| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Task Manager startet nicht mehr (Windows 7)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.07.2012, 12:43
| #1 |
| |  Task Manager startet nicht mehr (Windows 7) Hallo, habe seit ein paar Tagen das Problem das mein Task Manager mit der Tastenkombination strg + alt + enf nicht mehr startet. Stattdessen startet der Taschenrechner. Außerdem sprint zum Bsp. Firefox beim Benutzen der backspace Taste immer auf die "Galerie Ansicht" bzw. es kommt folgende Meldung: "Sie versuchen, eine Datei des Typs "Anwendungserweiterung" (.dll) zu öffnen usw." Habe meinen PC bereits mit dem Programm Malewarebytes Anti Malware mit der Version von heute überprüft. Hier die Logdatei: Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.07.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Administrator :: *-* [Administrator] Schutz: Aktiviert 07.07.2012 11:52:17 mbam-log-2012-07-07 (11-52-17).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 506933 Laufzeit: 1 Stunde(n), 9 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Ich habe OTL von Oldtimer runtergeladen und nach Euren Empfehlungen gescannt. Hier die Logfile: OTL logfile created on: 7/7/2012 1:34:49 PM - Run 2 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Administrator\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 3.96 Gb Available Physical Memory | 49.61% Memory free 15.96 Gb Paging File | 11.46 Gb Available in Paging File | 71.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1383.48 Gb Total Space | 1096.66 Gb Free Space | 79.27% Space Free | Partition Type: NTFS Drive D: | 13.68 Gb Total Space | 1.74 Gb Free Space | 12.75% Space Free | Partition Type: NTFS Drive F: | 14.98 Gb Total Space | 1.14 Gb Free Space | 7.59% Space Free | Partition Type: FAT32 Drive G: | 477.63 Mb Total Space | 475.00 Mb Free Space | 99.45% Space Free | Partition Type: FAT Drive L: | 596.17 Gb Total Space | 0.10 Gb Free Space | 0.02% Space Free | Partition Type: NTFS Computer Name: DANIEL-HP | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Aurora\plugin-container.exe (Mozilla Corporation) PRC - C:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard) PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Aurora\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe () MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL () ========== Win32 Services (SafeList) ========== SRV:64bit: - (hcwD3bda_dvbt) -- C:\Windows\SysNative\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe (Mirics Semiconductor Ltd) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE () SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company) SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (CLKMSVC10_C6F09094) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe (CyberLink) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (HPClientSvc) -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.) DRV:64bit: - (hcwD3bda) Driver for WinTV DVB-T (Model 133xxx) -- C:\Windows\SysNative\drivers\hcwD3bda64.sys (Mirics) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (ncplelhp) -- C:\Windows\SysNative\drivers\ncplelhp.sys (NCP Engineering GmbH) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDF IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDF IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22:02&v=11.1.0.7&sap=hp IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22:02&v=11.1.0.7&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web" FF - prefs.js..browser.search.order.1: "Search the web" FF - prefs.js..browser.search.selectedEngine: "Search the web" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://mein.allyve.com/" FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - prefs.js..network.proxy.http: "157.181.228.181" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.search.selectedEngine: "Search the web" FF - user.js..browser.search.order.1: "Search the web" FF - user.js..browser.search.defaultenginename: "Search the web" FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VLC Player\VLC\npvlc.dll File not found 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS [2012/07/03 20:05:32 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 15.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012/07/07 05:54:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 15.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins [2012/04/20 19:03:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2012/07/07 05:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions [2012/04/21 20:39:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012/06/23 00:04:23 | 000,000,000 | ---D | M] (BYTubeD - Bulk (Batch) YouTube video Downloader) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\bytubed@cs213.cse.iitk.ac.in [2012/04/21 20:39:14 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\en-GB@dictionaries.addons.mozilla.org [2012/07/04 21:20:16 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\firefox@ghostery.com [2012/05/18 16:24:06 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\ich@maltegoetz.de [2012/04/21 19:23:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\nostmp [2012/06/04 17:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/05/26 15:09:49 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com [2012/06/04 01:10:04 | 000,030,312 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI [2012/05/28 02:19:07 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI [2012/02/11 16:02:18 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012/03/29 20:15:18 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI [2012/04/21 21:18:30 | 000,113,603 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\NOSQUINT@URANDOM.CA.XPI [2012/06/15 17:53:12 | 000,182,698 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI [2012/06/24 11:33:54 | 000,456,182 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\STEFANVANDAMME@STEFANVD.NET.XPI [2012/07/04 22:10:22 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI [2012/06/22 23:14:25 | 000,008,001 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI [2012/05/27 18:21:58 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/04/19 23:35:21 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src O1 HOSTS File: ([2012/07/07 06:42:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Programme\IDT\WDM\beats64.exe (Hewlett-Packard ) O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard) O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4:64bit: - HKLM..\RunOnce: [NCPGINA] C:\Windows\delrws.bat () O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk = C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE60407B-9C3A-441D-B82A-3E26A13EB9A8}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/07 06:42:46 | 000,000,000 | ---D | C] -- C:\_OTL [2012/07/07 06:21:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes [2012/07/07 06:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/07/07 06:21:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/07/07 06:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/07/07 06:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/07/07 05:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora [2012/07/06 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\backups [2012/07/06 16:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012/07/06 16:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/07/06 16:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012/07/06 15:59:46 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012/07/04 22:10:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Macromedia [2012/07/04 22:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/07/03 20:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly [2012/07/01 13:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity [2012/06/23 21:04:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\HP MediaSmart Video [2012/06/23 13:58:59 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012/06/23 13:55:02 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/23 13:55:02 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/23 13:55:02 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/23 13:54:34 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/23 13:54:34 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/23 13:54:34 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/23 13:54:18 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/23 13:54:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/19 22:23:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\NPE [2012/06/19 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\JAM Software [2012/06/16 14:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/16 14:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/06/16 14:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/16 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/06/16 14:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012/06/16 13:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari [2012/06/13 23:33:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{3E684F40-FE83-48C2-981A-8201E1CCB21F} [2012/06/13 22:53:20 | 000,918,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/06/13 22:53:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/06/13 22:52:56 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/06/13 22:52:50 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/06/13 22:52:50 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/06/13 22:52:48 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/06/13 22:52:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/06/13 22:52:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/06/13 22:52:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/06/13 22:52:42 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/06/13 22:52:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/06/13 22:52:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/06/13 22:52:25 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/06/13 22:52:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/06/13 22:52:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/06/13 22:51:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/06/13 22:51:34 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/13 22:51:33 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/06/08 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FFOutput [2012/06/08 14:55:59 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012/06/08 14:55:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2012/06/08 14:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FormatFactory [2012/06/07 13:52:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Meine Dokumente [2012/05/27 19:29:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis204.exe [2012/04/19 00:22:17 | 032,811,469 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Program Files\WDM_R267.exe [2012/04/19 00:22:15 | 032,811,469 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Program Files\WDM_R267(1).exe [2012/04/19 00:22:15 | 004,618,792 | ---- | C] (Veetle Inc) -- C:\Program Files\veetle-0.9.19.exe ========== Files - Modified Within 30 Days ========== [2012/07/07 13:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/07 13:17:17 | 000,062,342 | ---- | M] () -- C:\Users\Administrator\Desktop\Unbenannt.PNG [2012/07/07 12:05:25 | 000,004,204 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120707_120519.reg [2012/07/07 12:04:32 | 000,000,485 | ---- | M] () -- C:\Windows\delrws.bat [2012/07/07 11:42:09 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/07 11:42:09 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/07 11:34:50 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAdministrator.job [2012/07/07 11:34:45 | 000,295,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/07 11:34:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/07 11:34:31 | 2133,733,375 | -HS- | M] () -- C:\hiberfil.sys [2012/07/07 06:42:46 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2012/07/07 06:11:35 | 000,007,034 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120707_061132.reg [2012/07/06 17:14:39 | 000,000,174 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\default.rss [2012/07/06 17:14:30 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012/07/06 15:59:47 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe [2012/07/04 22:10:03 | 000,001,079 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk [2012/06/29 00:35:39 | 000,104,790 | ---- | M] () -- C:\Users\Administrator\Desktop\048432359_5083021xbf_123_101lo.jpg [2012/06/29 00:35:19 | 000,114,715 | ---- | M] () -- C:\Users\Administrator\Desktop\048303800_5083020efp_123_1037lo.jpg [2012/06/24 11:33:22 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/06/24 11:33:22 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/06/23 01:08:09 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDANIEL-HP$.job [2012/06/17 17:15:00 | 000,004,314 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120617_171456.reg [2012/06/15 01:08:53 | 000,001,333 | ---- | M] () -- C:\Users\Administrator\.swfinfo [2012/06/14 23:59:18 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/06/14 23:59:18 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/06/14 23:59:18 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/06/14 23:59:18 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/06/14 23:59:18 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/06/10 17:19:50 | 000,002,057 | ---- | M] () -- C:\Windows\epplauncher.mif ========== Files Created - No Company Name ========== [2012/07/07 13:17:17 | 000,062,342 | ---- | C] () -- C:\Users\Administrator\Desktop\Unbenannt.PNG [2012/07/07 12:05:23 | 000,004,204 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120707_120519.reg [2012/07/07 12:04:16 | 000,000,485 | ---- | C] () -- C:\Windows\delrws.bat [2012/07/07 11:34:33 | 000,295,896 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/07 06:11:34 | 000,007,034 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120707_061132.reg [2012/07/06 15:24:53 | 000,001,079 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk [2012/07/04 22:10:03 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk [2012/07/01 13:39:54 | 000,001,021 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012/06/29 00:35:38 | 000,104,790 | ---- | C] () -- C:\Users\Administrator\Desktop\048432359_5083021xbf_123_101lo.jpg [2012/06/29 00:35:18 | 000,114,715 | ---- | C] () -- C:\Users\Administrator\Desktop\048303800_5083020efp_123_1037lo.jpg [2012/06/17 17:14:58 | 000,004,314 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120617_171456.reg [2012/06/16 14:00:01 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk [2012/05/19 01:22:24 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db [2012/05/12 23:41:58 | 000,001,333 | ---- | C] () -- C:\Users\Administrator\.swfinfo [2012/05/11 20:12:06 | 000,000,174 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\default.rss [2012/05/05 01:15:04 | 000,097,204 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012/04/26 22:53:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012/04/26 22:45:26 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012/04/26 22:45:26 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012/04/23 23:47:38 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/04/19 00:22:21 | 007,188,924 | ---- | C] () -- C:\Program Files\XMediaRecode3090_setup.exe [2012/04/19 00:22:19 | 054,957,384 | ---- | C] () -- C:\Program Files\wz160gev.exe [2012/04/18 23:25:28 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI [2012/02/08 16:55:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/08/18 07:35:05 | 000,186,368 | ---- | C] () -- C:\Windows\SysWow64\hcwD3bda32.dll [2011/08/18 07:27:29 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011/08/18 07:15:32 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2011/08/18 07:15:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2010/09/21 19:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL [2007/05/23 16:22:44 | 000,003,798 | ---- | C] () -- C:\Program Files\SP35985.CVA < End of report > Es wäre sehr nett wenn mir jemand von Euch weiter helfen könnte. Vielen Dank! Daniel |
|
10.07.2012, 23:00
| #2 | |
| /// Malware-holic   | Task Manager startet nicht mehr (Windows 7) hi
__________________öffne super antispyware, alle berichte posten öffne malwarebytes, logdateien, scan logs mit funden posten. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
17.07.2012, 19:49
| #3 |
| | Task Manager startet nicht mehr (Windows 7) Hallo Markus,
__________________vielen Dank für Deine Antwort. Hier das Logfile von SuperAntiSpyware SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 07/17/2012 at 08:12 PM Application Version : 5.1.1002 Core Rules Database Version : 8912 Trace Rules Database Version: 6724 Scan type : Complete Scan Total Scan Time : 02:02:29 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC Off - Administrator Memory items scanned : 658 Memory threats detected : 0 Registry items scanned : 65460 Registry threats detected : 0 File items scanned : 75369 File threats detected : 53 Adware.Tracking Cookie ia.media-imdb.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ] media.mtvnservices.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ] staticedge.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ] www.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ] .gostats.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .de.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .stats4free.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .stats4free.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .cnt.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .cnt.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .stats.paypal.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] server.adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] server.adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] .gostats.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ] Hier das Logfile von Malwarebytes Anti-Malware Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.17.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Administrator :: ******-** [Administrator] Schutz: Aktiviert 17.07.2012 18:11:03 mbam-log-2012-07-17 (18-11-03).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 479911 Laufzeit: 2 Stunde(n), 1 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Hier nun abschließend noch das Logfile von ComboFix Combofix Logfile: Code:
ATTFilter ComboFix 12-07-16.01 - Administrator 17.07.2012 20:27:19.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8175.4861 [GMT 2:00]
ausgeführt von:: c:\users\Administrator\Desktop\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-17 bis 2012-07-17 ))))))))))))))))))))))))))))))
.
.
2012-07-17 18:32 . 2012-07-17 18:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-16 18:14 . 2012-07-17 15:44 -------- d-----w- c:\program files (x86)\Aurora
2012-07-11 17:55 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-10 19:09 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2012-07-10 19:09 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll
2012-07-10 19:09 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2012-07-10 19:09 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-07-08 12:48 . 2012-07-08 19:40 -------- d-----w- c:\users\Administrator\AppData\Roaming\XnView
2012-07-08 12:48 . 2012-07-15 11:38 -------- d-----w- c:\program files (x86)\XnView
2012-07-07 16:01 . 2012-07-12 21:32 -------- d-----w- c:\users\Administrator\AppData\Local\CrashDumps
2012-07-07 12:27 . 2012-07-07 12:27 2135640 ----a-w- c:\program files\tdsskiller.exe
2012-07-07 11:48 . 2012-07-07 11:48 -------- d-----w- c:\users\Administrator\AppData\Roaming\GlarySoft
2012-07-07 11:47 . 2012-07-15 11:41 -------- d-----w- c:\program files\Glarysoft
2012-07-07 04:42 . 2012-07-07 04:42 -------- d-----w- C:\_OTL
2012-07-07 04:21 . 2012-07-07 04:21 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2012-07-07 04:21 . 2012-07-15 11:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 04:21 . 2012-07-07 04:21 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 04:21 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-06 14:22 . 2012-07-06 14:22 -------- d-----w- c:\program files\backups
2012-07-06 14:14 . 2012-07-15 11:38 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-07-06 14:14 . 2012-07-09 21:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-07-04 20:10 . 2012-07-04 20:10 -------- d-----w- c:\users\Administrator\AppData\Local\Macromedia
2012-07-04 20:10 . 2012-07-17 18:33 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-07-03 18:05 . 2012-07-04 19:20 -------- d-----w- c:\program files\Nightly
2012-07-01 11:39 . 2012-07-01 11:39 -------- d-----w- c:\program files (x86)\Audacity
2012-06-23 19:04 . 2012-06-23 19:04 -------- d-----w- c:\users\Administrator\AppData\Local\HP MediaSmart Video
2012-06-23 11:58 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-06-23 11:58 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-06-23 11:58 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-06-23 11:55 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-23 11:55 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-23 11:55 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-23 11:55 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-23 11:54 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-23 11:54 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-23 11:54 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-23 11:54 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-23 11:54 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 20:23 . 2012-06-19 20:23 -------- d-----w- c:\users\Administrator\AppData\Local\NPE
2012-06-19 20:18 . 2012-06-19 20:18 -------- d-----w- c:\users\Administrator\AppData\Roaming\JAM Software
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-17 18:17 . 2012-04-20 17:31 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-11 20:33 . 2012-04-18 22:30 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 20:33 . 2012-04-18 22:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-31 04:04 . 2012-07-16 18:12 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AF62229-12C7-44E3-B272-055DD6DBF921}\mpengine.dll
2012-05-31 04:04 . 2012-07-15 10:03 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-27 17:29 . 2012-05-27 17:29 388608 ----a-w- c:\program files\HiJackThis204.exe
2012-05-15 04:01 . 2012-06-13 20:52 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:03 . 2012-06-13 20:52 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-05 07:16 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-05-05 07:16 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-05-04 11:06 . 2012-06-13 20:52 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 20:52 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 20:52 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 20:52 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 20:51 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 20:52 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 20:52 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 20:52 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 20:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 20:51 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 20:51 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 20:51 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 20:51 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 20:51 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-23 21:49 . 2012-07-03 17:40 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3540528F-F46D-4B14-8D4B-1133841283C4}\gapaengine.dll
2012-04-23 21:49 . 2012-06-12 20:31 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-04-23 21:45 . 2012-04-23 21:45 10384312 ----a-w- c:\program files\mseinstall.exe
2012-04-22 17:18 . 2012-04-22 17:18 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{471E81A7-07BF-4552-BC99-83572B07DA00}\offreg.dll
2012-04-20 16:25 . 2012-04-20 16:25 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-04-20 16:25 . 2012-04-20 16:25 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-04-20 16:24 . 2012-04-20 16:24 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-20 03:45 . 2012-06-13 20:52 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-20 03:16 . 2012-06-13 20:52 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-04-18 20:46 . 2010-06-24 18:33 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-04-15 23:37 . 2012-04-18 22:22 54957384 ----a-w- c:\program files\wz160gev.exe
2012-04-15 23:19 . 2012-04-18 22:22 7188924 ----a-w- c:\program files\XMediaRecode3090_setup.exe
2012-03-21 15:22 . 2012-04-18 22:22 32811469 ----a-w- c:\program files\WDM_R267.exe
2012-03-21 15:16 . 2012-04-18 22:22 32811469 ----a-w- c:\program files\WDM_R267(1).exe
2012-03-17 09:50 . 2012-04-18 22:17 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-21 4786048]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2012-01-05 1823744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Aurora.lnk - c:\program files (x86)\Aurora\firefox.exe [2012-7-16 918000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/08/17 22:23;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-09-21 245232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-16 114160]
R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys [2010-02-23 151272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R4 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-06-26 468848]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-06-20 384880]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_C6F09094
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 20:33]
.
2012-07-13 c:\windows\Tasks\HPCeeScheduleForAdministrator.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-06-22 c:\windows\Tasks\HPCeeScheduleForDANIEL-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-05-16 01:10 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-08-15 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-27 489472]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22&v=11.1.0.7&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\483gp3z8.default\
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxps://mein.allyve.com/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - prefs.js: network.proxy.http - 157.181.228.181
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8fg66oxN&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 58a143c900000000000002004e435049
FF - user.js: extensions.incredibar_i.hardId - 58a143c900000000000002004e435049
FF - user.js: extensions.incredibar_i.instlDay - 15337
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2722:33
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8fg66oxN
FF - user.js: extensions.incredibar_i.upn2n - 92823584542271871
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10556
FF - user.js: extensions.incredibar_i.ppd - 1000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 58a143c900000000000002004e435049
FF - user.js: extensions.BabylonToolbar_i.hardId - 58a143c900000000000002004e435049
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15395
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.171:00
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: general.useragent.extra.brc -
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,c8,f2,8d,99,cb,cf,44,93,a9,9e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,c8,f2,8d,99,cb,cf,44,93,a9,9e,\
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3g2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gp"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gp2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gpp"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.aac"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.adt"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.adts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ARW\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.asf"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.asx"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.au"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CR2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cue\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.cue"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.divx"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DNG\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flac"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.ifo"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jar\UserChoice]
@Denied: (2) (Administrator)
"Progid"="jarfile"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KDC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m1v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2t"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2ts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m3u"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m3u8"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4a"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4p"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mid"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mkv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mod"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mov"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp2v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp3"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpa"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpe"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpeg"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpg"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpv2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MRW\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NEF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ORF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PEF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RAF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.rmi"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.rmvb"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.snd"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SR2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.ts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.tts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.vob"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wav"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wma"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wmv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X3F\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Java\jre6\bin\javaws.exe
c:\program files (x86)\Java\jre6\bin\javaw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-17 20:39:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-17 18:39
.
Vor Suchlauf: 8 Verzeichnis(se), 1.140.469.841.920 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 1.140.157.030.400 Bytes frei
.
- - End Of File - - 5820903E417B712C34746DD49B070DF0
Gruß Daniel |
|
19.07.2012, 22:05
| #4 |
| /// Malware-holic | Task Manager startet nicht mehr (Windows 7) der tdss killer wurde auch benutzt, log posten bitte, liegt auf c:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.07.2012, 19:07
| #5 |
| | Task Manager startet nicht mehr (Windows 7) Hallo Markus, hier das logfile vom tdskiller: 20:03:20.0807 5560 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 20:03:20.0860 5560 ============================================================ 20:03:20.0860 5560 Current date / time: 2012/07/20 20:03:20.0860 20:03:20.0860 5560 SystemInfo: 20:03:20.0860 5560 20:03:20.0860 5560 OS Version: 6.1.7601 ServicePack: 1.0 20:03:20.0860 5560 Product type: Workstation 20:03:20.0860 5560 ComputerName: DANIEL-HP 20:03:20.0860 5560 UserName: Administrator 20:03:20.0860 5560 Windows directory: C:\Windows 20:03:20.0860 5560 System windows directory: C:\Windows 20:03:20.0861 5560 Running under WOW64 20:03:20.0861 5560 Processor architecture: Intel x64 20:03:20.0861 5560 Number of processors: 8 20:03:20.0861 5560 Page size: 0x1000 20:03:20.0861 5560 Boot type: Normal boot 20:03:20.0861 5560 ============================================================ 20:03:21.0428 5560 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:03:21.0438 5560 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 20:03:21.0456 5560 ============================================================ 20:03:21.0456 5560 \Device\Harddisk0\DR0: 20:03:21.0456 5560 MBR partitions: 20:03:21.0456 5560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:03:21.0456 5560 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0xACEF77C1 20:03:21.0456 5560 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xACF2A000, BlocksNum 0x1B5D000 20:03:21.0456 5560 \Device\Harddisk1\DR1: 20:03:21.0456 5560 MBR partitions: 20:03:21.0456 5560 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82 20:03:21.0456 5560 ============================================================ 20:03:21.0514 5560 C: <-> \Device\Harddisk0\DR0\Partition1 20:03:21.0566 5560 D: <-> \Device\Harddisk0\DR0\Partition2 20:03:21.0606 5560 L: <-> \Device\Harddisk1\DR1\Partition0 20:03:21.0606 5560 ============================================================ 20:03:21.0606 5560 Initialize success 20:03:21.0606 5560 ============================================================ 20:03:23.0335 3144 ============================================================ 20:03:23.0335 3144 Scan started 20:03:23.0335 3144 Mode: Manual; 20:03:23.0335 3144 ============================================================ 20:03:23.0612 3144 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 20:03:23.0614 3144 !SASCORE - ok 20:03:23.0699 3144 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 20:03:23.0702 3144 1394ohci - ok 20:03:23.0742 3144 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 20:03:23.0746 3144 ACPI - ok 20:03:23.0781 3144 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 20:03:23.0782 3144 AcpiPmi - ok 20:03:23.0862 3144 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:03:23.0864 3144 AdobeFlashPlayerUpdateSvc - ok 20:03:23.0933 3144 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:03:23.0954 3144 adp94xx - ok 20:03:23.0969 3144 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:03:23.0974 3144 adpahci - ok 20:03:24.0028 3144 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:03:24.0031 3144 adpu320 - ok 20:03:24.0062 3144 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:03:24.0064 3144 AeLookupSvc - ok 20:03:24.0088 3144 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe 20:03:24.0089 3144 AESTFilters - ok 20:03:24.0143 3144 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 20:03:24.0150 3144 AFD - ok 20:03:24.0174 3144 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 20:03:24.0176 3144 agp440 - ok 20:03:24.0189 3144 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:03:24.0190 3144 ALG - ok 20:03:24.0223 3144 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 20:03:24.0224 3144 aliide - ok 20:03:24.0227 3144 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 20:03:24.0228 3144 amdide - ok 20:03:24.0247 3144 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:03:24.0248 3144 AmdK8 - ok 20:03:24.0253 3144 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:03:24.0255 3144 AmdPPM - ok 20:03:24.0284 3144 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 20:03:24.0286 3144 amdsata - ok 20:03:24.0303 3144 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:03:24.0306 3144 amdsbs - ok 20:03:24.0328 3144 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 20:03:24.0329 3144 amdxata - ok 20:03:24.0357 3144 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 20:03:24.0358 3144 AppID - ok 20:03:24.0376 3144 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:03:24.0377 3144 AppIDSvc - ok 20:03:24.0422 3144 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 20:03:24.0423 3144 Appinfo - ok 20:03:24.0540 3144 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:03:24.0541 3144 Apple Mobile Device - ok 20:03:24.0595 3144 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:03:24.0596 3144 arc - ok 20:03:24.0608 3144 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:03:24.0610 3144 arcsas - ok 20:03:24.0622 3144 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:03:24.0623 3144 AsyncMac - ok 20:03:24.0644 3144 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 20:03:24.0645 3144 atapi - ok 20:03:24.0722 3144 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:03:24.0785 3144 AudioEndpointBuilder - ok 20:03:24.0792 3144 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:03:24.0798 3144 AudioSrv - ok 20:03:24.0894 3144 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 20:03:24.0896 3144 AxInstSV - ok 20:03:24.0932 3144 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:03:24.0952 3144 b06bdrv - ok 20:03:24.0993 3144 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:03:24.0997 3144 b57nd60a - ok 20:03:25.0064 3144 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:03:25.0066 3144 BDESVC - ok 20:03:25.0081 3144 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:03:25.0082 3144 Beep - ok 20:03:25.0160 3144 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 20:03:25.0223 3144 BFE - ok 20:03:25.0293 3144 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 20:03:25.0306 3144 BITS - ok 20:03:25.0343 3144 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:03:25.0344 3144 blbdrive - ok 20:03:25.0446 3144 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 20:03:25.0449 3144 Bonjour Service - ok 20:03:25.0594 3144 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 20:03:25.0596 3144 bowser - ok 20:03:25.0616 3144 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:03:25.0617 3144 BrFiltLo - ok 20:03:25.0625 3144 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:03:25.0626 3144 BrFiltUp - ok 20:03:25.0678 3144 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 20:03:25.0680 3144 BridgeMP - ok 20:03:25.0714 3144 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 20:03:25.0716 3144 Browser - ok 20:03:25.0744 3144 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:03:25.0749 3144 Brserid - ok 20:03:25.0779 3144 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:03:25.0781 3144 BrSerWdm - ok 20:03:25.0790 3144 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:03:25.0791 3144 BrUsbMdm - ok 20:03:25.0798 3144 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:03:25.0799 3144 BrUsbSer - ok 20:03:25.0821 3144 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:03:25.0823 3144 BTHMODEM - ok 20:03:25.0847 3144 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:03:25.0849 3144 bthserv - ok 20:03:25.0869 3144 catchme - ok 20:03:25.0914 3144 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:03:25.0915 3144 cdfs - ok 20:03:25.0959 3144 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 20:03:25.0961 3144 cdrom - ok 20:03:25.0982 3144 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:03:25.0984 3144 CertPropSvc - ok 20:03:26.0007 3144 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:03:26.0008 3144 circlass - ok 20:03:26.0045 3144 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:03:26.0050 3144 CLFS - ok 20:03:26.0193 3144 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe 20:03:26.0195 3144 CLKMSVC10_C6F09094 - ok 20:03:26.0251 3144 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:03:26.0253 3144 clr_optimization_v2.0.50727_32 - ok 20:03:26.0291 3144 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:03:26.0293 3144 clr_optimization_v2.0.50727_64 - ok 20:03:26.0489 3144 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:03:26.0491 3144 clr_optimization_v4.0.30319_32 - ok 20:03:26.0524 3144 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:03:26.0526 3144 clr_optimization_v4.0.30319_64 - ok 20:03:26.0564 3144 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:03:26.0565 3144 CmBatt - ok 20:03:26.0585 3144 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 20:03:26.0585 3144 cmdide - ok 20:03:26.0639 3144 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 20:03:26.0645 3144 CNG - ok 20:03:26.0697 3144 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:03:26.0698 3144 Compbatt - ok 20:03:26.0743 3144 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 20:03:26.0744 3144 CompositeBus - ok 20:03:26.0752 3144 COMSysApp - ok 20:03:26.0769 3144 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:03:26.0770 3144 crcdisk - ok 20:03:26.0807 3144 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 20:03:26.0810 3144 CryptSvc - ok 20:03:26.0866 3144 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:03:26.0922 3144 DcomLaunch - ok 20:03:26.0965 3144 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:03:26.0969 3144 defragsvc - ok 20:03:27.0001 3144 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 20:03:27.0003 3144 DfsC - ok 20:03:27.0061 3144 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 20:03:27.0066 3144 Dhcp - ok 20:03:27.0100 3144 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:03:27.0101 3144 discache - ok 20:03:27.0129 3144 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:03:27.0130 3144 Disk - ok 20:03:27.0172 3144 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 20:03:27.0175 3144 Dnscache - ok 20:03:27.0216 3144 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 20:03:27.0220 3144 dot3svc - ok 20:03:27.0266 3144 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 20:03:27.0269 3144 DPS - ok 20:03:27.0285 3144 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:03:27.0286 3144 drmkaud - ok 20:03:27.0346 3144 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 20:03:27.0413 3144 DXGKrnl - ok 20:03:27.0459 3144 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:03:27.0461 3144 EapHost - ok 20:03:27.0601 3144 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:03:27.0678 3144 ebdrv - ok 20:03:27.0773 3144 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 20:03:27.0775 3144 EFS - ok 20:03:27.0825 3144 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 20:03:27.0830 3144 ehRecvr - ok 20:03:27.0896 3144 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:03:27.0898 3144 ehSched - ok 20:03:27.0952 3144 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:03:27.0982 3144 elxstor - ok 20:03:28.0050 3144 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 20:03:28.0051 3144 ErrDev - ok 20:03:28.0090 3144 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:03:28.0113 3144 EventSystem - ok 20:03:28.0156 3144 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:03:28.0159 3144 exfat - ok 20:03:28.0172 3144 ezSharedSvc - ok 20:03:28.0206 3144 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:03:28.0209 3144 fastfat - ok 20:03:28.0267 3144 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 20:03:28.0328 3144 Fax - ok 20:03:28.0389 3144 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:03:28.0390 3144 fdc - ok 20:03:28.0404 3144 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:03:28.0405 3144 fdPHost - ok 20:03:28.0409 3144 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:03:28.0410 3144 FDResPub - ok 20:03:28.0416 3144 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:03:28.0417 3144 FileInfo - ok 20:03:28.0440 3144 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:03:28.0441 3144 Filetrace - ok 20:03:28.0451 3144 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:03:28.0452 3144 flpydisk - ok 20:03:28.0490 3144 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 20:03:28.0494 3144 FltMgr - ok 20:03:28.0558 3144 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 20:03:28.0644 3144 FontCache - ok 20:03:28.0715 3144 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:03:28.0716 3144 FontCache3.0.0.0 - ok 20:03:28.0723 3144 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:03:28.0725 3144 FsDepends - ok 20:03:28.0748 3144 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 20:03:28.0749 3144 Fs_Rec - ok 20:03:28.0775 3144 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:03:28.0778 3144 fvevol - ok 20:03:28.0792 3144 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:03:28.0794 3144 gagp30kx - ok 20:03:28.0885 3144 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 20:03:28.0888 3144 GameConsoleService - ok 20:03:28.0929 3144 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:03:28.0930 3144 GEARAspiWDM - ok 20:03:28.0981 3144 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 20:03:29.0005 3144 gpsvc - ok 20:03:29.0057 3144 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 20:03:29.0060 3144 gusvc - ok 20:03:29.0098 3144 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:03:29.0100 3144 hcw85cir - ok 20:03:29.0144 3144 hcwD3bda (36460952d903e9159660b3e7945fc274) C:\Windows\system32\DRIVERS\hcwD3bda64.sys 20:03:29.0146 3144 hcwD3bda - ok 20:03:29.0261 3144 hcwD3bda_dvbt (1a6de1f4e48a80c281ddccaa56339ae1) C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe 20:03:29.0320 3144 hcwD3bda_dvbt - ok 20:03:29.0441 3144 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 20:03:29.0446 3144 HdAudAddService - ok 20:03:29.0477 3144 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 20:03:29.0478 3144 HDAudBus - ok 20:03:29.0492 3144 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:03:29.0493 3144 HidBatt - ok 20:03:29.0514 3144 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:03:29.0516 3144 HidBth - ok 20:03:29.0543 3144 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:03:29.0544 3144 HidIr - ok 20:03:29.0566 3144 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 20:03:29.0568 3144 hidserv - ok 20:03:29.0584 3144 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 20:03:29.0585 3144 HidUsb - ok 20:03:29.0615 3144 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 20:03:29.0617 3144 hkmsvc - ok 20:03:29.0658 3144 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 20:03:29.0662 3144 HomeGroupListener - ok 20:03:29.0698 3144 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 20:03:29.0702 3144 HomeGroupProvider - ok 20:03:29.0794 3144 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 20:03:29.0795 3144 HP Support Assistant Service - ok 20:03:29.0884 3144 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 20:03:29.0887 3144 HPClientSvc - ok 20:03:29.0926 3144 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 20:03:29.0927 3144 HPDrvMntSvc.exe - ok 20:03:29.0980 3144 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 20:03:29.0986 3144 hpqwmiex - ok 20:03:30.0072 3144 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 20:03:30.0074 3144 HpSAMD - ok 20:03:30.0272 3144 hshld (f5985824c024cbbf4a41acd05c2de671) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe 20:03:30.0275 3144 hshld - ok 20:03:30.0317 3144 HssDrv (a60c877e1cd3aa2e4e5ccd8af305c0f1) C:\Windows\system32\DRIVERS\HssDrv.sys 20:03:30.0318 3144 HssDrv - ok 20:03:30.0344 3144 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe 20:03:30.0349 3144 HssSrv - ok 20:03:30.0400 3144 HssTrayService (4ff5ef622f3e087710a01038afa817e5) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE 20:03:30.0401 3144 HssTrayService - ok 20:03:30.0472 3144 HssWd (0cc16661c518a174cf192493cc024cda) C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe 20:03:30.0477 3144 HssWd - ok 20:03:30.0558 3144 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 20:03:30.0568 3144 HTTP - ok 20:03:30.0628 3144 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 20:03:30.0629 3144 hwpolicy - ok 20:03:30.0657 3144 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 20:03:30.0659 3144 i8042prt - ok 20:03:30.0713 3144 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys 20:03:30.0716 3144 iaStor - ok 20:03:30.0761 3144 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 20:03:30.0767 3144 iaStorV - ok 20:03:30.0888 3144 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:03:30.0970 3144 idsvc - ok 20:03:31.0062 3144 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:03:31.0063 3144 iirsp - ok 20:03:31.0108 3144 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 20:03:31.0178 3144 IKEEXT - ok 20:03:31.0205 3144 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 20:03:31.0206 3144 intelide - ok 20:03:31.0231 3144 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:03:31.0232 3144 intelppm - ok 20:03:31.0264 3144 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:03:31.0267 3144 IPBusEnum - ok 20:03:31.0292 3144 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:03:31.0293 3144 IpFilterDriver - ok 20:03:31.0345 3144 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 20:03:31.0374 3144 iphlpsvc - ok 20:03:31.0395 3144 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 20:03:31.0396 3144 IPMIDRV - ok 20:03:31.0426 3144 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:03:31.0428 3144 IPNAT - ok 20:03:31.0523 3144 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 20:03:31.0530 3144 iPod Service - ok 20:03:31.0553 3144 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:03:31.0554 3144 IRENUM - ok 20:03:31.0575 3144 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 20:03:31.0576 3144 isapnp - ok 20:03:31.0611 3144 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 20:03:31.0615 3144 iScsiPrt - ok 20:03:31.0639 3144 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 20:03:31.0640 3144 kbdclass - ok 20:03:31.0659 3144 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 20:03:31.0660 3144 kbdhid - ok 20:03:31.0684 3144 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:03:31.0686 3144 KeyIso - ok 20:03:31.0714 3144 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 20:03:31.0716 3144 KSecDD - ok 20:03:31.0749 3144 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 20:03:31.0751 3144 KSecPkg - ok 20:03:31.0773 3144 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:03:31.0774 3144 ksthunk - ok 20:03:31.0821 3144 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:03:31.0844 3144 KtmRm - ok 20:03:31.0874 3144 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 20:03:31.0879 3144 LanmanServer - ok 20:03:31.0893 3144 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 20:03:31.0896 3144 LanmanWorkstation - ok 20:03:31.0945 3144 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 20:03:31.0946 3144 LightScribeService - ok 20:03:31.0952 3144 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:03:31.0953 3144 lltdio - ok 20:03:31.0975 3144 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:03:31.0980 3144 lltdsvc - ok 20:03:31.0996 3144 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:03:31.0997 3144 lmhosts - ok 20:03:32.0053 3144 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 20:03:32.0056 3144 LMS - ok 20:03:32.0090 3144 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:03:32.0092 3144 LSI_FC - ok 20:03:32.0114 3144 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:03:32.0116 3144 LSI_SAS - ok 20:03:32.0127 3144 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:03:32.0128 3144 LSI_SAS2 - ok 20:03:32.0151 3144 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:03:32.0153 3144 LSI_SCSI - ok 20:03:32.0195 3144 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:03:32.0196 3144 luafv - ok 20:03:32.0255 3144 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 20:03:32.0256 3144 MBAMProtector - ok 20:03:32.0320 3144 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 20:03:32.0325 3144 MBAMService - ok 20:03:32.0399 3144 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 20:03:32.0401 3144 Mcx2Svc - ok 20:03:32.0414 3144 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:03:32.0415 3144 megasas - ok 20:03:32.0437 3144 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:03:32.0441 3144 MegaSR - ok 20:03:32.0496 3144 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys 20:03:32.0497 3144 MEIx64 - ok 20:03:32.0510 3144 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:03:32.0513 3144 MMCSS - ok 20:03:32.0527 3144 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:03:32.0528 3144 Modem - ok 20:03:32.0540 3144 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:03:32.0541 3144 monitor - ok 20:03:32.0590 3144 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 20:03:32.0591 3144 mouclass - ok 20:03:32.0596 3144 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:03:32.0596 3144 mouhid - ok 20:03:32.0652 3144 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 20:03:32.0653 3144 mountmgr - ok 20:03:32.0735 3144 MozillaMaintenance (105d4bc829ff145f72319f48eb9ee344) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:03:32.0736 3144 MozillaMaintenance - ok 20:03:32.0791 3144 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 20:03:32.0794 3144 MpFilter - ok 20:03:32.0825 3144 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 20:03:32.0828 3144 mpio - ok 20:03:32.0844 3144 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:03:32.0846 3144 mpsdrv - ok 20:03:32.0915 3144 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 20:03:32.0974 3144 MpsSvc - ok 20:03:33.0013 3144 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 20:03:33.0015 3144 MRxDAV - ok 20:03:33.0053 3144 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:03:33.0055 3144 mrxsmb - ok 20:03:33.0070 3144 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:03:33.0074 3144 mrxsmb10 - ok 20:03:33.0104 3144 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:03:33.0106 3144 mrxsmb20 - ok 20:03:33.0121 3144 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 20:03:33.0122 3144 msahci - ok 20:03:33.0147 3144 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 20:03:33.0149 3144 msdsm - ok 20:03:33.0172 3144 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:03:33.0175 3144 MSDTC - ok 20:03:33.0183 3144 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:03:33.0184 3144 Msfs - ok 20:03:33.0205 3144 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:03:33.0206 3144 mshidkmdf - ok 20:03:33.0216 3144 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 20:03:33.0217 3144 msisadrv - ok 20:03:33.0250 3144 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:03:33.0253 3144 MSiSCSI - ok 20:03:33.0256 3144 msiserver - ok 20:03:33.0266 3144 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:03:33.0267 3144 MSKSSRV - ok 20:03:33.0324 3144 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 20:03:33.0324 3144 MsMpSvc - ok 20:03:33.0341 3144 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:03:33.0342 3144 MSPCLOCK - ok 20:03:33.0348 3144 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:03:33.0349 3144 MSPQM - ok 20:03:33.0376 3144 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 20:03:33.0381 3144 MsRPC - ok 20:03:33.0393 3144 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 20:03:33.0394 3144 mssmbios - ok 20:03:33.0398 3144 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:03:33.0399 3144 MSTEE - ok 20:03:33.0418 3144 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:03:33.0419 3144 MTConfig - ok 20:03:33.0467 3144 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:03:33.0468 3144 Mup - ok 20:03:33.0517 3144 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 20:03:33.0525 3144 napagent - ok 20:03:33.0567 3144 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:03:33.0573 3144 NativeWifiP - ok 20:03:33.0735 3144 ncplelhp (a7f5e21610b21c8ea8f4c718e9dcca59) C:\Windows\system32\DRIVERS\ncplelhp.sys 20:03:33.0761 3144 ncplelhp - ok 20:03:33.0820 3144 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 20:03:33.0832 3144 NDIS - ok 20:03:33.0851 3144 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:03:33.0852 3144 NdisCap - ok 20:03:33.0879 3144 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:03:33.0880 3144 NdisTapi - ok 20:03:33.0917 3144 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 20:03:33.0918 3144 Ndisuio - ok 20:03:33.0962 3144 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 20:03:33.0964 3144 NdisWan - ok 20:03:33.0995 3144 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 20:03:33.0996 3144 NDProxy - ok 20:03:34.0085 3144 Nero BackItUp Scheduler 4.0 (0ff3c6aa3e0fe0eb316df5449b569463) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 20:03:34.0093 3144 Nero BackItUp Scheduler 4.0 - ok 20:03:34.0099 3144 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:03:34.0100 3144 NetBIOS - ok 20:03:34.0155 3144 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 20:03:34.0159 3144 NetBT - ok 20:03:34.0180 3144 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:03:34.0182 3144 Netlogon - ok 20:03:34.0224 3144 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:03:34.0230 3144 Netman - ok 20:03:34.0292 3144 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:03:34.0312 3144 netprofm - ok 20:03:34.0383 3144 netr28x (1982b291df9833fb3adc397ebd310a18) C:\Windows\system32\DRIVERS\netr28x.sys 20:03:34.0474 3144 netr28x - ok 20:03:34.0602 3144 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:03:34.0604 3144 NetTcpPortSharing - ok 20:03:34.0625 3144 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:03:34.0626 3144 nfrd960 - ok 20:03:34.0667 3144 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 20:03:34.0669 3144 NisDrv - ok 20:03:34.0749 3144 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 20:03:34.0751 3144 NisSrv - ok 20:03:34.0804 3144 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 20:03:34.0809 3144 NlaSvc - ok 20:03:34.0950 3144 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 20:03:35.0016 3144 NOBU - ok 20:03:35.0148 3144 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:03:35.0149 3144 Npfs - ok 20:03:35.0180 3144 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:03:35.0182 3144 nsi - ok 20:03:35.0186 3144 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:03:35.0187 3144 nsiproxy - ok 20:03:35.0273 3144 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 20:03:35.0293 3144 Ntfs - ok 20:03:35.0332 3144 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:03:35.0332 3144 Null - ok 20:03:35.0366 3144 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys 20:03:35.0368 3144 NVHDA - ok 20:03:35.0717 3144 nvlddmkm (f0fbfe1e29ff233b0e000054c1fb968a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:03:35.0914 3144 nvlddmkm - ok 20:03:35.0985 3144 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 20:03:35.0988 3144 nvraid - ok 20:03:36.0037 3144 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 20:03:36.0039 3144 nvstor - ok 20:03:36.0060 3144 nvsvc (4e70b5247914426722621180b8764514) C:\Windows\system32\nvvsvc.exe 20:03:36.0064 3144 nvsvc - ok 20:03:36.0105 3144 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 20:03:36.0107 3144 nv_agp - ok 20:03:36.0128 3144 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 20:03:36.0130 3144 ohci1394 - ok 20:03:36.0170 3144 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:03:36.0176 3144 p2pimsvc - ok 20:03:36.0240 3144 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:03:36.0261 3144 p2psvc - ok 20:03:36.0301 3144 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:03:36.0303 3144 Parport - ok 20:03:36.0333 3144 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 20:03:36.0335 3144 partmgr - ok 20:03:36.0345 3144 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:03:36.0349 3144 PcaSvc - ok 20:03:36.0369 3144 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 20:03:36.0371 3144 pci - ok 20:03:36.0375 3144 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 20:03:36.0376 3144 pciide - ok 20:03:36.0394 3144 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:03:36.0398 3144 pcmcia - ok 20:03:36.0419 3144 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:03:36.0420 3144 pcw - ok 20:03:36.0480 3144 pdfcDispatcher - ok 20:03:36.0506 3144 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:03:36.0514 3144 PEAUTH - ok 20:03:36.0571 3144 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:03:36.0573 3144 PerfHost - ok 20:03:36.0652 3144 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 20:03:36.0686 3144 pla - ok 20:03:36.0751 3144 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 20:03:36.0774 3144 PlugPlay - ok 20:03:36.0787 3144 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:03:36.0789 3144 PNRPAutoReg - ok 20:03:36.0805 3144 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:03:36.0808 3144 PNRPsvc - ok 20:03:36.0848 3144 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 20:03:36.0879 3144 PolicyAgent - ok 20:03:36.0910 3144 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:03:36.0914 3144 Power - ok 20:03:36.0984 3144 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 20:03:36.0986 3144 PptpMiniport - ok 20:03:36.0991 3144 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:03:36.0993 3144 Processor - ok 20:03:37.0046 3144 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 20:03:37.0051 3144 ProfSvc - ok 20:03:37.0085 3144 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:03:37.0086 3144 ProtectedStorage - ok 20:03:37.0135 3144 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 20:03:37.0137 3144 Psched - ok 20:03:37.0203 3144 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:03:37.0232 3144 ql2300 - ok 20:03:37.0289 3144 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:03:37.0291 3144 ql40xx - ok 20:03:37.0319 3144 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:03:37.0324 3144 QWAVE - ok 20:03:37.0347 3144 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:03:37.0348 3144 QWAVEdrv - ok 20:03:37.0363 3144 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:03:37.0364 3144 RasAcd - ok 20:03:37.0387 3144 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:03:37.0388 3144 RasAgileVpn - ok 20:03:37.0408 3144 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:03:37.0411 3144 RasAuto - ok 20:03:37.0444 3144 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:03:37.0446 3144 Rasl2tp - ok 20:03:37.0469 3144 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 20:03:37.0475 3144 RasMan - ok 20:03:37.0485 3144 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:03:37.0487 3144 RasPppoe - ok 20:03:37.0494 3144 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:03:37.0496 3144 RasSstp - ok 20:03:37.0522 3144 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 20:03:37.0526 3144 rdbss - ok 20:03:37.0544 3144 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:03:37.0545 3144 rdpbus - ok 20:03:37.0549 3144 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:03:37.0550 3144 RDPCDD - ok 20:03:37.0556 3144 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:03:37.0557 3144 RDPENCDD - ok 20:03:37.0563 3144 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:03:37.0563 3144 RDPREFMP - ok 20:03:37.0602 3144 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 20:03:37.0606 3144 RDPWD - ok 20:03:37.0657 3144 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 20:03:37.0660 3144 rdyboost - ok 20:03:37.0691 3144 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:03:37.0693 3144 RemoteAccess - ok 20:03:37.0711 3144 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:03:37.0715 3144 RemoteRegistry - ok 20:03:37.0738 3144 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:03:37.0741 3144 RpcEptMapper - ok 20:03:37.0763 3144 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:03:37.0764 3144 RpcLocator - ok 20:03:37.0821 3144 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:03:37.0827 3144 RpcSs - ok 20:03:37.0835 3144 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:03:37.0836 3144 rspndr - ok 20:03:37.0914 3144 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys 20:03:37.0919 3144 RTL8167 - ok 20:03:37.0949 3144 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:03:37.0950 3144 SamSs - ok 20:03:38.0044 3144 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 20:03:38.0045 3144 SASDIFSV - ok 20:03:38.0071 3144 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 20:03:38.0071 3144 SASKUTIL - ok 20:03:38.0114 3144 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 20:03:38.0116 3144 sbp2port - ok 20:03:38.0280 3144 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 20:03:38.0289 3144 SBSDWSCService - ok 20:03:38.0328 3144 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:03:38.0332 3144 SCardSvr - ok 20:03:38.0387 3144 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 20:03:38.0389 3144 scfilter - ok 20:03:38.0438 3144 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 20:03:38.0468 3144 Schedule - ok 20:03:38.0498 3144 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:03:38.0500 3144 SCPolicySvc - ok 20:03:38.0531 3144 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 20:03:38.0535 3144 SDRSVC - ok 20:03:38.0550 3144 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:03:38.0551 3144 secdrv - ok 20:03:38.0578 3144 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 20:03:38.0580 3144 seclogon - ok 20:03:38.0597 3144 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 20:03:38.0599 3144 SENS - ok 20:03:38.0620 3144 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:03:38.0622 3144 SensrSvc - ok 20:03:38.0632 3144 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:03:38.0633 3144 Serenum - ok 20:03:38.0656 3144 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:03:38.0658 3144 Serial - ok 20:03:38.0670 3144 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:03:38.0671 3144 sermouse - ok 20:03:38.0717 3144 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 20:03:38.0720 3144 SessionEnv - ok 20:03:38.0774 3144 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 20:03:38.0775 3144 sffdisk - ok 20:03:38.0804 3144 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 20:03:38.0805 3144 sffp_mmc - ok 20:03:38.0827 3144 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 20:03:38.0828 3144 sffp_sd - ok 20:03:38.0843 3144 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:03:38.0844 3144 sfloppy - ok 20:03:38.0893 3144 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:03:38.0898 3144 SharedAccess - ok 20:03:38.0934 3144 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 20:03:38.0940 3144 ShellHWDetection - ok 20:03:38.0959 3144 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:03:38.0961 3144 SiSRaid2 - ok 20:03:38.0971 3144 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:03:38.0973 3144 SiSRaid4 - ok 20:03:39.0004 3144 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:03:39.0006 3144 Smb - ok 20:03:39.0036 3144 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:03:39.0038 3144 SNMPTRAP - ok 20:03:39.0042 3144 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:03:39.0043 3144 spldr - ok 20:03:39.0080 3144 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 20:03:39.0144 3144 Spooler - ok 20:03:39.0290 3144 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 20:03:39.0370 3144 sppsvc - ok 20:03:39.0440 3144 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:03:39.0442 3144 sppuinotify - ok 20:03:39.0496 3144 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 20:03:39.0501 3144 srv - ok 20:03:39.0554 3144 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 20:03:39.0559 3144 srv2 - ok 20:03:39.0583 3144 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 20:03:39.0586 3144 srvnet - ok 20:03:39.0619 3144 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:03:39.0623 3144 SSDPSRV - ok 20:03:39.0645 3144 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:03:39.0647 3144 SstpSvc - ok 20:03:39.0708 3144 STacSV (bacf09a6426aa666f9bdb7d1a7bd1ba7) C:\Program Files\IDT\WDM\STacSV64.exe 20:03:39.0710 3144 STacSV - ok 20:03:39.0724 3144 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:03:39.0725 3144 stexstor - ok 20:03:39.0768 3144 STHDA (84311d693857d5ae2e397b43c91f7b41) C:\Windows\system32\DRIVERS\stwrt64.sys 20:03:39.0788 3144 STHDA - ok 20:03:39.0857 3144 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 20:03:39.0886 3144 stisvc - ok 20:03:39.0917 3144 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 20:03:39.0918 3144 swenum - ok 20:03:39.0960 3144 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:03:39.0991 3144 swprv - ok 20:03:40.0081 3144 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 20:03:40.0116 3144 SysMain - ok 20:03:40.0169 3144 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 20:03:40.0172 3144 TabletInputService - ok 20:03:40.0208 3144 tap0901 (d5462d5c8f4af904d109c5b41b8cd43a) C:\Windows\system32\DRIVERS\tap0901.sys 20:03:40.0223 3144 tap0901 - ok 20:03:40.0268 3144 taphss (b70df208e97536ca9f29289e609f5b16) C:\Windows\system32\DRIVERS\taphss.sys 20:03:40.0269 3144 taphss - ok 20:03:40.0307 3144 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 20:03:40.0313 3144 TapiSrv - ok 20:03:40.0358 3144 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:03:40.0361 3144 TBS - ok 20:03:40.0443 3144 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 20:03:40.0462 3144 Tcpip - ok 20:03:40.0557 3144 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 20:03:40.0571 3144 TCPIP6 - ok 20:03:40.0629 3144 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 20:03:40.0631 3144 tcpipreg - ok 20:03:40.0644 3144 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:03:40.0645 3144 TDPIPE - ok 20:03:40.0679 3144 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 20:03:40.0680 3144 TDTCP - ok 20:03:40.0725 3144 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 20:03:40.0727 3144 tdx - ok 20:03:40.0739 3144 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 20:03:40.0741 3144 TermDD - ok 20:03:40.0786 3144 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 20:03:40.0813 3144 TermService - ok 20:03:40.0842 3144 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:03:40.0845 3144 Themes - ok 20:03:40.0875 3144 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:03:40.0876 3144 THREADORDER - ok 20:03:40.0888 3144 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:03:40.0891 3144 TrkWks - ok 20:03:40.0951 3144 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 20:03:40.0953 3144 TrustedInstaller - ok 20:03:40.0984 3144 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:03:40.0986 3144 tssecsrv - ok 20:03:41.0031 3144 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 20:03:41.0033 3144 TsUsbFlt - ok 20:03:41.0083 3144 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 20:03:41.0085 3144 tunnel - ok 20:03:41.0108 3144 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:03:41.0110 3144 uagp35 - ok 20:03:41.0150 3144 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 20:03:41.0155 3144 udfs - ok 20:03:41.0169 3144 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:03:41.0171 3144 UI0Detect - ok 20:03:41.0203 3144 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 20:03:41.0205 3144 uliagpkx - ok 20:03:41.0238 3144 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 20:03:41.0253 3144 umbus - ok 20:03:41.0273 3144 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:03:41.0284 3144 UmPass - ok 20:03:41.0459 3144 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 20:03:41.0479 3144 UNS - ok 20:03:41.0533 3144 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:03:41.0556 3144 upnphost - ok 20:03:41.0604 3144 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 20:03:41.0605 3144 USBAAPL64 - ok 20:03:41.0666 3144 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 20:03:41.0668 3144 usbaudio - ok 20:03:41.0693 3144 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 20:03:41.0695 3144 usbccgp - ok 20:03:41.0730 3144 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 20:03:41.0732 3144 usbcir - ok 20:03:41.0809 3144 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 20:03:41.0811 3144 usbehci - ok 20:03:41.0840 3144 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 20:03:41.0844 3144 usbhub - ok 20:03:41.0869 3144 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 20:03:41.0870 3144 usbohci - ok 20:03:41.0884 3144 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:03:41.0886 3144 usbprint - ok 20:03:41.0909 3144 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:03:41.0926 3144 USBSTOR - ok 20:03:41.0947 3144 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 20:03:41.0948 3144 usbuhci - ok 20:03:41.0971 3144 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:03:41.0973 3144 UxSms - ok 20:03:42.0005 3144 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:03:42.0006 3144 VaultSvc - ok 20:03:42.0011 3144 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 20:03:42.0012 3144 vdrvroot - ok 20:03:42.0060 3144 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 20:03:42.0068 3144 vds - ok 20:03:42.0082 3144 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:03:42.0083 3144 vga - ok 20:03:42.0098 3144 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:03:42.0099 3144 VgaSave - ok 20:03:42.0121 3144 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 20:03:42.0125 3144 vhdmp - ok 20:03:42.0149 3144 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 20:03:42.0150 3144 viaide - ok 20:03:42.0168 3144 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 20:03:42.0169 3144 volmgr - ok 20:03:42.0221 3144 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 20:03:42.0225 3144 volmgrx - ok 20:03:42.0284 3144 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 20:03:42.0288 3144 volsnap - ok 20:03:42.0320 3144 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:03:42.0322 3144 vsmraid - ok 20:03:42.0400 3144 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 20:03:42.0475 3144 VSS - ok 20:03:42.0553 3144 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:03:42.0555 3144 vwifibus - ok 20:03:42.0572 3144 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:03:42.0574 3144 vwififlt - ok 20:03:42.0611 3144 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:03:42.0618 3144 W32Time - ok 20:03:42.0638 3144 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:03:42.0639 3144 WacomPen - ok 20:03:42.0657 3144 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:03:42.0658 3144 WANARP - ok 20:03:42.0661 3144 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:03:42.0662 3144 Wanarpv6 - ok 20:03:42.0745 3144 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 20:03:42.0776 3144 wbengine - ok 20:03:42.0837 3144 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:03:42.0842 3144 WbioSrvc - ok 20:03:42.0874 3144 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 20:03:42.0881 3144 wcncsvc - ok 20:03:42.0933 3144 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:03:42.0935 3144 WcsPlugInService - ok 20:03:42.0953 3144 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:03:42.0954 3144 Wd - ok 20:03:43.0000 3144 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:03:43.0092 3144 Wdf01000 - ok 20:03:43.0115 3144 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:03:43.0118 3144 WdiServiceHost - ok 20:03:43.0121 3144 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:03:43.0123 3144 WdiSystemHost - ok 20:03:43.0164 3144 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 20:03:43.0169 3144 WebClient - ok 20:03:43.0201 3144 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:03:43.0206 3144 Wecsvc - ok 20:03:43.0231 3144 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:03:43.0234 3144 wercplsupport - ok 20:03:43.0265 3144 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:03:43.0268 3144 WerSvc - ok 20:03:43.0274 3144 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:03:43.0283 3144 WfpLwf - ok 20:03:43.0300 3144 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:03:43.0302 3144 WIMMount - ok 20:03:43.0359 3144 WinDefend - ok 20:03:43.0364 3144 WinHttpAutoProxySvc - ok 20:03:43.0505 3144 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:03:43.0508 3144 Winmgmt - ok 20:03:43.0610 3144 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 20:03:43.0650 3144 WinRM - ok 20:03:43.0733 3144 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 20:03:43.0735 3144 WinUsb - ok 20:03:43.0794 3144 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:03:43.0828 3144 Wlansvc - ok 20:03:43.0981 3144 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:03:44.0045 3144 wlidsvc - ok 20:03:44.0082 3144 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 20:03:44.0083 3144 WmiAcpi - ok 20:03:44.0120 3144 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:03:44.0123 3144 wmiApSrv - ok 20:03:44.0171 3144 WMPNetworkSvc - ok 20:03:44.0189 3144 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:03:44.0191 3144 WPCSvc - ok 20:03:44.0234 3144 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 20:03:44.0238 3144 WPDBusEnum - ok 20:03:44.0263 3144 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:03:44.0264 3144 ws2ifsl - ok 20:03:44.0298 3144 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 20:03:44.0301 3144 wscsvc - ok 20:03:44.0304 3144 WSearch - ok 20:03:44.0433 3144 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:03:44.0492 3144 wuauserv - ok 20:03:44.0557 3144 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 20:03:44.0559 3144 WudfPf - ok 20:03:44.0570 3144 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:03:44.0573 3144 WUDFRd - ok 20:03:44.0609 3144 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 20:03:44.0612 3144 wudfsvc - ok 20:03:44.0632 3144 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:03:44.0637 3144 WwanSvc - ok 20:03:44.0672 3144 MBR (0x1B8) (1ca43bc8d2f8626ba174762fb8c3258c) \Device\Harddisk0\DR0 20:03:44.0847 3144 \Device\Harddisk0\DR0 - ok 20:03:44.0851 3144 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 20:03:44.0855 3144 \Device\Harddisk1\DR1 - ok 20:03:44.0857 3144 Boot (0x1200) (40ca3652c5b41c0fd63231c44d399c82) \Device\Harddisk0\DR0\Partition0 20:03:44.0859 3144 \Device\Harddisk0\DR0\Partition0 - ok 20:03:44.0876 3144 Boot (0x1200) (4bd3e01bab8d8b16f1e8f5a33e88c951) \Device\Harddisk0\DR0\Partition1 20:03:44.0877 3144 \Device\Harddisk0\DR0\Partition1 - ok 20:03:44.0915 3144 Boot (0x1200) (92868ca5101f2a560957a3c907906b6f) \Device\Harddisk0\DR0\Partition2 20:03:44.0916 3144 \Device\Harddisk0\DR0\Partition2 - ok 20:03:44.0920 3144 Boot (0x1200) (cfeac14b5038a954070a12bae2675e66) \Device\Harddisk1\DR1\Partition0 20:03:44.0922 3144 \Device\Harddisk1\DR1\Partition0 - ok 20:03:44.0922 3144 ============================================================ 20:03:44.0922 3144 Scan finished 20:03:44.0922 3144 ============================================================ 20:03:44.0931 5340 Detected object count: 0 20:03:44.0931 5340 Actual detected object count: 0 |
|
25.07.2012, 18:43
| #6 |
| /// Malware-holic | Task Manager startet nicht mehr (Windows 7) startet der taskmanager wieder? lade den CCleaner standard: CCleaner Download - CCleaner 3.20.1750 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ --> Task Manager startet nicht mehr (Windows 7) |
|
| Themen zu Task Manager startet nicht mehr (Windows 7) |
| adobe, bho, bonjour, cid, downloader, firefox, flash player, format, heuristiks/extra, heuristiks/shuriken, hijack, hijackthis, home, hotspot, hotspot shield, installation, logfile, malware, mozilla, plug-in, problem, programm, progressive, realtek, registry, safer networking, search the web, searchscopes, security, services.exe, software, superantispyware, symantec, windows |
Linear-Darstellung
