"Dieses Programm kann die Website nicht anzeigen"-Virus

Stefan85 · 10.09.2012, 20:19

Liebe Forumgemeinde,
erstmal herzlichen Dank für eure tolle Arbeit

. Gestern hat es mich nun auch erwischt. Beim Internetsurfen zeigte sich plötzlich ein weißer Bildschirm mit der Meldung “Dieses Programm kann die Webseite nicht anzeigen“. Der Taskmanager ließ sich nicht mehr starten. Nach Neustart war für etwa 2 Sekunden der normale Windowdesktop zu sehen, anschließend trat obriges Problem wieder auf. Das Starten im Abgesicherter Modus mit Netzwerkunterstützung war ohne Probleme möglich. Der vollständige Scan mit Malwarebytes brachte folgenden Befund.

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.09.07

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Stefan :: STEFANPC [Administrator]

Schutz: Deaktiviert

10.09.2012 01:37:41
mbam-log-2012-09-10 (01-37-41).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 199327
Laufzeit: 4 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|edgmoruasdbpond (Trojan.Winlock) -> Daten: C:\ProgramData\edgmorua.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\ProgramData\edgmorua.exe (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Stefan\AppData\Local\Temp\wpbt0.dll (Malware.Packer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Stefan\ms.exe (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Nach Verschieben der infizierten Dateien in Quarantäne war ein Starten des Laptops im normalen Modus möglich, das System lief soweit getestet flüssig.

Natürlich bin ich mir im klaren, dass das Problem möglicherweise noch nicht behoben ist, deshalb brauche ich nun eure Hilfe!! Vielen Dank schonmal!

OTL Logfile:

HTML-Code:

OTL logfile created on: 10.09.2012 17:44:16 - Run 5
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\Stefan\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 74,58% Memory free
5,92 Gb Paging File | 5,36 Gb Available in Paging File | 90,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 420,55 Gb Total Space | 215,34 Gb Free Space | 51,20% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,50 Gb Free Space | 97,53% Space Free | Partition Type: NTFS
 
Computer Name: STEFANPC | User Name: Stefan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012.09.10 16:10:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Downloads\OTL.exe
PRC - [2012.08.30 17:08:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012.08.30 17:08:44 | 002,242,528 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.12.06 18:09:34 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012.08.30 17:08:45 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.05 10:50:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.09.22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009.07.16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009.07.14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009.07.14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.06.04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009.01.14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.11.25 00:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.25 00:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2008.11.25 00:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.25 00:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.01.16 11:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006.10.26 21:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\test\ECECECEC\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.12.21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010.12.21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.01.05 00:50:24 | 000,054,800 | ---- | M] () [Kernel | System | Stopped] -- C:\windows\System32\drivers\funfrm.sys -- (funfrm)
DRV - [2009.10.07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009.10.07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.09.14 20:04:28 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.07.30 11:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.28 23:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009.07.21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009.07.16 14:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009.06.19 18:18:26 | 000,168,704 | ---- | M] (SMI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009.06.15 04:46:22 | 000,475,648 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.05.19 15:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2008.08.06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 131.188.24.42:3128
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: youtube2mp3@mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..network.proxy.ftp: "131.188.24.42"
FF - prefs.js..network.proxy.ftp_port: 2121
FF - prefs.js..network.proxy.http: "131.188.24.42"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks: "131.188.24.43"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 17:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.17 10:50:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 17:08:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.17 10:50:32 | 000,000,000 | ---D | M]
 
[2010.03.23 22:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2012.05.02 22:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\9442vttk.default\extensions
[2012.04.07 19:06:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\9442vttk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.31 19:21:26 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\firefox\profiles\9442vttk.default\extensions\youtube2mp3@mondayx.de.xpi
[2012.02.02 11:13:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.24 19:14:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.30 17:08:45 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.10 21:51:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 17:08:43 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.10 21:51:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.10 21:51:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.10 21:51:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.10 21:51:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe File not found
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FEA64E4-7C41-43FE-8631-6C12866B3269}: DhcpNameServer = 131.188.0.10 131.188.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C64E587A-E51A-49D9-9E4D-B932512E90FA}: NameServer = 131.188.0.10,131.188.0.11,131.188.3.72,131.188.3.73
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012.09.10 00:38:45 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Malwarebytes
[2012.09.10 00:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.10 00:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.10 00:38:37 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012.09.10 00:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.09 23:00:22 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Sophos
[2012.09.09 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\ElevatedDiagnostics
[2012.09.09 22:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\bowkgewaseuihje
[2012.08.31 14:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.31 14:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.08.25 10:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.08.15 23:24:50 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012.08.15 23:24:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012.08.15 23:24:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012.08.15 23:24:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012.08.15 23:24:41 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012.08.15 23:24:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012.08.15 23:24:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012.08.15 07:16:52 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2012.08.15 07:16:51 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012.08.15 07:16:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012.09.10 17:17:30 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.09.10 17:17:23 | 2384,932,864 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.10 16:55:39 | 000,000,000 | ---- | M] () -- C:\Users\Stefan\defogger_reenable
[2012.09.10 15:50:12 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.10 15:50:12 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.10 15:40:42 | 000,701,108 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012.09.10 15:40:42 | 000,662,950 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.09.10 15:40:42 | 000,147,762 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012.09.10 15:40:42 | 000,124,144 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.09.10 01:44:00 | 000,017,506 | ---- | M] () -- C:\Users\Stefan\Documents\malware log datei.odt
[2012.09.10 00:38:38 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.09 22:19:37 | 000,000,051 | ---- | M] () -- C:\ProgramData\egefvjefutrpawi
[2012.08.31 15:03:29 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\lvuvc.hs
[2012.08.31 14:33:55 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.25 10:22:58 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.08.16 07:11:36 | 000,447,528 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012.08.12 21:40:34 | 000,014,173 | ---- | M] () -- C:\Users\Stefan\Documents\kretsche.odt
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012.09.10 16:55:39 | 000,000,000 | ---- | C] () -- C:\Users\Stefan\defogger_reenable
[2012.09.10 01:43:58 | 000,017,506 | ---- | C] () -- C:\Users\Stefan\Documents\malware log datei.odt
[2012.09.10 00:38:38 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.09 22:19:32 | 000,000,051 | ---- | C] () -- C:\ProgramData\egefvjefutrpawi
[2012.08.31 14:33:55 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.25 10:22:58 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.08.12 21:40:31 | 000,014,173 | ---- | C] () -- C:\Users\Stefan\Documents\kretsche.odt
[2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2011.07.05 19:59:30 | 000,000,863 | ---- | C] () -- C:\Users\Stefan\.recently-used.xbel
[2011.02.24 00:51:52 | 000,059,025 | ---- | C] () -- C:\Users\Stefan\Outdoorbroker-Outdoorbroker_Retoure-77EWLANMBU.pdf
[2011.02.20 23:54:21 | 000,011,341 | ---- | C] () -- C:\Users\Stefan\application antwort.odt
[2011.02.15 20:53:34 | 000,014,848 | ---- | C] () -- C:\Users\Stefan\Lösungen Füll B.odt
[2011.02.11 19:04:38 | 000,009,007 | ---- | C] () -- C:\Users\Stefan\Barbados.odt
[2011.02.04 00:59:23 | 000,016,764 | ---- | C] () -- C:\Users\Stefan\derma lösungen.odt
[2011.01.31 15:33:43 | 000,997,600 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung3 003.tif
[2011.01.31 15:32:13 | 002,506,842 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung1 001.tif
[2011.01.31 15:16:13 | 002,228,628 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung 002.tif
[2011.01.15 00:32:30 | 000,430,364 | ---- | C] () -- C:\Users\Stefan\Unbenannt.PNG
[2011.01.15 00:32:30 | 000,205,256 | ---- | C] () -- C:\Users\Stefan\Unbenanntdrg.PNG
[2010.10.17 23:56:32 | 000,007,992 | ---- | C] () -- C:\Users\Stefan\Q7_Programm.pdf
[2010.10.17 23:56:22 | 000,023,567 | ---- | C] () -- C:\Users\Stefan\Q7_Zeitplan.pdf
[2010.07.14 18:17:56 | 000,108,500 | ---- | C] () -- C:\Users\Stefan\uetraeger_D773DD8A02FC523EDFFB60438F26E6F6.cit-prod-tomcat2[1].pdf
[2010.04.07 11:47:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.23 20:21:53 | 000,007,666 | ---- | C] () -- C:\Users\Stefan\AppData\Local\resmon.resmoncfg

< End of report >

cosinus · 11.09.2012, 12:24

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Stefan85 · 11.09.2012, 17:26

Vielen Dank schonmal! Ein erneuter vollständiger Scan mit Malwarebytes brachte folgendes Ergebnis!

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.11.06

Windows 7 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Stefan :: STEFANPC [Administrator]

Schutz: Deaktiviert

11.09.2012 17:19:39
mbam-log-2012-09-11 (17-19-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 383271
Laufzeit: 54 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Hier ist das Logfile des ESET Scanners!!

Code:

ATTFilter

C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\0A\5DDB1d01	HTML/Iframe.B.Gen virus
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\E\96\C19FBd01	JS/Exploit.Pdfka.PMN trojan

cosinus · 11.09.2012, 22:18

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Stefan85 · 12.09.2012, 08:22

Schönen Guten morgen erstmal, die Suche mit dem AdwCleaner brachte folgendes Ergebnis!!

Code:

ATTFilter

# AdwCleaner v2.001 - Datei am 09/12/2012 um 09:16:40 erstellt
# Aktualisiert am 09/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Stefan - STEFANPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Stefan\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Stefan\AppData\Local\Temp\Uninstall.exe
Ordner Gefunden : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\9442vttk.default\Conduit

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\9442vttk.default\prefs.js

Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.CTID", "CT2269050");
Gefunden : user_pref("CT2269050.CurrentServerDate", "14-8-2010");
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Sat Aug 14 2010 11:38:42 GMT+0200");
Gefunden : user_pref("CT2269050.FirstServerDate", "14-8-2010");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 2);
Gefunden : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Sat Aug 14 2010 11:38:42 GMT+0200");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", false);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Sat Aug 14 2010 11:38:44 GMT+0200");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_2.7.0.14", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gefunden : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.LoginCache", 4);
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Sat Aug 14 2010 11:38:44 GMT+0200");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Sat Aug 14 2010 11:38:41 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1281105247");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Aug 14 2010 11:38:41 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2269050.Uninstall", true);
Gefunden : user_pref("CT2269050.UserID", "UN56407363019453058");
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.clientLogIsEnabled", true);
Gefunden : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=666138&fid=661999", "\"0\""[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.EngineOwner", "");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Gefunden : user_pref("CommunityToolbar.IsEngineShown", true);
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Gefunden : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Mar 29 2011 00:25:31 GMT+02[...]
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Mar 29 2011 00:25:39 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Mar 29 2011 00:25:29 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "{ba9c4c6c-d70a-4b60-9ad3-e55152bbeb48}");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [9873 octets] - [12/09/2012 09:16:40]

########## EOF - C:\AdwCleaner[R1].txt - [9933 octets] ##########

cosinus · 12.09.2012, 13:56

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Stefan85 · 12.09.2012, 15:21

Code:

ATTFilter

# AdwCleaner v2.001 - Datei am 09/12/2012 um 16:14:27 erstellt
# Aktualisiert am 09/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Stefan - STEFANPC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Stefan\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Stefan\AppData\Local\Temp\Uninstall.exe
Ordner Gelöscht : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\9442vttk.default\Conduit

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\9442vttk.default\prefs.js

Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "14-8-2010");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Sat Aug 14 2010 11:38:42 GMT+0200");
Gelöscht : user_pref("CT2269050.FirstServerDate", "14-8-2010");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 2);
Gelöscht : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2269050.InstalledDate", "Sat Aug 14 2010 11:38:42 GMT+0200");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Sat Aug 14 2010 11:38:44 GMT+0200");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_2.7.0.14", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "2.1.0.18");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.LoginCache", 4);
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Sat Aug 14 2010 11:38:44 GMT+0200");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Sat Aug 14 2010 11:38:41 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1281105247");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Aug 14 2010 11:38:41 GMT+0200");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2269050.Uninstall", true);
Gelöscht : user_pref("CT2269050.UserID", "UN56407363019453058");
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.clientLogIsEnabled", true);
Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=666138&fid=661999", "\"0\""[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Mar 29 2011 00:25:31 GMT+02[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Mar 29 2011 00:25:39 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Mar 29 2011 00:25:29 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{ba9c4c6c-d70a-4b60-9ad3-e55152bbeb48}");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Aug 14 2010 11:38:43 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [10002 octets] - [12/09/2012 09:16:40]
AdwCleaner[R2].txt - [10063 octets] - [12/09/2012 09:23:19]
AdwCleaner[S1].txt - [10254 octets] - [12/09/2012 16:14:27]

########## EOF - C:\AdwCleaner[S1].txt - [10315 octets] ##########

cosinus · 12.09.2012, 15:33

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Stefan85 · 12.09.2012, 16:07

Hallo Cosinus;

zu 1) soweit getestet funktioniert der normale Modus von Windows wieder tadellos, Internet und Programme laufen flüssig, aktuell kein Grund zur Beanstandung

zu2) auch im Startmenu sind alle Ordner vorhanden, leere Ordner oder Programme sind nicht vorhanden

Kann ich davon ausgehen, dass mein PC wieder sauber ist??

cosinus · 12.09.2012, 19:39

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Stefan85 · 12.09.2012, 20:52

Hier gibts den neuen otl log!!

Code:

ATTFilter

OTL logfile created on: 12.09.2012 21:24:29 - Run 6
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\Stefan\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 58,25% Memory free
5,92 Gb Paging File | 4,59 Gb Available in Paging File | 77,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 420,55 Gb Total Space | 221,25 Gb Free Space | 52,61% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 29,50 Gb Free Space | 97,53% Space Free | Partition Type: NTFS
 
Computer Name: STEFANPC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.12 21:22:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Downloads\OTL(1).exe
PRC - [2012.09.07 20:26:05 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.07 20:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.07 20:25:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.07 20:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.01.04 08:07:30 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.02.01 22:51:56 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.02.01 22:51:52 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2009.09.29 18:23:20 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Programme\Lenovo\Energy Management\utility.exe
PRC - [2009.09.29 18:22:46 | 005,064,560 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Programme\Lenovo\Energy Management\Energy Management.exe
PRC - [2009.08.12 10:09:32 | 000,683,576 | ---- | M] (Conexant Systems, Inc) -- C:\Programme\CONEXANT\SAII\SmartAudio.exe
PRC - [2009.07.14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009.06.04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.01.14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.11.25 00:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.01.16 11:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.11 20:52:06 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\30b1d86571495ea86b9a19b13498aad3\WindowsFormsIntegration.ni.dll
MOD - [2012.09.11 20:43:13 | 000,220,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bf7e7494e75e32979c7824a07570a8a9\CustomMarshalers.ni.dll
MOD - [2012.09.11 20:42:02 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
MOD - [2012.09.11 19:46:50 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2012.09.11 19:46:42 | 014,339,072 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2012.09.11 19:46:21 | 012,234,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2012.09.11 19:46:07 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2012.09.11 19:44:57 | 012,432,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2012.09.11 19:44:27 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2012.09.11 19:43:54 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2012.09.11 19:43:25 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2012.09.11 19:43:17 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2012.09.11 19:43:14 | 007,963,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2012.09.11 19:42:57 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010.11.05 03:57:39 | 000,069,120 | ---- | M] () -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.04.05 15:02:35 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.04.05 15:02:35 | 000,166,400 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxslt.dll
MOD - [2009.11.16 21:41:36 | 000,090,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll
MOD - [2009.11.16 21:41:12 | 000,167,936 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2009.11.16 21:41:06 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.06.05 18:36:48 | 000,217,088 | ---- | M] () -- C:\Windows\System32\370prop.ax
MOD - [2008.12.20 05:20:50 | 000,063,304 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\KbdHook.dll
MOD - [2008.12.20 05:20:08 | 000,051,016 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\HookLib.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.11 16:12:49 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 20:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.07 20:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.05 10:50:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.09.22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009.07.16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009.07.14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009.07.14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009.01.14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.11.25 00:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.25 00:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2008.11.25 00:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.25 00:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.01.16 11:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006.10.26 21:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\test\ECECECEC\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2012.09.07 20:26:05 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.07 20:26:05 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.09.07 20:26:05 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.02 07:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 07:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 07:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.12.21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010.12.21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.05 00:50:24 | 000,054,800 | ---- | M] () [Kernel | System | Running] -- C:\windows\System32\drivers\funfrm.sys -- (funfrm)
DRV - [2009.10.07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009.10.07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.09.14 20:04:28 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.07.30 11:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.28 23:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009.07.21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009.07.16 14:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009.06.19 18:18:26 | 000,168,704 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009.06.15 04:46:22 | 000,475,648 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.05.19 15:43:08 | 000,021,520 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2008.08.06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 131.188.24.42:3128
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: youtube2mp3@mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..network.proxy.ftp: "131.188.24.42"
FF - prefs.js..network.proxy.ftp_port: 2121
FF - prefs.js..network.proxy.http: "131.188.24.42"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks: "131.188.24.43"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 16:12:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.11 16:12:47 | 000,000,000 | ---D | M]
 
[2010.03.23 22:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2012.05.02 22:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\9442vttk.default\extensions
[2012.04.07 19:06:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\9442vttk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.31 19:21:26 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\firefox\profiles\9442vttk.default\extensions\youtube2mp3@mondayx.de.xpi
[2012.09.11 16:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.11 16:12:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.11 16:12:49 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.10 21:51:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 17:08:43 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.10 21:51:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.10 21:51:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.10 21:51:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.10 21:51:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-599200126-878415453-2887306244-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe File not found
O4 - HKU\S-1-5-21-599200126-878415453-2887306244-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FEA64E4-7C41-43FE-8631-6C12866B3269}: DhcpNameServer = 131.188.0.10 131.188.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C64E587A-E51A-49D9-9E4D-B932512E90FA}: NameServer = 131.188.0.10,131.188.0.11,131.188.3.72,131.188.3.73
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.clmp3enc - C:\Programme\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\windows\System32\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.11 19:46:56 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Avira
[2012.09.11 19:23:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.09.11 19:22:58 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2012.09.11 19:22:56 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2012.09.11 19:22:56 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2012.09.11 19:22:56 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avkmgr.sys
[2012.09.11 19:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.11 19:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.11 19:14:24 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2012.09.11 19:12:18 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2012.09.11 16:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.11 15:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.10 00:38:45 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Malwarebytes
[2012.09.10 00:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.10 00:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.10 00:38:37 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012.09.10 00:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.09 23:00:22 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Sophos
[2012.09.09 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\ElevatedDiagnostics
[2012.09.09 22:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\bowkgewaseuihje
[2012.08.31 14:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.31 14:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.08.25 10:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.12 17:40:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.09.12 16:23:34 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 16:23:34 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 16:18:16 | 000,701,108 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012.09.12 16:18:16 | 000,662,950 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.09.12 16:18:16 | 000,147,762 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012.09.12 16:18:16 | 000,124,144 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.09.12 16:15:20 | 2384,932,864 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.11 19:39:58 | 000,447,528 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012.09.11 19:23:12 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.10 20:43:56 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.10 20:42:28 | 000,003,991 | ---- | M] () -- C:\Users\Stefan\Documents\Gmer.7z
[2012.09.10 18:27:00 | 000,008,571 | ---- | M] () -- C:\Users\Stefan\Documents\Extras.7z
[2012.09.10 16:55:39 | 000,000,000 | ---- | M] () -- C:\Users\Stefan\defogger_reenable
[2012.09.10 01:44:00 | 000,017,506 | ---- | M] () -- C:\Users\Stefan\Documents\malware log datei.odt
[2012.09.09 22:19:37 | 000,000,051 | ---- | M] () -- C:\ProgramData\egefvjefutrpawi
[2012.09.07 20:26:05 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2012.09.07 20:26:05 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2012.09.07 20:26:05 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avkmgr.sys
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012.08.31 15:03:29 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\lvuvc.hs
[2012.08.31 14:33:55 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.25 10:22:58 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
 
========== Files Created - No Company Name ==========
 
[2012.09.11 19:23:12 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.10 20:42:28 | 000,003,991 | ---- | C] () -- C:\Users\Stefan\Documents\Gmer.7z
[2012.09.10 18:25:28 | 000,008,571 | ---- | C] () -- C:\Users\Stefan\Documents\Extras.7z
[2012.09.10 16:55:39 | 000,000,000 | ---- | C] () -- C:\Users\Stefan\defogger_reenable
[2012.09.10 01:43:58 | 000,017,506 | ---- | C] () -- C:\Users\Stefan\Documents\malware log datei.odt
[2012.09.10 00:38:38 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.09 22:19:32 | 000,000,051 | ---- | C] () -- C:\ProgramData\egefvjefutrpawi
[2012.08.31 14:33:55 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.25 10:22:58 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2011.07.05 19:59:30 | 000,000,863 | ---- | C] () -- C:\Users\Stefan\.recently-used.xbel
[2011.02.24 00:51:52 | 000,059,025 | ---- | C] () -- C:\Users\Stefan\Outdoorbroker-Outdoorbroker_Retoure-77EWLANMBU.pdf
[2011.02.20 23:54:21 | 000,011,341 | ---- | C] () -- C:\Users\Stefan\application antwort.odt
[2011.02.15 20:53:34 | 000,014,848 | ---- | C] () -- C:\Users\Stefan\Lösungen Füll B.odt
[2011.02.11 19:04:38 | 000,009,007 | ---- | C] () -- C:\Users\Stefan\Barbados.odt
[2011.02.04 00:59:23 | 000,016,764 | ---- | C] () -- C:\Users\Stefan\derma lösungen.odt
[2011.01.31 15:33:43 | 000,997,600 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung3 003.tif
[2011.01.31 15:32:13 | 002,506,842 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung1 001.tif
[2011.01.31 15:16:13 | 002,228,628 | R--- | C] () -- C:\Users\Stefan\Bafögbescheinigung 002.tif
[2011.01.15 00:32:30 | 000,430,364 | ---- | C] () -- C:\Users\Stefan\Unbenannt.PNG
[2011.01.15 00:32:30 | 000,205,256 | ---- | C] () -- C:\Users\Stefan\Unbenanntdrg.PNG
[2010.10.17 23:56:32 | 000,007,992 | ---- | C] () -- C:\Users\Stefan\Q7_Programm.pdf
[2010.10.17 23:56:22 | 000,023,567 | ---- | C] () -- C:\Users\Stefan\Q7_Zeitplan.pdf
[2010.07.14 18:17:56 | 000,108,500 | ---- | C] () -- C:\Users\Stefan\uetraeger_D773DD8A02FC523EDFFB60438F26E6F6.cit-prod-tomcat2[1].pdf
[2010.04.07 11:47:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.23 20:21:53 | 000,007,666 | ---- | C] () -- C:\Users\Stefan\AppData\Local\resmon.resmoncfg
 
========== LOP Check ==========
 
[2012.07.20 21:14:26 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Downloaded Installations
[2010.08.14 10:38:13 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.03.23 19:31:47 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\EasyCapture
[2011.07.05 19:59:30 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\gtk-2.0
[2012.07.20 21:17:08 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Nitro PDF
[2010.04.05 15:03:31 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\OpenOffice.org
[2011.10.31 01:47:07 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Samsung
[2012.08.06 07:12:28 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.03.26 21:46:37 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Adobe
[2012.09.11 19:46:56 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Avira
[2010.05.13 15:31:52 | 000,000,000 | R--D | M] -- C:\Users\Stefan\AppData\Roaming\Brother
[2010.03.23 19:31:33 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\CyberLink
[2012.07.20 21:14:26 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Downloaded Installations
[2011.11.19 14:18:31 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\dvdcss
[2010.08.14 10:38:13 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.03.23 19:31:47 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\EasyCapture
[2011.07.05 19:59:30 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\gtk-2.0
[2010.03.23 18:43:07 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Identities
[2010.03.23 22:52:47 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Macromedia
[2012.09.10 00:38:45 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Malwarebytes
[2009.07.29 12:50:54 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Media Center Programs
[2011.10.31 01:53:56 | 000,000,000 | --SD | M] -- C:\Users\Stefan\AppData\Roaming\Microsoft
[2010.03.23 22:33:12 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Mozilla
[2012.07.20 21:17:08 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Nitro PDF
[2010.04.05 15:03:31 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\OpenOffice.org
[2011.10.31 01:47:07 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Samsung
[2012.09.12 20:51:05 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Skype
[2011.08.23 16:09:20 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\skypePM
[2010.04.14 19:40:56 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Sony Corporation
[2012.09.11 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\vlc
 
< %APPDATA%\*.exe /s >
[2012.01.16 18:03:26 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x86.exe
[2011.09.29 17:19:14 | 000,929,680 | ---- | M] (Samsung) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.09.29 17:19:18 | 000,278,928 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.09.16 12:58:14 | 000,285,696 | ---- | M] (Samsung) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2011.09.29 17:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.09.16 12:56:02 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.09.16 12:56:02 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.09.16 12:56:04 | 000,666,624 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.09.29 17:19:20 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.09.16 12:55:38 | 000,106,408 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.09.16 12:55:38 | 000,101,288 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.09.29 17:19:24 | 000,131,984 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.09.29 17:19:26 | 000,020,880 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.09.29 17:19:28 | 004,662,392 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.09.16 12:54:38 | 024,111,736 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.09.29 17:19:30 | 000,364,432 | ---- | M] (ml) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.01.04 08:07:42 | 000,371,088 | ---- | M] (ml) -- C:\Users\Stefan\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

cosinus · 13.09.2012, 15:02

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-599200126-878415453-2887306244-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 131.188.24.42:3128
FF - prefs.js..network.proxy.ftp: "131.188.24.42"
FF - prefs.js..network.proxy.ftp_port: 2121
FF - prefs.js..network.proxy.http: "131.188.24.42"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks: "131.188.24.43"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.type: 0
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\ProgramData\egefvjefutrpawi
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Stefan85 · 13.09.2012, 16:02

Hab alles gemacht wie beschrieben!
Vielen Dank;-)

Code:

ATTFilter

All processes killed
========== OTL ==========
HKU\S-1-5-21-599200126-878415453-2887306244-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "131.188.24.42" removed from network.proxy.ftp
Prefs.js: 2121 removed from network.proxy.ftp_port
Prefs.js: "131.188.24.42" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "131.188.24.43" removed from network.proxy.socks
Prefs.js: 1080 removed from network.proxy.socks_port
Prefs.js: 0 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
========== FILES ==========
File\Folder C:\ProgramData\egefvjefutrpawi not found.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\F\98 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\F folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\E\F7 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\E\12 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\E folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D\DA folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D\C2 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D\BB folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D\77 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D\48 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\D folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\FD folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\CA folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\91 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\77 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\6E folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C\4D folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\C folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B\BC folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B\99 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B\8A folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B\63 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B\12 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\B folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\A\E7 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\A\7F folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\A\42 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\A folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\9\1D folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\9\13 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\9 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\8\CD folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\8\B3 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\8 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\DC folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\BC folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\9A folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\7E folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\4B folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7\15 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\7 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\E2 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\B6 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\A9 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\99 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\94 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\7E folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6\54 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\6 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\5\E3 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\5 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\DD folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\D8 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\CD folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\C0 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\72 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\6D folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\50 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4\1A folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\4 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\3\9B folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\3\86 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\3\42 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\3 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2\8B folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2\87 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2\77 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2\4C folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2\01 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\2 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\1\1A folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\1\0C folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\1 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\0\BA folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\0\AD folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache\0 folder moved successfully.
C:\Users\Stefan\AppData\Local\Mozilla\Firefox\Profiles\9442vttk.default\Cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Stefan\Downloads\cmd.bat deleted successfully.
C:\Users\Stefan\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Stefan
->Temp folder emptied: 667573408 bytes
->Temporary Internet Files folder emptied: 312423549 bytes
->Java cache emptied: 8252867 bytes
->FireFox cache emptied: 66268666 bytes
->Flash cache emptied: 170775 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 494706520 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1.478,00 mb
 
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.3 log created on 09132012_165222

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus · 13.09.2012, 22:25

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Stefan85 · 14.09.2012, 08:29

Hat alles soweit problemlos funktioniert!!

Code:

ATTFilter

09:16:31.0973 5200  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:16:32.0946 5200  ============================================================
09:16:32.0946 5200  Current date / time: 2012/09/14 09:16:32.0946
09:16:32.0946 5200  SystemInfo:
09:16:32.0946 5200  
09:16:32.0946 5200  OS Version: 6.1.7601 ServicePack: 1.0
09:16:32.0946 5200  Product type: Workstation
09:16:32.0946 5200  ComputerName: STEFANPC
09:16:32.0947 5200  UserName: Stefan
09:16:32.0947 5200  Windows directory: C:\windows
09:16:32.0947 5200  System windows directory: C:\windows
09:16:32.0947 5200  Processor architecture: Intel x86
09:16:32.0947 5200  Number of processors: 2
09:16:32.0947 5200  Page size: 0x1000
09:16:32.0947 5200  Boot type: Normal boot
09:16:32.0947 5200  ============================================================
09:16:33.0489 5200  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:16:33.0492 5200  ============================================================
09:16:33.0492 5200  \Device\Harddisk0\DR0:
09:16:33.0492 5200  MBR partitions:
09:16:33.0492 5200  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
09:16:33.0492 5200  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34920180
09:16:33.0522 5200  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985980, BlocksNum 0x3C7E000
09:16:33.0522 5200  ============================================================
09:16:33.0559 5200  C: <-> \Device\Harddisk0\DR0\Partition2
09:16:33.0605 5200  D: <-> \Device\Harddisk0\DR0\Partition3
09:16:33.0605 5200  ============================================================
09:16:33.0605 5200  Initialize success
09:16:33.0605 5200  ============================================================
09:20:07.0095 2732  ============================================================
09:20:07.0095 2732  Scan started
09:20:07.0095 2732  Mode: Manual; SigCheck; TDLFS; 
09:20:07.0095 2732  ============================================================
09:20:07.0360 2732  ================ Scan services =============================
09:20:07.0532 2732  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
09:20:07.0641 2732  1394ohci - ok
09:20:07.0688 2732  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
09:20:07.0703 2732  ACPI - ok
09:20:07.0750 2732  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
09:20:07.0828 2732  AcpiPmi - ok
09:20:07.0875 2732  [ 87114EFEDEB94AF49323CA61F344716D ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
09:20:07.0922 2732  ACPIVPC - ok
09:20:07.0968 2732  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
09:20:08.0000 2732  adp94xx - ok
09:20:08.0015 2732  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
09:20:08.0031 2732  adpahci - ok
09:20:08.0046 2732  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
09:20:08.0062 2732  adpu320 - ok
09:20:08.0109 2732  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
09:20:08.0187 2732  AeLookupSvc - ok
09:20:08.0249 2732  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
09:20:08.0312 2732  AFD - ok
09:20:08.0390 2732  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
09:20:08.0405 2732  agp440 - ok
09:20:08.0468 2732  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
09:20:08.0483 2732  aic78xx - ok
09:20:08.0546 2732  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
09:20:08.0592 2732  ALG - ok
09:20:08.0639 2732  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
09:20:08.0655 2732  aliide - ok
09:20:08.0702 2732  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
09:20:08.0733 2732  amdagp - ok
09:20:08.0733 2732  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
09:20:08.0748 2732  amdide - ok
09:20:08.0795 2732  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
09:20:08.0826 2732  AmdK8 - ok
09:20:08.0858 2732  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
09:20:08.0873 2732  AmdPPM - ok
09:20:08.0920 2732  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
09:20:08.0936 2732  amdsata - ok
09:20:08.0951 2732  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
09:20:08.0967 2732  amdsbs - ok
09:20:08.0998 2732  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
09:20:08.0998 2732  amdxata - ok
09:20:09.0123 2732  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:20:09.0138 2732  AntiVirSchedulerService - ok
09:20:09.0185 2732  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:20:09.0216 2732  AntiVirService - ok
09:20:09.0263 2732  [ FD6D4BC1CF7D1FEC5A17588007ECAFB5 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
09:20:09.0279 2732  ApfiltrService - ok
09:20:09.0326 2732  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
09:20:09.0435 2732  AppID - ok
09:20:09.0466 2732  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
09:20:09.0544 2732  AppIDSvc - ok
09:20:09.0591 2732  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\windows\System32\appinfo.dll
09:20:09.0638 2732  Appinfo - ok
09:20:09.0669 2732  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
09:20:09.0684 2732  arc - ok
09:20:09.0716 2732  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
09:20:09.0731 2732  arcsas - ok
09:20:09.0762 2732  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
09:20:09.0872 2732  AsyncMac - ok
09:20:09.0918 2732  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
09:20:09.0950 2732  atapi - ok
09:20:09.0996 2732  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:20:10.0043 2732  AudioEndpointBuilder - ok
09:20:10.0059 2732  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
09:20:10.0090 2732  Audiosrv - ok
09:20:10.0168 2732  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
09:20:10.0199 2732  avgntflt - ok
09:20:10.0230 2732  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
09:20:10.0246 2732  avipbb - ok
09:20:10.0262 2732  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
09:20:10.0277 2732  avkmgr - ok
09:20:10.0324 2732  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
09:20:10.0386 2732  AxInstSV - ok
09:20:10.0449 2732  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
09:20:10.0511 2732  b06bdrv - ok
09:20:10.0558 2732  [ 6F41A4C5745BB99F89406F57164F099E ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
09:20:10.0574 2732  b57nd60x - ok
09:20:10.0698 2732  [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl6.sys
09:20:10.0761 2732  BCM43XX - ok
09:20:10.0808 2732  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
09:20:10.0823 2732  BcmSqlStartupSvc - ok
09:20:10.0870 2732  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
09:20:10.0948 2732  BDESVC - ok
09:20:10.0979 2732  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
09:20:11.0057 2732  Beep - ok
09:20:11.0120 2732  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
09:20:11.0198 2732  BFE - ok
09:20:11.0244 2732  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
09:20:11.0291 2732  BITS - ok
09:20:11.0322 2732  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
09:20:11.0354 2732  blbdrive - ok
09:20:11.0400 2732  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
09:20:11.0447 2732  bowser - ok
09:20:11.0463 2732  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
09:20:11.0541 2732  BrFiltLo - ok
09:20:11.0556 2732  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
09:20:11.0619 2732  BrFiltUp - ok
09:20:11.0634 2732  [ B35BB97B6DD9913093579F5C83962636 ] Bridge0         C:\windows\system32\drivers\WDBridge.sys
09:20:11.0650 2732  Bridge0 - ok
09:20:11.0681 2732  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
09:20:11.0744 2732  Browser - ok
09:20:11.0775 2732  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
09:20:11.0837 2732  Brserid - ok
09:20:11.0868 2732  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
09:20:11.0915 2732  BrSerWdm - ok
09:20:11.0962 2732  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
09:20:11.0993 2732  BrUsbMdm - ok
09:20:12.0009 2732  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
09:20:12.0040 2732  BrUsbSer - ok
09:20:12.0071 2732  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
09:20:12.0118 2732  BthEnum - ok
09:20:12.0134 2732  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
09:20:12.0165 2732  BTHMODEM - ok
09:20:12.0196 2732  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
09:20:12.0227 2732  BthPan - ok
09:20:12.0258 2732  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
09:20:12.0305 2732  BTHPORT - ok
09:20:12.0336 2732  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
09:20:12.0383 2732  bthserv - ok
09:20:12.0414 2732  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
09:20:12.0446 2732  BTHUSB - ok
09:20:12.0492 2732  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
09:20:12.0555 2732  cdfs - ok
09:20:12.0617 2732  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\drivers\cdrom.sys
09:20:12.0664 2732  cdrom - ok
09:20:12.0711 2732  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
09:20:12.0726 2732  CertPropSvc - ok
09:20:12.0758 2732  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
09:20:12.0789 2732  circlass - ok
09:20:12.0820 2732  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
09:20:12.0851 2732  CLFS - ok
09:20:12.0914 2732  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:12.0945 2732  clr_optimization_v2.0.50727_32 - ok
09:20:13.0054 2732  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:20:13.0085 2732  clr_optimization_v4.0.30319_32 - ok
09:20:13.0116 2732  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
09:20:13.0132 2732  CmBatt - ok
09:20:13.0163 2732  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
09:20:13.0194 2732  cmdide - ok
09:20:13.0241 2732  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\windows\system32\Drivers\cng.sys
09:20:13.0272 2732  CNG - ok
09:20:13.0304 2732  [ 7C47786B58AE503777DBD12FAE20ED42 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
09:20:13.0335 2732  CnxtHdAudService - ok
09:20:13.0382 2732  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
09:20:13.0382 2732  Compbatt - ok
09:20:13.0444 2732  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
09:20:13.0475 2732  CompositeBus - ok
09:20:13.0491 2732  COMSysApp - ok
09:20:13.0506 2732  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
09:20:13.0522 2732  crcdisk - ok
09:20:13.0553 2732  [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc        C:\windows\system32\cryptsvc.dll
09:20:13.0616 2732  CryptSvc - ok
09:20:13.0678 2732  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
09:20:13.0709 2732  DcomLaunch - ok
09:20:13.0740 2732  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
09:20:13.0772 2732  defragsvc - ok
09:20:13.0818 2732  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
09:20:13.0850 2732  DfsC - ok
09:20:13.0912 2732  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
09:20:13.0959 2732  Dhcp - ok
09:20:13.0990 2732  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
09:20:14.0021 2732  discache - ok
09:20:14.0052 2732  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
09:20:14.0052 2732  Disk - ok
09:20:14.0099 2732  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
09:20:14.0146 2732  Dnscache - ok
09:20:14.0193 2732  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
09:20:14.0240 2732  dot3svc - ok
09:20:14.0286 2732  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
09:20:14.0349 2732  DPS - ok
09:20:14.0380 2732  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
09:20:14.0411 2732  drmkaud - ok
09:20:14.0458 2732  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
09:20:14.0474 2732  DXGKrnl - ok
09:20:14.0505 2732  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
09:20:14.0536 2732  EapHost - ok
09:20:14.0630 2732  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
09:20:14.0754 2732  ebdrv - ok
09:20:14.0801 2732  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
09:20:14.0848 2732  EFS - ok
09:20:14.0926 2732  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
09:20:15.0004 2732  ehRecvr - ok
09:20:15.0035 2732  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
09:20:15.0082 2732  ehSched - ok
09:20:15.0144 2732  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
09:20:15.0176 2732  elxstor - ok
09:20:15.0207 2732  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
09:20:15.0238 2732  ErrDev - ok
09:20:15.0285 2732  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
09:20:15.0332 2732  EventSystem - ok
09:20:15.0363 2732  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
09:20:15.0394 2732  exfat - ok
09:20:15.0425 2732  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
09:20:15.0456 2732  fastfat - ok
09:20:15.0503 2732  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
09:20:15.0566 2732  Fax - ok
09:20:15.0597 2732  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
09:20:15.0628 2732  fdc - ok
09:20:15.0659 2732  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
09:20:15.0706 2732  fdPHost - ok
09:20:15.0722 2732  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
09:20:15.0768 2732  FDResPub - ok
09:20:15.0800 2732  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
09:20:15.0815 2732  FileInfo - ok
09:20:15.0815 2732  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
09:20:15.0846 2732  Filetrace - ok
09:20:15.0862 2732  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
09:20:15.0893 2732  flpydisk - ok
09:20:15.0909 2732  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
09:20:15.0924 2732  FltMgr - ok
09:20:15.0987 2732  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\windows\system32\FntCache.dll
09:20:16.0049 2732  FontCache - ok
09:20:16.0096 2732  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:20:16.0112 2732  FontCache3.0.0.0 - ok
09:20:16.0143 2732  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
09:20:16.0158 2732  FsDepends - ok
09:20:16.0190 2732  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
09:20:16.0205 2732  Fs_Rec - ok
09:20:16.0268 2732  [ F626F291E3F56E8969E35945552FECA3 ] funfrm          C:\windows\system32\drivers\funfrm.sys
09:20:16.0283 2732  funfrm - ok
09:20:16.0330 2732  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
09:20:16.0377 2732  fvevol - ok
09:20:16.0408 2732  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
09:20:16.0424 2732  gagp30kx - ok
09:20:16.0470 2732  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
09:20:16.0548 2732  gpsvc - ok
09:20:16.0564 2732  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
09:20:16.0626 2732  hcw85cir - ok
09:20:16.0689 2732  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:20:16.0736 2732  HdAudAddService - ok
09:20:16.0767 2732  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
09:20:16.0798 2732  HDAudBus - ok
09:20:16.0829 2732  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
09:20:16.0860 2732  HidBatt - ok
09:20:16.0876 2732  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
09:20:16.0907 2732  HidBth - ok
09:20:16.0938 2732  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
09:20:16.0954 2732  HidIr - ok
09:20:16.0970 2732  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
09:20:17.0016 2732  hidserv - ok
09:20:17.0094 2732  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\drivers\hidusb.sys
09:20:17.0110 2732  HidUsb - ok
09:20:17.0157 2732  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
09:20:17.0204 2732  hkmsvc - ok
09:20:17.0266 2732  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:20:17.0344 2732  HomeGroupListener - ok
09:20:17.0391 2732  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:20:17.0438 2732  HomeGroupProvider - ok
09:20:17.0453 2732  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
09:20:17.0469 2732  HpSAMD - ok
09:20:17.0516 2732  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
09:20:17.0547 2732  HTTP - ok
09:20:17.0578 2732  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
09:20:17.0594 2732  hwpolicy - ok
09:20:17.0640 2732  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
09:20:17.0687 2732  i8042prt - ok
09:20:17.0734 2732  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:20:17.0750 2732  IAANTMON - ok
09:20:17.0796 2732  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
09:20:17.0812 2732  iaStor - ok
09:20:17.0859 2732  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
09:20:17.0890 2732  iaStorV - ok
09:20:17.0984 2732  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:20:17.0999 2732  IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:20:17.0999 2732  IDriverT - detected UnsignedFile.Multi.Generic (1)
09:20:18.0062 2732  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:20:18.0108 2732  idsvc - ok
09:20:18.0249 2732  [ 45D1A22C0E932768729DD422E175A448 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
09:20:18.0452 2732  igfx - ok
09:20:18.0545 2732  [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS            C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
09:20:18.0561 2732  IGRS - ok
09:20:18.0592 2732  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
09:20:18.0608 2732  iirsp - ok
09:20:18.0670 2732  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
09:20:18.0732 2732  IKEEXT - ok
09:20:18.0764 2732  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
09:20:18.0779 2732  intelide - ok
09:20:18.0810 2732  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
09:20:18.0842 2732  intelppm - ok
09:20:18.0857 2732  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
09:20:18.0920 2732  IPBusEnum - ok
09:20:18.0951 2732  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
09:20:18.0998 2732  IpFilterDriver - ok
09:20:19.0060 2732  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
09:20:19.0091 2732  iphlpsvc - ok
09:20:19.0138 2732  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
09:20:19.0169 2732  IPMIDRV - ok
09:20:19.0185 2732  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
09:20:19.0232 2732  IPNAT - ok
09:20:19.0263 2732  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
09:20:19.0294 2732  IRENUM - ok
09:20:19.0325 2732  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
09:20:19.0325 2732  isapnp - ok
09:20:19.0372 2732  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
09:20:19.0388 2732  iScsiPrt - ok
09:20:19.0434 2732  [ C4C95805B85BCE1EB9D20F4A02FC5F9B ] k57nd60x        C:\windows\system32\DRIVERS\k57nd60x.sys
09:20:19.0450 2732  k57nd60x - ok
09:20:19.0497 2732  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
09:20:19.0512 2732  kbdclass - ok
09:20:19.0559 2732  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
09:20:19.0590 2732  kbdhid - ok
09:20:19.0606 2732  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
09:20:19.0622 2732  KeyIso - ok
09:20:19.0668 2732  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
09:20:19.0684 2732  KSecDD - ok
09:20:19.0731 2732  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
09:20:19.0746 2732  KSecPkg - ok
09:20:19.0778 2732  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
09:20:19.0824 2732  KtmRm - ok
09:20:19.0856 2732  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
09:20:19.0902 2732  LanmanServer - ok
09:20:19.0934 2732  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:20:19.0980 2732  LanmanWorkstation - ok
09:20:20.0027 2732  [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
09:20:20.0058 2732  Lenovo ReadyComm AppSvc - ok
09:20:20.0074 2732  [ 5287074E79E4BA82510886F684DC5F72 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
09:20:20.0121 2732  Lenovo ReadyComm ConnSvc - ok
09:20:20.0152 2732  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
09:20:20.0199 2732  lltdio - ok
09:20:20.0230 2732  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
09:20:20.0261 2732  lltdsvc - ok
09:20:20.0292 2732  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
09:20:20.0324 2732  lmhosts - ok
09:20:20.0355 2732  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
09:20:20.0370 2732  LSI_FC - ok
09:20:20.0386 2732  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
09:20:20.0402 2732  LSI_SAS - ok
09:20:20.0433 2732  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
09:20:20.0448 2732  LSI_SAS2 - ok
09:20:20.0464 2732  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
09:20:20.0480 2732  LSI_SCSI - ok
09:20:20.0511 2732  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
09:20:20.0542 2732  luafv - ok
09:20:20.0589 2732  [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS            C:\windows\system32\DRIVERS\lvrs.sys
09:20:20.0620 2732  LVRS - ok
09:20:20.0807 2732  [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC           C:\windows\system32\DRIVERS\lvuvc.sys
09:20:21.0057 2732  LVUVC - ok
09:20:21.0150 2732  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
09:20:21.0182 2732  MBAMProtector - ok
09:20:21.0291 2732  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:20:21.0322 2732  MBAMScheduler - ok
09:20:21.0369 2732  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:20:21.0400 2732  MBAMService - ok
09:20:21.0447 2732  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
09:20:21.0462 2732  Mcx2Svc - ok
09:20:21.0478 2732  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
09:20:21.0478 2732  megasas - ok
09:20:21.0509 2732  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
09:20:21.0540 2732  MegaSR - ok
09:20:21.0556 2732  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
09:20:21.0587 2732  MMCSS - ok
09:20:21.0618 2732  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
09:20:21.0681 2732  Modem - ok
09:20:21.0712 2732  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
09:20:21.0728 2732  monitor - ok
09:20:21.0790 2732  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\drivers\mouclass.sys
09:20:21.0821 2732  mouclass - ok
09:20:21.0837 2732  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
09:20:21.0868 2732  mouhid - ok
09:20:21.0930 2732  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
09:20:21.0946 2732  mountmgr - ok
09:20:22.0024 2732  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:20:22.0055 2732  MozillaMaintenance - ok
09:20:22.0086 2732  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
09:20:22.0102 2732  mpio - ok
09:20:22.0133 2732  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
09:20:22.0164 2732  mpsdrv - ok
09:20:22.0211 2732  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
09:20:22.0289 2732  MpsSvc - ok
09:20:22.0320 2732  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
09:20:22.0352 2732  MRxDAV - ok
09:20:22.0383 2732  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
09:20:22.0430 2732  mrxsmb - ok
09:20:22.0476 2732  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
09:20:22.0508 2732  mrxsmb10 - ok
09:20:22.0523 2732  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
09:20:22.0554 2732  mrxsmb20 - ok
09:20:22.0586 2732  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
09:20:22.0617 2732  msahci - ok
09:20:22.0679 2732  [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV      C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
09:20:22.0695 2732  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
09:20:22.0695 2732  MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
09:20:22.0742 2732  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
09:20:22.0757 2732  msdsm - ok
09:20:22.0788 2732  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
09:20:22.0820 2732  MSDTC - ok
09:20:22.0835 2732  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
09:20:22.0866 2732  Msfs - ok
09:20:22.0882 2732  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
09:20:22.0913 2732  mshidkmdf - ok
09:20:22.0944 2732  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
09:20:22.0960 2732  msisadrv - ok
09:20:22.0976 2732  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
09:20:23.0007 2732  MSiSCSI - ok
09:20:23.0022 2732  msiserver - ok
09:20:23.0054 2732  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
09:20:23.0085 2732  MSKSSRV - ok
09:20:23.0100 2732  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
09:20:23.0132 2732  MSPCLOCK - ok
09:20:23.0147 2732  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
09:20:23.0194 2732  MSPQM - ok
09:20:23.0210 2732  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
09:20:23.0225 2732  MsRPC - ok
09:20:23.0256 2732  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
09:20:23.0272 2732  mssmbios - ok
09:20:23.0319 2732  MSSQL$MSSMLBIZ - ok
09:20:23.0350 2732  [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
09:20:23.0366 2732  MSSQLServerADHelper - ok
09:20:23.0397 2732  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
09:20:23.0428 2732  MSTEE - ok
09:20:23.0444 2732  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
09:20:23.0459 2732  MTConfig - ok
09:20:23.0475 2732  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
09:20:23.0490 2732  Mup - ok
09:20:23.0522 2732  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
09:20:23.0600 2732  napagent - ok
09:20:23.0631 2732  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
09:20:23.0662 2732  NativeWifiP - ok
09:20:23.0709 2732  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
09:20:23.0756 2732  NDIS - ok
09:20:23.0787 2732  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
09:20:23.0834 2732  NdisCap - ok
09:20:23.0865 2732  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
09:20:23.0896 2732  NdisTapi - ok
09:20:23.0958 2732  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
09:20:23.0974 2732  Ndisuio - ok
09:20:24.0021 2732  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
09:20:24.0052 2732  NdisWan - ok
09:20:24.0068 2732  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
09:20:24.0099 2732  NDProxy - ok
09:20:24.0146 2732  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
09:20:24.0161 2732  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:20:24.0161 2732  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:20:24.0208 2732  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
09:20:24.0255 2732  NetBIOS - ok
09:20:24.0302 2732  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
09:20:24.0317 2732  NetBT - ok
09:20:24.0333 2732  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
09:20:24.0348 2732  Netlogon - ok
09:20:24.0395 2732  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
09:20:24.0442 2732  Netman - ok
09:20:24.0473 2732  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
09:20:24.0504 2732  netprofm - ok
09:20:24.0551 2732  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:20:24.0551 2732  NetTcpPortSharing - ok
09:20:24.0676 2732  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\windows\system32\DRIVERS\netw5v32.sys
09:20:24.0848 2732  netw5v32 - ok
09:20:24.0879 2732  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
09:20:24.0894 2732  nfrd960 - ok
09:20:24.0941 2732  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\windows\System32\nlasvc.dll
09:20:25.0004 2732  NlaSvc - ok
09:20:25.0004 2732  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
09:20:25.0050 2732  Npfs - ok
09:20:25.0082 2732  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
09:20:25.0113 2732  nsi - ok
09:20:25.0144 2732  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
09:20:25.0175 2732  nsiproxy - ok
09:20:25.0253 2732  [ 81189C3D7763838E55C397759D49007A ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
09:20:25.0331 2732  Ntfs - ok
09:20:25.0347 2732  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
09:20:25.0362 2732  Null - ok
09:20:25.0425 2732  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
09:20:25.0440 2732  nvraid - ok
09:20:25.0487 2732  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
09:20:25.0518 2732  nvstor - ok
09:20:25.0550 2732  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
09:20:25.0581 2732  nv_agp - ok
09:20:25.0659 2732  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:20:25.0690 2732  odserv - ok
09:20:25.0721 2732  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
09:20:25.0752 2732  ohci1394 - ok
09:20:25.0784 2732  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:20:25.0784 2732  ose - ok
09:20:25.0830 2732  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
09:20:25.0846 2732  p2pimsvc - ok
09:20:25.0893 2732  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
09:20:25.0908 2732  p2psvc - ok
09:20:25.0940 2732  [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
09:20:25.0971 2732  PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
09:20:25.0971 2732  PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
09:20:26.0002 2732  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
09:20:26.0033 2732  Parport - ok
09:20:26.0049 2732  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
09:20:26.0064 2732  partmgr - ok
09:20:26.0080 2732  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
09:20:26.0096 2732  Parvdm - ok
09:20:26.0127 2732  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
09:20:26.0142 2732  PcaSvc - ok
09:20:26.0189 2732  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
09:20:26.0220 2732  pci - ok
09:20:26.0252 2732  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
09:20:26.0283 2732  pciide - ok
09:20:26.0314 2732  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
09:20:26.0330 2732  pcmcia - ok
09:20:26.0361 2732  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
09:20:26.0376 2732  pcw - ok
09:20:26.0408 2732  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
09:20:26.0470 2732  PEAUTH - ok
09:20:26.0548 2732  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
09:20:26.0642 2732  pla - ok
09:20:26.0688 2732  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
09:20:26.0720 2732  PlugPlay - ok
09:20:26.0751 2732  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
09:20:26.0766 2732  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:20:26.0766 2732  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:20:26.0782 2732  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
09:20:26.0813 2732  PNRPAutoReg - ok
09:20:26.0844 2732  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
09:20:26.0860 2732  PNRPsvc - ok
09:20:26.0907 2732  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
09:20:26.0954 2732  PolicyAgent - ok
09:20:27.0000 2732  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
09:20:27.0016 2732  Power - ok
09:20:27.0063 2732  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
09:20:27.0110 2732  PptpMiniport - ok
09:20:27.0141 2732  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
09:20:27.0172 2732  Processor - ok
09:20:27.0219 2732  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
09:20:27.0266 2732  ProfSvc - ok
09:20:27.0281 2732  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
09:20:27.0312 2732  ProtectedStorage - ok
09:20:27.0328 2732  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
09:20:27.0359 2732  Psched - ok
09:20:27.0375 2732  PS_MDP - ok
09:20:27.0406 2732  [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20        C:\windows\system32\Drivers\PxHelp20.sys
09:20:27.0406 2732  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
09:20:27.0406 2732  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
09:20:27.0468 2732  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
09:20:27.0546 2732  ql2300 - ok
09:20:27.0578 2732  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
09:20:27.0593 2732  ql40xx - ok
09:20:27.0609 2732  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
09:20:27.0640 2732  QWAVE - ok
09:20:27.0656 2732  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
09:20:27.0671 2732  QWAVEdrv - ok
09:20:27.0687 2732  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
09:20:27.0734 2732  RasAcd - ok
09:20:27.0765 2732  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
09:20:27.0796 2732  RasAgileVpn - ok
09:20:27.0812 2732  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
09:20:27.0843 2732  RasAuto - ok
09:20:27.0874 2732  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
09:20:27.0905 2732  Rasl2tp - ok
09:20:27.0952 2732  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
09:20:27.0983 2732  RasMan - ok
09:20:27.0999 2732  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
09:20:28.0030 2732  RasPppoe - ok
09:20:28.0061 2732  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
09:20:28.0092 2732  RasSstp - ok
09:20:28.0124 2732  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
09:20:28.0170 2732  rdbss - ok
09:20:28.0186 2732  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
09:20:28.0202 2732  rdpbus - ok
09:20:28.0233 2732  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
09:20:28.0248 2732  RDPCDD - ok
09:20:28.0295 2732  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
09:20:28.0311 2732  RDPENCDD - ok
09:20:28.0342 2732  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
09:20:28.0358 2732  RDPREFMP - ok
09:20:28.0404 2732  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
09:20:28.0436 2732  RDPWD - ok
09:20:28.0498 2732  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
09:20:28.0514 2732  rdyboost - ok
09:20:28.0514 2732  ReadyComm.DirectRouter - ok
09:20:28.0545 2732  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
09:20:28.0576 2732  RemoteAccess - ok
09:20:28.0607 2732  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
09:20:28.0654 2732  RemoteRegistry - ok
09:20:28.0685 2732  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
09:20:28.0716 2732  RFCOMM - ok
09:20:28.0748 2732  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
09:20:28.0794 2732  RpcEptMapper - ok
09:20:28.0810 2732  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
09:20:28.0841 2732  RpcLocator - ok
09:20:28.0857 2732  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\system32\rpcss.dll
09:20:28.0888 2732  RpcSs - ok
09:20:28.0919 2732  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
09:20:28.0982 2732  rspndr - ok
09:20:29.0028 2732  [ EF8B2AFC3C0751C5E5A59983C8893260 ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
09:20:29.0060 2732  RSUSBSTOR - ok
09:20:29.0075 2732  RtsUIR - ok
09:20:29.0091 2732  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
09:20:29.0106 2732  SamSs - ok
09:20:29.0122 2732  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
09:20:29.0138 2732  sbp2port - ok
09:20:29.0169 2732  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
09:20:29.0216 2732  SCardSvr - ok
09:20:29.0262 2732  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
09:20:29.0325 2732  scfilter - ok
09:20:29.0372 2732  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
09:20:29.0434 2732  Schedule - ok
09:20:29.0450 2732  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
09:20:29.0465 2732  SCPolicySvc - ok
09:20:29.0512 2732  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
09:20:29.0559 2732  SDRSVC - ok
09:20:29.0637 2732  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
09:20:29.0652 2732  SeaPort - ok
09:20:29.0684 2732  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
09:20:29.0715 2732  secdrv - ok
09:20:29.0730 2732  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
09:20:29.0762 2732  seclogon - ok
09:20:29.0777 2732  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
09:20:29.0808 2732  SENS - ok
09:20:29.0824 2732  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
09:20:29.0871 2732  SensrSvc - ok
09:20:29.0902 2732  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
09:20:29.0918 2732  Serenum - ok
09:20:29.0949 2732  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
09:20:29.0964 2732  Serial - ok
09:20:30.0011 2732  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
09:20:30.0027 2732  sermouse - ok
09:20:30.0089 2732  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
09:20:30.0105 2732  SessionEnv - ok
09:20:30.0152 2732  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
09:20:30.0167 2732  sffdisk - ok
09:20:30.0183 2732  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
09:20:30.0214 2732  sffp_mmc - ok
09:20:30.0230 2732  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
09:20:30.0245 2732  sffp_sd - ok
09:20:30.0276 2732  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
09:20:30.0308 2732  sfloppy - ok
09:20:30.0370 2732  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
09:20:30.0464 2732  SharedAccess - ok
09:20:30.0510 2732  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:20:30.0557 2732  ShellHWDetection - ok
09:20:30.0604 2732  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
09:20:30.0635 2732  sisagp - ok
09:20:30.0666 2732  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
09:20:30.0666 2732  SiSRaid2 - ok
09:20:30.0682 2732  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
09:20:30.0698 2732  SiSRaid4 - ok
09:20:30.0760 2732  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:20:30.0791 2732  SkypeUpdate - ok
09:20:30.0838 2732  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
09:20:30.0869 2732  Smb - ok
09:20:30.0916 2732  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
09:20:30.0932 2732  SNMPTRAP - ok
09:20:30.0947 2732  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
09:20:30.0947 2732  spldr - ok
09:20:30.0994 2732  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
09:20:31.0025 2732  Spooler - ok
09:20:31.0134 2732  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
09:20:31.0259 2732  sppsvc - ok
09:20:31.0290 2732  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
09:20:31.0337 2732  sppuinotify - ok
09:20:31.0368 2732  [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV         C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
09:20:31.0384 2732  SPTISRV ( UnsignedFile.Multi.Generic ) - warning
09:20:31.0384 2732  SPTISRV - detected UnsignedFile.Multi.Generic (1)
09:20:31.0431 2732  [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:20:31.0446 2732  SQLBrowser - ok
09:20:31.0462 2732  [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:20:31.0462 2732  SQLWriter - ok
09:20:31.0509 2732  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
09:20:31.0540 2732  srv - ok
09:20:31.0556 2732  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
09:20:31.0587 2732  srv2 - ok
09:20:31.0602 2732  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
09:20:31.0634 2732  srvnet - ok
09:20:31.0696 2732  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus         C:\windows\system32\DRIVERS\ssadbus.sys
09:20:31.0743 2732  ssadbus - ok
09:20:31.0774 2732  [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl        C:\windows\system32\DRIVERS\ssadmdfl.sys
09:20:31.0821 2732  ssadmdfl - ok
09:20:31.0852 2732  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm         C:\windows\system32\DRIVERS\ssadmdm.sys
09:20:31.0868 2732  ssadmdm - ok
09:20:31.0914 2732  [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus         C:\windows\system32\DRIVERS\sscdbus.sys
09:20:31.0930 2732  sscdbus - ok
09:20:31.0930 2732  [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl        C:\windows\system32\DRIVERS\sscdmdfl.sys
09:20:31.0946 2732  sscdmdfl - ok
09:20:31.0961 2732  [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm         C:\windows\system32\DRIVERS\sscdmdm.sys
09:20:31.0992 2732  sscdmdm - ok
09:20:32.0008 2732  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
09:20:32.0070 2732  SSDPSRV - ok
09:20:32.0148 2732  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\windows\system32\DRIVERS\ssmdrv.sys
09:20:32.0164 2732  ssmdrv - ok
09:20:32.0164 2732  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
09:20:32.0195 2732  SstpSvc - ok
09:20:32.0226 2732  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
09:20:32.0242 2732  stexstor - ok
09:20:32.0289 2732  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
09:20:32.0336 2732  StiSvc - ok
09:20:32.0367 2732  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
09:20:32.0382 2732  swenum - ok
09:20:32.0398 2732  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
09:20:32.0429 2732  swprv - ok
09:20:32.0507 2732  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
09:20:32.0538 2732  SysMain - ok
09:20:32.0585 2732  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
09:20:32.0632 2732  TabletInputService - ok
09:20:32.0663 2732  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
09:20:32.0694 2732  TapiSrv - ok
09:20:32.0710 2732  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
09:20:32.0741 2732  TBS - ok
09:20:32.0835 2732  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\windows\system32\drivers\tcpip.sys
09:20:32.0928 2732  Tcpip - ok
09:20:32.0960 2732  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
09:20:32.0991 2732  TCPIP6 - ok
09:20:33.0038 2732  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
09:20:33.0069 2732  tcpipreg - ok
09:20:33.0131 2732  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
09:20:33.0162 2732  TDPIPE - ok
09:20:33.0194 2732  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
09:20:33.0209 2732  TDTCP - ok
09:20:33.0256 2732  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
09:20:33.0303 2732  tdx - ok
09:20:33.0318 2732  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
09:20:33.0334 2732  TermDD - ok
09:20:33.0396 2732  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
09:20:33.0490 2732  TermService - ok
09:20:33.0506 2732  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
09:20:33.0537 2732  Themes - ok
09:20:33.0568 2732  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
09:20:33.0584 2732  THREADORDER - ok
09:20:33.0599 2732  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
09:20:33.0646 2732  TrkWks - ok
09:20:33.0693 2732  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:20:33.0755 2732  TrustedInstaller - ok
09:20:33.0802 2732  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
09:20:33.0818 2732  tssecsrv - ok
09:20:33.0880 2732  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
09:20:33.0911 2732  TsUsbFlt - ok
09:20:33.0974 2732  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
09:20:34.0020 2732  tunnel - ok
09:20:34.0052 2732  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
09:20:34.0067 2732  uagp35 - ok
09:20:34.0098 2732  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
09:20:34.0145 2732  udfs - ok
09:20:34.0192 2732  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
09:20:34.0208 2732  UI0Detect - ok
09:20:34.0254 2732  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
09:20:34.0270 2732  uliagpkx - ok
09:20:34.0364 2732  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\drivers\umbus.sys
09:20:34.0395 2732  umbus - ok
09:20:34.0442 2732  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
09:20:34.0488 2732  UmPass - ok
09:20:34.0520 2732  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
09:20:34.0551 2732  upnphost - ok
09:20:34.0598 2732  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
09:20:34.0644 2732  usbaudio - ok
09:20:34.0691 2732  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
09:20:34.0754 2732  usbccgp - ok
09:20:34.0754 2732  USBCCID - ok
09:20:34.0800 2732  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
09:20:34.0816 2732  usbcir - ok
09:20:34.0863 2732  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
09:20:34.0863 2732  usbehci - ok
09:20:34.0894 2732  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
09:20:34.0941 2732  usbhub - ok
09:20:34.0956 2732  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\windows\system32\drivers\usbohci.sys
09:20:34.0988 2732  usbohci - ok
09:20:35.0019 2732  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
09:20:35.0034 2732  usbprint - ok
09:20:35.0097 2732  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
09:20:35.0128 2732  usbscan - ok
09:20:35.0175 2732  [ 44CDCF77305096E866381688635064D8 ] usbsmi          C:\windows\system32\DRIVERS\SMIksdrv.sys
09:20:35.0206 2732  usbsmi - ok
09:20:35.0222 2732  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\drivers\USBSTOR.SYS
09:20:35.0268 2732  USBSTOR - ok
09:20:35.0300 2732  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
09:20:35.0315 2732  usbuhci - ok
09:20:35.0393 2732  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
09:20:35.0409 2732  usbvideo - ok
09:20:35.0424 2732  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
09:20:35.0471 2732  UxSms - ok
09:20:35.0487 2732  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
09:20:35.0502 2732  VaultSvc - ok
09:20:35.0549 2732  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
09:20:35.0580 2732  vdrvroot - ok
09:20:35.0627 2732  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
09:20:35.0705 2732  vds - ok
09:20:35.0736 2732  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
09:20:35.0752 2732  vga - ok
09:20:35.0768 2732  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
09:20:35.0799 2732  VgaSave - ok
09:20:35.0846 2732  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
09:20:35.0861 2732  vhdmp - ok
09:20:35.0908 2732  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
09:20:35.0939 2732  viaagp - ok
09:20:35.0955 2732  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
09:20:35.0970 2732  ViaC7 - ok
09:20:35.0986 2732  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
09:20:36.0002 2732  viaide - ok
09:20:36.0017 2732  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
09:20:36.0017 2732  volmgr - ok
09:20:36.0048 2732  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
09:20:36.0064 2732  volmgrx - ok
09:20:36.0080 2732  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
09:20:36.0095 2732  volsnap - ok
09:20:36.0142 2732  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
09:20:36.0158 2732  vsmraid - ok
09:20:36.0204 2732  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
09:20:36.0267 2732  VSS - ok
09:20:36.0282 2732  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
09:20:36.0314 2732  vwifibus - ok
09:20:36.0345 2732  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
09:20:36.0360 2732  vwififlt - ok
09:20:36.0392 2732  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
09:20:36.0423 2732  W32Time - ok
09:20:36.0454 2732  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
09:20:36.0470 2732  WacomPen - ok
09:20:36.0516 2732  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
09:20:36.0610 2732  WANARP - ok
09:20:36.0610 2732  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
09:20:36.0641 2732  Wanarpv6 - ok
09:20:36.0735 2732  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
09:20:36.0797 2732  WatAdminSvc - ok
09:20:36.0844 2732  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
09:20:36.0938 2732  wbengine - ok
09:20:36.0969 2732  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
09:20:37.0016 2732  WbioSrvc - ok
09:20:37.0062 2732  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
09:20:37.0094 2732  wcncsvc - ok
09:20:37.0109 2732  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:20:37.0140 2732  WcsPlugInService - ok
09:20:37.0156 2732  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
09:20:37.0172 2732  Wd - ok
09:20:37.0203 2732  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
09:20:37.0234 2732  Wdf01000 - ok
09:20:37.0250 2732  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
09:20:37.0328 2732  WdiServiceHost - ok
09:20:37.0328 2732  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
09:20:37.0359 2732  WdiSystemHost - ok
09:20:37.0374 2732  [ EA4E9DD00E69B35F9BD3D39ACB113E3F ] wdmirror        C:\windows\system32\DRIVERS\WDMirror.sys
09:20:37.0390 2732  wdmirror - ok
09:20:37.0437 2732  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
09:20:37.0468 2732  WebClient - ok
09:20:37.0499 2732  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
09:20:37.0530 2732  Wecsvc - ok
09:20:37.0546 2732  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
09:20:37.0577 2732  wercplsupport - ok
09:20:37.0624 2732  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
09:20:37.0655 2732  WerSvc - ok
09:20:37.0671 2732  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
09:20:37.0702 2732  WfpLwf - ok
09:20:37.0733 2732  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
09:20:37.0749 2732  WimFltr - ok
09:20:37.0764 2732  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
09:20:37.0780 2732  WIMMount - ok
09:20:37.0842 2732  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:20:37.0905 2732  WinDefend - ok
09:20:37.0905 2732  WinHttpAutoProxySvc - ok
09:20:37.0967 2732  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
09:20:38.0030 2732  Winmgmt - ok
09:20:38.0061 2732  WinRing0_1_2_0 - ok
09:20:38.0123 2732  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
09:20:38.0201 2732  WinRM - ok
09:20:38.0264 2732  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
09:20:38.0295 2732  WinUsb - ok
09:20:38.0326 2732  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
09:20:38.0388 2732  Wlansvc - ok
09:20:38.0404 2732  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
09:20:38.0435 2732  WmiAcpi - ok
09:20:38.0451 2732  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
09:20:38.0513 2732  wmiApSrv - ok
09:20:38.0607 2732  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:20:38.0669 2732  WMPNetworkSvc - ok
09:20:38.0700 2732  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
09:20:38.0732 2732  WPCSvc - ok
09:20:38.0763 2732  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
09:20:38.0810 2732  WPDBusEnum - ok
09:20:38.0841 2732  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
09:20:38.0888 2732  ws2ifsl - ok
09:20:38.0903 2732  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
09:20:38.0934 2732  wscsvc - ok
09:20:38.0934 2732  WSearch - ok
09:20:38.0981 2732  [ BAEDC491374DEFD5E76336901D6D397D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
09:20:38.0997 2732  wsvd - ok
09:20:39.0075 2732  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
09:20:39.0168 2732  wuauserv - ok
09:20:39.0200 2732  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
09:20:39.0215 2732  WudfPf - ok
09:20:39.0262 2732  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
09:20:39.0309 2732  WUDFRd - ok
09:20:39.0340 2732  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
09:20:39.0371 2732  wudfsvc - ok
09:20:39.0387 2732  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\windows\System32\wwansvc.dll
09:20:39.0418 2732  WwanSvc - ok
09:20:39.0434 2732  ================ Scan global ===============================
09:20:39.0465 2732  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
09:20:39.0496 2732  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
09:20:39.0527 2732  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
09:20:39.0543 2732  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
09:20:39.0574 2732  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
09:20:39.0574 2732  [Global] - ok
09:20:39.0574 2732  ================ Scan MBR ==================================
09:20:39.0590 2732  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:20:39.0902 2732  \Device\Harddisk0\DR0 - ok
09:20:39.0902 2732  ================ Scan VBR ==================================
09:20:39.0902 2732  [ 0A9D9EA56CD21D3EFA49BE73F2DD41CD ] \Device\Harddisk0\DR0\Partition1
09:20:39.0902 2732  \Device\Harddisk0\DR0\Partition1 - ok
09:20:39.0948 2732  [ 30399F87520D7E59D27F2F400476623B ] \Device\Harddisk0\DR0\Partition2
09:20:39.0948 2732  \Device\Harddisk0\DR0\Partition2 - ok
09:20:39.0980 2732  [ 6F28839CE5774006B0AEECE42933D8D7 ] \Device\Harddisk0\DR0\Partition3
09:20:39.0980 2732  \Device\Harddisk0\DR0\Partition3 - ok
09:20:39.0980 2732  ============================================================
09:20:39.0980 2732  Scan finished
09:20:39.0980 2732  ============================================================
09:20:39.0995 3424  Detected object count: 7
09:20:39.0995 3424  Actual detected object count: 7
09:21:08.0902 3424  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0902 3424  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0902 3424  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0902 3424  MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0918 3424  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0918 3424  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0918 3424  PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0918 3424  PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0918 3424  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0918 3424  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0918 3424  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0918 3424  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:21:08.0918 3424  SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:08.0918 3424  SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

12.09.2012, 15:33	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Dieses Programm kann die Website nicht anzeigen"-Virus Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

"Dieses Programm kann die Website nicht anzeigen"-Virus

Plagegeister aller Art und deren Bekämpfung: "Dieses Programm kann die Website nicht anzeigen"-Virus