009 5924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
05:16:14.0013 5924 ws2ifsl - ok
05:16:14.0062 5924 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\System32\wscsvc.dll
05:16:14.0078 5924 wscsvc - ok
05:16:14.0083 5924 WSearch - ok
05:16:14.0296 5924 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll
05:16:14.0350 5924 wuauserv - ok
05:16:14.0541 5924 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
05:16:14.0557 5924 WudfPf - ok
05:16:14.0586 5924 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
05:16:14.0598 5924 WUDFRd - ok
05:16:14.0625 5924 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
05:16:14.0642 5924 wudfsvc - ok
05:16:14.0674 5924 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
05:16:14.0695 5924 WwanSvc - ok
05:16:14.0750 5924 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\windows\system32\DRIVERS\xusb21.sys
05:16:14.0756 5924 xusb21 - ok
05:16:14.0857 5924 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
05:16:15.0256 5924 \Device\Harddisk0\DR0 - ok
05:16:15.0285 5924 Boot (0x1200) (0c8f079051bcb1fc17e864377f69aa07) \Device\Harddisk0\DR0\Partition0
05:16:15.0287 5924 \Device\Harddisk0\DR0\Partition0 - ok
05:16:15.0287 5924 ============================================================
05:16:15.0287 5924 Scan finished
05:16:15.0287 5924 ============================================================
05:16:15.0299 4936 Detected object count: 0
05:16:15.0299 4936 Actual detected object count: 0

Psychotic · 22.05.2012, 07:26

Combofix

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Psychotic · 24.05.2012, 08:34

Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist

Psychotic · 25.05.2012, 09:25

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Mustang81 · 26.05.2012, 23:08

hier das Resultat von Combofix:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-05-23.05 - Mustang-Mobil 26.05.2012  23:47:23.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1033.18.3836.2632 [GMT 2:00]
ausgeführt von:: c:\users\Mustang-Mobil\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MUSTAN~1\Desktop\WOTTOO~1\WOTTwe~1.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\DRIVERS\RTL2832U_IRHID.sys
c:\windows\SysWow64\system32\DRIVERS\RTL2832UBDA.sys
c:\windows\SysWow64\system32\DRIVERS\RTL2832UUSB.sys
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
c:\windows\SysWow64\winsh320
c:\windows\SysWow64\winsh321
c:\windows\SysWow64\winsh322
c:\windows\SysWow64\winsh323
c:\windows\SysWow64\winsh324
c:\windows\SysWow64\winsh325
c:\windows\UNWISE.EXE
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-26 bis 2012-05-26  ))))))))))))))))))))))))))))))
.
.
2012-05-26 22:00 . 2012-05-26 22:00	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2012-05-26 22:00 . 2012-05-26 22:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-05-26 03:04 . 2012-05-26 03:04	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3D47368-EBDC-4E6C-A20E-22C936DBF420}\offreg.dll
2012-05-26 02:54 . 2012-05-26 02:54	--------	d-----w-	c:\windows\SysWow64\drivers\mycodec
2012-05-26 02:54 . 2012-05-26 02:58	--------	d-----w-	c:\program files (x86)\MyVideoConverter
2012-05-25 21:23 . 2012-05-08 17:02	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3D47368-EBDC-4E6C-A20E-22C936DBF420}\mpengine.dll
2012-05-21 19:18 . 2012-05-21 19:18	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\users\Mustang-Mobil\AppData\Roaming\Malwarebytes
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\programdata\Malwarebytes
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-20 11:54 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-05-11 17:33 . 2012-03-17 07:55	75632	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-05-11 17:33 . 2012-03-30 11:09	1895280	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-05-11 17:33 . 2012-04-02 05:26	1732096	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 17:33 . 2012-04-02 05:24	1367552	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33 . 2012-04-02 04:40	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33 . 2012-04-02 05:24	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 17:33 . 2012-04-02 05:24	1393664	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2012-05-04 23:03 . 2012-05-04 23:03	--------	d-----w-	c:\program files (x86)\URS Maximum Speed (Deinert & Kracke Gbr)
2012-05-04 19:01 . 2012-05-04 19:01	8744608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-27 17:15 . 2012-04-27 17:15	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-04-27 17:14 . 2012-04-27 17:14	157352	----a-w-	c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-27 17:14 . 2012-04-27 17:14	129976	----a-w-	c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-20 03:43 . 1601-02-13 08:28	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-20 03:43 . 1601-02-13 08:28	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-04 19:01 . 2012-04-17 17:01	419488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-04 19:01 . 2011-12-10 09:28	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-26 17:45 . 2012-04-26 17:45	637848	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-04-26 17:45 . 2010-08-19 01:44	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-03-17 19:28 . 2012-03-17 19:28	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2012-03-10 02:07 . 2012-03-10 02:07	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-03-10 02:07 . 2012-03-10 02:07	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-10 02:07 . 2012-03-10 02:07	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-10 02:07 . 2012-03-10 02:07	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2012-03-10 02:07 . 2012-03-10 02:07	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-03-10 02:07 . 2012-03-10 02:07	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-03-10 02:07 . 2012-03-10 02:07	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-03-10 02:07 . 2012-03-10 02:07	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-03-10 02:07 . 2012-03-10 02:07	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-03-10 02:07 . 2012-03-10 02:07	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-03-10 02:07 . 2012-03-10 02:07	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-03-10 02:07 . 2012-03-10 02:07	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-03-10 02:07 . 2012-03-10 02:07	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-03-10 02:07 . 2012-03-10 02:07	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-03-10 02:07 . 2012-03-10 02:07	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-03-10 02:07 . 2012-03-10 02:07	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-03-10 02:07 . 2012-03-10 02:07	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-03-10 02:07 . 2012-03-10 02:07	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2012-03-10 02:07 . 2012-03-10 02:07	222208	----a-w-	c:\windows\system32\msls31.dll
2012-03-10 02:07 . 2012-03-10 02:07	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-03-10 02:07 . 2012-03-10 02:07	12288	----a-w-	c:\windows\system32\mshta.exe
2012-03-10 02:07 . 2012-03-10 02:07	114176	----a-w-	c:\windows\system32\admparse.dll
2012-03-10 02:07 . 2012-03-10 02:07	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-03-10 02:07 . 2012-03-10 02:07	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-03-10 02:07 . 2012-03-10 02:07	76800	----a-w-	c:\windows\system32\tdc.ocx
2012-03-10 02:07 . 2012-03-10 02:07	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-03-10 02:07 . 2012-03-10 02:07	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-03-10 02:07 . 2012-03-10 02:07	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-03-10 02:07 . 2012-03-10 02:07	448512	----a-w-	c:\windows\system32\html.iec
2012-03-10 02:07 . 2012-03-10 02:07	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-03-10 02:07 . 2012-03-10 02:07	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-03-10 02:07 . 2012-03-10 02:07	160256	----a-w-	c:\windows\system32\wextract.exe
2012-03-10 02:07 . 2012-03-10 02:07	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-03-10 02:07 . 2012-03-10 02:07	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-03-01 06:54 . 2012-04-12 21:41	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-12 21:40	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-12 21:41	80896	----a-w-	c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-12 21:40	5120	----a-w-	c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-12 21:41	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-12 21:41	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-12 21:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-12 21:45	2311168	----a-w-	c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 21:45	1390080	----a-w-	c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 21:45	1493504	----a-w-	c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 21:45	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 21:45	1799168	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 21:45	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 21:45	1127424	----a-w-	c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-12 21:45	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}"= "c:\program files (x86)\GIGA_Deutsch\prxtbGIGA.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\GIGA_Deutsch\prxtbGIGA.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44	1400712	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{DFEFCDEE-CF1A-4FC8-88AD-129872198372}"= "c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\toolbar.dll" [2012-04-01 640000]
"{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}"= "c:\program files (x86)\GIGA_Deutsch\prxtbGIGA.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{dfefcdee-cf1a-4fc8-88ad-129872198372}]
.
[HKEY_CLASSES_ROOT\clsid\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-05 311296]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-4-6 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 135664]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 NWVMModem;Virgin Mobile USB Modem Driver;c:\windows\system32\DRIVERS\nwvmmdm.sys [x]
R3 NWVMPort;Virgin Mobile USB Status Port Driver;c:\windows\system32\DRIVERS\nwvmser.sys [x]
R3 NWVMPort2;Virgin Mobile USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwvmser2.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 117152]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 38944]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudnflt;Remote NDIS Filter Driver;c:\windows\system32\DRIVERS\ssudnflt.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 fbdpinger;fbdpinger;c:\program files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe [2009-09-15 322416]
S2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe [2007-02-12 567216]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NvtlService;NovaCore SDK Service;c:\program files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2009-08-25 82432]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-05-20 40960]
S2 taisregispinger;taisregispinger;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2009-08-13 297344]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 252272]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 19:01]
.
2012-05-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3514457074-616022064-3881124273-1000Core.job
- c:\users\Mustang-Mobil\AppData\Local\Facebook\Update\FacebookUpdate.exe [1601-02-13 18:42]
.
2012-05-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3514457074-616022064-3881124273-1000UA.job
- c:\users\Mustang-Mobil\AppData\Local\Facebook\Update\FacebookUpdate.exe [1601-02-13 18:42]
.
2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 18:29]
.
2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 18:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}]
2011-11-09 01:54	167416	----a-w-	c:\users\Mustang-Mobil\AppData\Roaming\VshareComplete\64\VshareComplete64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 709976]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2010-07-29 158208]
"LXDDCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXDDtime.dll" [2007-01-22 31744]
"Ocs_SM"="c:\users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-05-20 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Mustang-Mobil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 80.69.100.230 80.69.100.174
TCP: Interfaces\{3624C1DF-8BA0-4D46-BF9B-450C07B89BAB}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{62374014-7B22-444C-956C-25DBE7D46542}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{6C2C1480-E1BE-43E4-98ED-FDF5BEE17DDE}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{809B2854-6F90-4EAE-8AC9-1A80B05F7A2E}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{B8AE499B-B810-408E-B440-B344EC45240C}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C80EE47A-AD7A-4085-AFF2-CA452C64E2F3}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{CB36B0DC-8806-4DCC-8F1E-3D9FCF1B6935}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D09135F6-BB75-42D0-8854-B42CA44B49AA}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D4597125-8867-4693-8809-10D6CA7B0FA7}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E4801499-8E11-4C92-BBEF-3FDB8CCBAC1F}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E497D829-5F77-4385-9BF7-222B91BBDEA5}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Mustang-Mobil\AppData\Roaming\Mozilla\Firefox\Profiles\ojhvxj6r.default\
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-Install Führerstand BR 103 - c:\windows\UNWISE.EXE
AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Summer Party Polyp Simulatie - c:\windows\system32\GKSUI20.EXE
AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B} - c:\programdata\{5D8BE403-3090-4297-B98F-65CBBE9DBF71}\Best Buy Software Installer Setup.exe
AddRemove-ChicagoFlights_KORD_Update - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Addon Scenery\scenery\ChicagoFlights_KORD_Update_Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3514457074-616022064-3881124273-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fe,ea,39,c9,43,87,22,e0,89,25,12,56,ae,04,1f,7a,cb,76,0f,97,1c,6d,20,
   62,7c,5b,d6,6e,6f,38,78,22,21,a6,85,43,35,9e,ce,61,c8,67,b0,b1,fd,33,c1,2e,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-3514457074-616022064-3881124273-1000\Software\SecuROM\License information*]
"datasecu"=hex:56,39,b1,fa,bd,b5,e5,16,0c,8a,81,69,6c,68,e5,31,91,9f,ac,4e,68,
   93,90,e5,1f,e9,18,e4,0a,c3,10,f4,0e,75,22,c9,af,b3,df,6c,fb,63,57,c2,f8,e7,\
"rkeysecu"=hex:46,89,2f,e0,14,12,f6,a2,ca,3e,ca,5c,34,76,ff,67
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-05-27  00:04:18
ComboFix-quarantined-files.txt  2012-05-26 22:04
.
Vor Suchlauf: 38.928.502.784 bytes free
Nach Suchlauf: 38.641.725.440 bytes free
.
- - End Of File - - F1E0E31C117206A07EAD4B384D4BC7CE

--- --- ---

Psychotic · 28.05.2012, 12:06

Schritt 1: defogger

Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.

Starte das Tool mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten".
Klicke nun auf den Disable Button um die Treiber gewisser Emulatoren zu deaktivieren.
Wenn der Scan beendet wurde ( Finished ), klicke auf OK.
Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.

Sollte Defogger eine Fehlermeldung ausgeben, poste bitte die defogger_disable Log von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.

Schritt 2: Software deinstallieren

Klicke Start-->Systemsteuerung.
Öffne Programme und Funktionen.
Suche und deinstalliere folgende Einträge:

Zitat:

ask toolbar
GIGA deutsch toolbar
QuickStores-Toolbar 1.2.0
Schließe das Fenster.

Schritt 3: CF-Script

Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter:

BleepingComputer.com - ForoSpyware.com

und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:

ATTFilter

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_CLASSES_ROOT\clsid\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{DFEFCDEE-CF1A-4FC8-88AD-129872198372}"=-
"{1ce76c93-a797-4ca2-ab3c-f4a6cfba3440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[-HKEY_CLASSES_ROOT\clsid\{dfefcdee-cf1a-4fc8-88ad-129872198372}]
FOLDER::
c:\program files (x86)\GIGA_Deutsch
c:\program files (x86)\Ask.com
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs
CLEARJAVACACHE::

Speichere dies als CFScript.txt auf Deinem Desktop.

Wichtig:

Stelle deine Anti Viren Software temprär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!
Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
Dies kann dazu führen, dass ComboFix sich aufhängt.
Schließe alle laufenden Programme. Gehe sicher das ComboFix ungehindert arbeiten kann.
Mache nichts am PC solange ComboFix läuft.

In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.

Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.

Schritt 4: MBAM

Downloade Dir bitte Malwarebytes

Installiere das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
Wenn das Update beendet wurde, aktiviere Vollständigen Scan durchführen und drücke auf Scannen.(Hinweis: Alle Festplatten anhaken!
Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Mustang81 · 28.05.2012, 17:41

So hier die Ergebnisse von den beiden Scans:
Combofix:Combofix Logfile:

Code:

ATTFilter

ComboFix 12-05-28.01 - Mustang-Mobil 28.05.2012  14:38:00.3.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1033.18.3836.2284 [GMT 2:00]
ausgeführt von:: c:\users\Mustang-Mobil\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Mustang-Mobil\Desktop\CFScript.txt
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\program files (x86)\Ask.com\cb_5e39.ico
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_58eb.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\GIGA_Deutsch\GIGA_DeutschToolbarHelper.exe
c:\program files (x86)\GIGA_Deutsch\GottenAppsContextMenu.xml
c:\program files (x86)\GIGA_Deutsch\ldrtbGIGA.dll
c:\program files (x86)\GIGA_Deutsch\OtherAppsContextMenu.xml
c:\program files (x86)\GIGA_Deutsch\prxtbGIGA.dll
c:\program files (x86)\GIGA_Deutsch\SharedAppsContextMenu.xml
c:\program files (x86)\GIGA_Deutsch\tbGIGA.dll
c:\program files (x86)\GIGA_Deutsch\toolbar.cfg
c:\program files (x86)\GIGA_Deutsch\ToolbarContextMenu.xml
c:\program files (x86)\GIGA_Deutsch\uninstall.exe
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.html
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\chrome@loadtubes.com\download.js
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\chrome@loadtubes.com\fire.js
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\chrome@loadtubes.com\manifest.json
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\config.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\domHash.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\evHash.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\ffmpeg.exe
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\keyHash.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\license.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\toolbar.dll
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\uninstall.exe
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\updateHash.txt
c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\ytdl.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-28 bis 2012-05-28  ))))))))))))))))))))))))))))))
.
.
2012-05-28 12:49 . 2012-05-28 12:49	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2012-05-28 12:49 . 2012-05-28 12:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-05-28 12:49 . 2012-05-28 12:49	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2012-05-26 02:54 . 2012-05-26 02:54	--------	d-----w-	c:\windows\SysWow64\drivers\mycodec
2012-05-26 02:54 . 2012-05-26 02:58	--------	d-----w-	c:\program files (x86)\MyVideoConverter
2012-05-21 19:18 . 2012-05-21 19:18	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\users\Mustang-Mobil\AppData\Roaming\Malwarebytes
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\programdata\Malwarebytes
2012-05-20 11:54 . 2012-05-20 11:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-20 11:54 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-05-11 17:33 . 2012-03-17 07:55	75632	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-05-11 17:33 . 2012-03-30 11:09	1895280	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-05-11 17:33 . 2012-04-02 05:26	1732096	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 17:33 . 2012-04-02 05:24	1367552	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33 . 2012-04-02 04:40	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 17:33 . 2012-04-02 05:24	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 17:33 . 2012-04-02 05:24	1393664	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2012-05-04 23:03 . 2012-05-04 23:03	--------	d-----w-	c:\program files (x86)\URS Maximum Speed (Deinert & Kracke Gbr)
2012-05-04 19:01 . 2012-05-04 19:01	8744608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-20 03:43 . 1601-02-13 08:28	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-20 03:43 . 1601-02-13 08:28	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-08 17:02 . 2012-05-25 21:23	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3D47368-EBDC-4E6C-A20E-22C936DBF420}\mpengine.dll
2012-05-04 19:01 . 2012-04-17 17:01	419488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-04 19:01 . 2011-12-10 09:28	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-26 17:45 . 2012-04-26 17:45	637848	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-04-26 17:45 . 2010-08-19 01:44	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-03-17 19:28 . 2012-03-17 19:28	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2012-03-10 02:07 . 2012-03-10 02:07	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-03-10 02:07 . 2012-03-10 02:07	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-10 02:07 . 2012-03-10 02:07	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-10 02:07 . 2012-03-10 02:07	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2012-03-10 02:07 . 2012-03-10 02:07	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-03-10 02:07 . 2012-03-10 02:07	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-03-10 02:07 . 2012-03-10 02:07	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-03-10 02:07 . 2012-03-10 02:07	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-03-10 02:07 . 2012-03-10 02:07	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-03-10 02:07 . 2012-03-10 02:07	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-03-10 02:07 . 2012-03-10 02:07	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-03-10 02:07 . 2012-03-10 02:07	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-03-10 02:07 . 2012-03-10 02:07	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-03-10 02:07 . 2012-03-10 02:07	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-03-10 02:07 . 2012-03-10 02:07	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-03-10 02:07 . 2012-03-10 02:07	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-03-10 02:07 . 2012-03-10 02:07	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-03-10 02:07 . 2012-03-10 02:07	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2012-03-10 02:07 . 2012-03-10 02:07	222208	----a-w-	c:\windows\system32\msls31.dll
2012-03-10 02:07 . 2012-03-10 02:07	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-03-10 02:07 . 2012-03-10 02:07	12288	----a-w-	c:\windows\system32\mshta.exe
2012-03-10 02:07 . 2012-03-10 02:07	114176	----a-w-	c:\windows\system32\admparse.dll
2012-03-10 02:07 . 2012-03-10 02:07	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-03-10 02:07 . 2012-03-10 02:07	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-03-10 02:07 . 2012-03-10 02:07	76800	----a-w-	c:\windows\system32\tdc.ocx
2012-03-10 02:07 . 2012-03-10 02:07	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-03-10 02:07 . 2012-03-10 02:07	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-03-10 02:07 . 2012-03-10 02:07	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-03-10 02:07 . 2012-03-10 02:07	448512	----a-w-	c:\windows\system32\html.iec
2012-03-10 02:07 . 2012-03-10 02:07	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-03-10 02:07 . 2012-03-10 02:07	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-03-10 02:07 . 2012-03-10 02:07	160256	----a-w-	c:\windows\system32\wextract.exe
2012-03-10 02:07 . 2012-03-10 02:07	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-03-10 02:07 . 2012-03-10 02:07	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-03-01 06:54 . 2012-04-12 21:41	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-12 21:40	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-12 21:41	80896	----a-w-	c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-12 21:40	5120	----a-w-	c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-12 21:41	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-12 21:41	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-12 21:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-05-26_22.00.16   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-05-25 21:17	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-28 12:53	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-25 21:17	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-28 12:53	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-28 12:53	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-25 21:17	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-13 02:45 . 2012-05-28 12:55	49384              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-28 12:55	46038              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-05 05:48 . 2012-05-28 12:55	18118              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3514457074-616022064-3881124273-1000_UserData.bin
+ 2010-06-05 05:40 . 2012-05-27 03:17	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-05 05:40 . 2012-05-26 18:29	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-05 05:40 . 2012-05-26 18:29	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-06-05 05:40 . 2012-05-27 03:17	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-27 03:17	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-26 18:29	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-05-28 12:50 . 2012-05-28 12:50	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-21 17:12 . 2012-05-25 21:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-28 12:50 . 2012-05-28 12:50	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-05-21 17:12 . 2012-05-25 21:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-03-17 14:34	318780              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-28 12:49	318780              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-03 21:21 . 2012-05-28 12:49	4688904              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3514457074-616022064-3881124273-1000-12288.dat
- 2009-07-14 02:34 . 2012-05-26 18:06	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-05-28 12:41	10485760              c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-05 311296]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-4-6 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 135664]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 NWVMModem;Virgin Mobile USB Modem Driver;c:\windows\system32\DRIVERS\nwvmmdm.sys [x]
R3 NWVMPort;Virgin Mobile USB Status Port Driver;c:\windows\system32\DRIVERS\nwvmser.sys [x]
R3 NWVMPort2;Virgin Mobile USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwvmser2.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 117152]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 38944]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudnflt;Remote NDIS Filter Driver;c:\windows\system32\DRIVERS\ssudnflt.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 fbdpinger;fbdpinger;c:\program files (x86)\TOSHIBA\ToshibaFB\fdbpinger.exe [2009-09-15 322416]
S2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe [2007-02-12 567216]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NvtlService;NovaCore SDK Service;c:\program files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [2009-08-25 82432]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-05-20 40960]
S2 taisregispinger;taisregispinger;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2009-08-13 297344]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 252272]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 19:01]
.
2012-05-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3514457074-616022064-3881124273-1000Core.job
- c:\users\Mustang-Mobil\AppData\Local\Facebook\Update\FacebookUpdate.exe [1601-02-13 18:42]
.
2012-05-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3514457074-616022064-3881124273-1000UA.job
- c:\users\Mustang-Mobil\AppData\Local\Facebook\Update\FacebookUpdate.exe [1601-02-13 18:42]
.
2012-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 18:29]
.
2012-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-23 18:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}]
2011-11-09 01:54	167416	----a-w-	c:\users\Mustang-Mobil\AppData\Roaming\VshareComplete\64\VshareComplete64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-29 7982112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 709976]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2010-07-29 158208]
"LXDDCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXDDtime.dll" [2007-01-22 31744]
"Ocs_SM"="c:\users\Mustang-Mobil\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-05-20 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Mustang-Mobil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 80.69.100.230 80.69.100.174
TCP: Interfaces\{3624C1DF-8BA0-4D46-BF9B-450C07B89BAB}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{62374014-7B22-444C-956C-25DBE7D46542}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{6C2C1480-E1BE-43E4-98ED-FDF5BEE17DDE}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{809B2854-6F90-4EAE-8AC9-1A80B05F7A2E}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{B8AE499B-B810-408E-B440-B344EC45240C}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C80EE47A-AD7A-4085-AFF2-CA452C64E2F3}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{CB36B0DC-8806-4DCC-8F1E-3D9FCF1B6935}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D09135F6-BB75-42D0-8854-B42CA44B49AA}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{D4597125-8867-4693-8809-10D6CA7B0FA7}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E4801499-8E11-4C92-BBEF-3FDB8CCBAC1F}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{E497D829-5F77-4385-9BF7-222B91BBDEA5}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Mustang-Mobil\AppData\Roaming\Mozilla\Firefox\Profiles\ojhvxj6r.default\
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-GIGA_Deutsch Toolbar - c:\program files (x86)\GIGA_Deutsch\uninstall.exe
AddRemove-loadtbs-2.1 - c:\users\Mustang-Mobil\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-Shake And Roll Simulatie v.1.1 - c:\users\Mustang-Mobil\Desktop\New folder\Uninstal.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3514457074-616022064-3881124273-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fe,ea,39,c9,43,87,22,e0,89,25,12,56,ae,04,1f,7a,cb,76,0f,97,1c,6d,20,
   62,7c,5b,d6,6e,6f,38,78,22,21,a6,85,43,35,9e,ce,61,c8,67,b0,b1,fd,33,c1,2e,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-3514457074-616022064-3881124273-1000\Software\SecuROM\License information*]
"datasecu"=hex:0e,c6,e9,80,e8,b3,15,58,95,8a,fd,75,09,48,6e,c5,59,dc,7d,dc,61,
   e2,05,33,cd,78,32,9d,5f,4f,75,3b,f0,6b,7c,b4,f0,2c,54,48,74,e3,60,7b,97,12,\
"rkeysecu"=hex:77,19,64,9b,a0,c7,1c,73,5a,11,17,35,37,4f,1f,17
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-28  15:02:37 - PC wurde neu gestartet
.
Vor Suchlauf: 38.040.604.672 bytes free
Nach Suchlauf: 37.728.899.072 bytes free
.
- - End Of File - - E94F6DDAC228F6098D607BB10A3CFE24

--- --- ---

Malware:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.05.28.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Mustang-Mobil :: MUSTANGMOBIL [Administrator]

Schutz: Aktiviert

28.05.2012 15:15:49
mbam-log-2012-05-28 (15-15-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 638459
Laufzeit: 3 Stunde(n), 23 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Program Files (x86)\MegaDev\MD-Trainers\MT-X\MT-eXperience.exe (Trojan.AVKiller.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Mustang-Mobil\Desktop\Sinn und Unsinn\Battlefield Bad Company 2\rld-bbc2.exe (RiskWare.Tool.HCK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Mustang-Mobil\Desktop\Sinn und Unsinn\Battlefield Bad Company 2\kg\Key Gen bbc2\rld-bbc2.exe (RiskWare.Tool.HCK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Der MD Trainer hat bisher keine Probleme gemacht, der dient dazu, um Files bei diversen Games zu verändern, hier für den FM 12 genutzt

Psychotic · 28.05.2012, 23:47

Zitat:

C:\Users\Mustang-Mobil\Desktop\Sinn und Unsinn\Battlefield Bad Company 2\kg\Key Gen bbc2\rld-bbc2.exe

Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren.

Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malware Dateien )
Dies ist einer der Hauptgründe wie man sich infiziert.

Ausserdem sind Cracks usw illegal und das ist genauso Diebstahl wie in einem Laden.

Darum haben wir uns darauf geeinigt:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________

Mustang81 · 28.05.2012, 23:52

Eure Reaktion könnte ich verstehen, wenn durch diesen Crack, das Problem entstanden wäre, Da aber dadurch kein Schaden zustande gekommen ist, kann ich diesen Schritt nicht nachvollziehen.

Ukash Windows Secure Trojaner eingefangen, und nun?

Log-Analyse und Auswertung: Ukash Windows Secure Trojaner eingefangen, und nun?