Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
EXP/JAVA.Ternub.Gen auf meinem PC

EXP/JAVA.Ternub.Gen auf meinem PC


Plagegeister aller Art und deren Bekämpfung: EXP/JAVA.Ternub.Gen auf meinem PC

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 27.09.2012, 16:38   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.09.2012, 21:03   #17
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


hier die neue OTL:

Code:
ATTFilter
OTL logfile created on: 27.09.2012 21:50:43 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dominik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,58% Memory free
7,98 Gb Paging File | 6,14 Gb Available in Paging File | 76,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 336,67 Gb Free Space | 72,28% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 463,95 Gb Free Space | 99,61% Space Free | Partition Type: NTFS
Drive E: | 7,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DOMINIK-PCA | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.27 21:48:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Desktop\OTL.exe
PRC - [2012.09.10 16:58:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.08.29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.08.27 21:32:54 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.08.24 15:56:52 | 001,193,176 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.08.08 23:00:02 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.20 18:13:12 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2012.05.08 20:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 20:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.10.17 16:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.02.14 02:30:50 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2005.02.03 16:48:06 | 002,903,632 | ---- | M] (ICQ Ltd.) -- C:\Program Files (x86)\ICQLite\ICQLite.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.24 15:56:52 | 001,193,176 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012.06.13 22:54:56 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0767c3bc7cd93daf38517843d29ce808\IAStorUtil.ni.dll
MOD - [2012.06.13 22:50:56 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 22:50:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 22:50:35 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.10 11:28:16 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9eed0fcdc582550a65536d1150b49574\IAStorCommon.ni.dll
MOD - [2012.05.10 10:34:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 10:25:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.10 10:25:42 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.10 10:25:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.10 10:25:39 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.10 10:25:35 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.02.22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012.02.20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.01.31 16:23:07 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.21 08:49:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2005.02.03 16:40:40 | 000,332,871 | ---- | M] () -- C:\Program Files (x86)\ICQLite\MISB.dll
MOD - [2005.02.03 16:30:08 | 000,424,560 | ---- | M] () -- C:\Program Files (x86)\ICQLite\EmoExtractAsset.dll
MOD - [2005.02.03 16:29:12 | 000,057,439 | ---- | M] () -- C:\Program Files (x86)\ICQLite\ICQLiteShell.dll
MOD - [2005.02.03 16:25:04 | 000,059,999 | ---- | M] () -- C:\Program Files (x86)\ICQLite\LiteSkinUtils.dll
MOD - [2005.02.03 16:22:46 | 000,032,843 | ---- | M] () -- C:\Program Files (x86)\ICQLite\ICQRT.dll
MOD - [2004.10.24 12:38:26 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\ICQLite\actskin4.ocx
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.21 16:58:26 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.09 00:15:25 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.08 20:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 20:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.03.11 14:04:11 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.10.17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.15 02:59:26 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.14 02:30:50 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.05.08 20:46:50 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 20:46:50 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.31 16:22:18 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.01.31 16:22:18 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.01.06 17:59:48 | 000,084,608 | R--- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.01.06 17:59:48 | 000,059,392 | R--- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.01.05 13:58:48 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.05 13:58:48 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.05 13:58:48 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.11.24 00:02:20 | 000,648,808 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.11.09 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.04 16:43:42 | 000,221,440 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2011.11.04 16:43:42 | 000,070,912 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011.10.25 10:57:38 | 000,213,504 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.10.25 10:57:38 | 000,096,768 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.10.12 13:44:18 | 000,630,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorS.sys -- (iaStorS)
DRV:64bit: - [2011.10.12 13:44:18 | 000,023,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2011.10.12 13:44:00 | 000,562,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2011.10.03 19:48:40 | 000,394,728 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.10.03 19:48:38 | 000,129,512 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.09.21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.02 17:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.07.28 19:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011.07.20 14:21:50 | 000,406,336 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011.07.20 14:21:50 | 000,136,000 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011.06.16 18:10:20 | 000,310,576 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2011.06.16 18:10:20 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011.05.21 21:28:38 | 000,176,640 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2011.05.21 21:28:28 | 000,230,400 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2011.05.20 05:32:28 | 000,282,704 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2011.05.19 15:55:34 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2011.04.15 20:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.15 20:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.30 20:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.03.17 22:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011.03.17 22:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.29 17:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.13 18:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010.04.13 15:08:04 | 000,022,568 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2010.04.13 15:08:04 | 000,016,936 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2010.04.13 15:08:00 | 000,340,008 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5)
DRV:64bit: - [2010.02.26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.28 12:01:36 | 000,385,072 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp3132.sys -- (adp3132)
DRV:64bit: - [2009.11.18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.17 01:51:54 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.07.16 13:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.15 12:01:54 | 000,027,664 | ---- | M] (TechniSat Provide) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MtsHID.sys -- (MtsHID)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.22 18:35:02 | 000,072,192 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciIsaSerial.sys -- (PciIsaSerial)
DRV:64bit: - [2008.05.22 18:33:54 | 000,095,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciPPorts.sys -- (PciPPorts)
DRV:64bit: - [2008.05.22 18:32:38 | 000,126,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciSPorts.sys -- (PciSPorts)
DRV:64bit: - [2008.02.20 17:17:44 | 000,124,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPorts.sys -- (SPorts)
DRV:64bit: - [2008.02.20 17:17:22 | 000,095,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPorts.sys -- (PPorts)
DRV:64bit: - [2008.02.20 17:12:56 | 000,072,192 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ISASerial.sys -- (ISASerial)
DRV:64bit: - [2007.10.12 03:40:00 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 3C 8F FF E2 7B CD 01  [binary data]
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{10BD97EA-5BF1-4F62-B23C-9F424574965F}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{5927710F-4416-4526-9736-7269710B387C}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{8BB6BDFB-4DFC-4907-8ED8-C713F3F857C7}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{8CBCD4B6-C006-463E-B1A3-741ECFD5425D}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = hxxp://search.kikin.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6B696B696E2E636F6D2F7365617263682F3F713D7B7365617263685465726D737D&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{BEF45F2C-B69D-4950-8893-DEE26A7906F4}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{E53828DC-1389-40D6-B4B0-88608DF01665}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1009\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.09 00:15:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.09 00:15:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.09 00:15:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.09 00:15:24 | 000,000,000 | ---D | M]
 
[2012.03.11 13:04:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions
[2012.05.03 10:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\MozillaProfil\extensions
[2012.09.27 13:17:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yhyxs1qs.default\extensions
[2012.04.17 11:12:10 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\yhyxs1qs.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.02.01 21:56:17 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\MozillaProfil\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012.03.11 14:04:13 | 000,002,071 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\yhyxs1qs.default\searchplugins\{05F2D202-CAE3-4C9C-B470-5C3A4B59E7D3}.xml
[2012.03.11 14:04:13 | 000,001,864 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\yhyxs1qs.default\searchplugins\{4C23128E-9AA5-41DB-934D-4C3CC01F0366}.xml
[2012.03.11 14:04:13 | 000,002,182 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\yhyxs1qs.default\searchplugins\{DE388D14-059E-4442-892E-AB8DB10E6F72}.xml
[2012.09.09 00:15:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.09 00:15:25 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 18:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.18 11:34:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 13:10:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.18 11:34:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.18 11:34:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.18 11:34:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.18 11:34:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet File not found
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Beschleunigen\PCSUNotifier.exe File not found
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\Run: [Spotify Web Helper] C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1009..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1009..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe (ICQ Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97B02724-5367-481D-81C2-295191D33DD9}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8B4C740-E506-4B1F-AD64-137DC32DCAFC}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.27 22:11:56 | 000,000,000 | ---D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2010.09.27 22:11:56 | 003,812,720 | R--- | M] (Electronic Arts Inc.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.09.27 22:11:56 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2010.09.27 22:11:56 | 003,812,720 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.27 21:48:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dominik\Desktop\OTL.exe
[2012.09.27 16:08:16 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Documents\Scanned Documents
[2012.09.27 16:08:16 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\Fax
[2012.09.27 12:32:58 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\Plan He30 Di und Mi
[2012.09.27 12:00:15 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{DA6CAF82-0985-4284-93B4-B534C514F2C3}
[2012.09.26 12:11:08 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{0774C997-B104-4137-A207-C8B4E09A0654}
[2012.09.26 00:10:43 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{EF319AD8-D044-4970-B361-7478C2ABAC3F}
[2012.09.25 12:10:18 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{C1F519D4-678D-4DE5-A0D6-7F44B2C06839}
[2012.09.24 11:57:37 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{3ACE88F9-EA59-4B16-A022-D32ED3906D05}
[2012.09.23 23:57:13 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{C23DF54A-6D3E-479F-A2E3-4FF096AFE4E2}
[2012.09.23 12:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.09.23 12:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.23 12:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.23 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.23 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.23 12:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.23 12:38:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.09.23 11:56:50 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{79F5FD9E-3DEC-4C0E-8F0B-C168C524DE35}
[2012.09.22 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{982ABBAD-367A-4334-B69C-E3B339979A1B}
[2012.09.22 00:58:44 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{386189C9-F1F2-4DAD-A28A-8EA524BA1E1F}
[2012.09.21 22:24:20 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.09.21 22:24:20 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.09.21 22:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.09.21 13:16:28 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
[2012.09.21 13:02:57 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Dominik\Desktop\esetsmartinstaller_enu(1).exe
[2012.09.21 12:58:19 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{783002ED-64BA-4A2E-86C5-77D101967D58}
[2012.09.21 12:53:08 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{45227D5C-05F1-44EA-899C-40AE77BC3A9B}
[2012.09.20 15:01:11 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{D5C62D85-9A29-4273-BE23-55F7A8931410}
[2012.09.19 22:41:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.09.19 14:40:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2012.09.19 14:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.19 14:40:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.19 14:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.19 14:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.19 14:27:18 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{0C63A5D8-642A-4FAF-A59D-FEAAF8B06D91}
[2012.09.18 14:06:46 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{37D65C59-201B-4D8C-B76A-958C305DFFE4}
[2012.09.17 22:37:09 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{B76ABAA7-1F07-4155-B1A8-04ED663FD13B}
[2012.09.17 10:36:45 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{76367127-4897-47F2-AE77-52D653E918BF}
[2012.09.16 15:50:23 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{BBD344BF-301C-4E01-BBFB-AAF054A72BA8}
[2012.09.15 21:34:07 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{9143E9C0-9C1E-49A4-8EB8-26E3D46CD890}
[2012.09.15 11:56:04 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{546E0C14-17B2-4B3F-9FA9-6E9F90F57E46}
[2012.09.14 14:23:15 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{887B24CA-0319-4378-B438-6DAEFC2F89A5}
[2012.09.13 11:20:40 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{B6C0BBD7-0603-470D-B96B-FAE51BBB84E2}
[2012.09.11 23:04:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{DEBA69D2-0A0A-48F0-B072-1EFC15CCD3D8}
[2012.09.11 11:09:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{38B59530-F6C4-401E-BDD1-C8A85A9528E3}
[2012.09.10 22:51:33 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{B648325A-3BC9-459A-82A8-1C5966F5F35D}
[2012.09.10 10:51:02 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{762A2A66-3A3C-40BC-8D40-72E73B139175}
[2012.09.10 10:45:58 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{2EEF0C60-1543-403B-94FA-6781B174E2BE}
[2012.09.09 12:14:06 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{8D6AA65C-8E1D-44EF-9BF6-AA2F1ED3DD5F}
[2012.09.09 11:47:49 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{AFFEE56B-5A04-4DC6-ABDD-2EDF071C755C}
[2012.09.09 00:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.08 22:48:24 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{7C04FEB7-1CD7-4376-8FB8-D0CFC99C86C1}
[2012.09.08 22:39:50 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{20A5194F-F6EB-4E50-9912-A8D94543B5AB}
[2012.09.08 09:57:42 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{3DD6001D-209C-4EEA-B3C1-A5CD4A5EB34C}
[2012.09.07 13:19:36 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{DF2DFA03-B96D-4A11-888E-3A396560ADBB}
[2012.09.06 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\F833A6A9-DA5F-441D-9BF8-9CB3465A1588.aplzod
[2012.09.06 10:07:28 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{94667738-A3C5-4B49-987A-97C78F870136}
[2012.09.05 11:23:11 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{C610990F-D49D-4D76-A587-41A7406DDA97}
[2012.09.04 11:22:35 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{B1814599-6614-45BF-8395-7C14FDC9BC2E}
[2012.09.03 15:09:59 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2012.09.03 15:09:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2012.09.03 15:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.09.03 15:09:52 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Winamp
[2012.09.03 15:09:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2012.09.03 15:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.09.03 15:02:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.09.03 14:47:03 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\FFOutput
[2012.09.03 11:21:58 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{DFBB49F6-1EBC-45B3-8A70-C48550676FFC}
[2012.09.02 18:49:31 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{3C615725-5252-4658-BAE1-04C667C8CDE3}
[2012.09.01 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{BE1F5614-CAE8-45D1-8EFF-2A55BA006066}
[2012.08.31 13:10:33 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{6345A6BE-1311-4CA5-83EF-E944181B42F7}
[2012.08.30 22:20:39 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{02F784AE-51BC-4B72-8D44-EF492F1F77B8}
[2012.08.30 10:20:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{8AC4E217-BD26-4DD4-8706-A6A7DC2DE1A4}
[2012.08.29 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\{45852FEA-1FA0-4069-A4F1-3B3E3191BC72}
[2012.08.28 22:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.27 21:48:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Desktop\OTL.exe
[2012.09.27 20:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.27 13:26:54 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.27 13:26:54 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.27 13:19:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.27 13:19:17 | 3212,468,224 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 20:44:49 | 000,008,430 | ---- | M] () -- C:\Users\Dominik\AppData\Local\recently-used.xbel
[2012.09.23 12:50:23 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.22 20:31:50 | 000,076,217 | ---- | M] () -- C:\Users\Dominik\Desktop\HERREN Winter Skerhut.pdf
[2012.09.21 22:14:52 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.09.21 13:13:14 | 461,172,217 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.09.21 13:03:13 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Dominik\Desktop\esetsmartinstaller_enu(1).exe
[2012.09.21 00:21:55 | 000,939,288 | ---- | M] () -- C:\Users\Dominik\Desktop\Anmeldung Niklas Lück Herrenmannschaft.pdf
[2012.09.19 14:40:44 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 21:30:19 | 000,000,000 | ---- | M] () -- C:\Users\Dominik\defogger_reenable
[2012.09.15 21:59:50 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.15 21:59:50 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.15 21:59:50 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.15 21:59:50 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.15 21:59:50 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.05 21:57:44 | 000,022,251 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.08.30 21:14:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.30 21:14:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.30 21:14:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.30 18:18:04 | 003,487,434 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.08.28 22:42:32 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.08.28 22:42:32 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
 
========== Files Created - No Company Name ==========
 
[2012.09.23 20:44:49 | 000,008,430 | ---- | C] () -- C:\Users\Dominik\AppData\Local\recently-used.xbel
[2012.09.23 12:50:23 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.22 20:28:42 | 000,076,217 | ---- | C] () -- C:\Users\Dominik\Desktop\HERREN Winter Skerhut.pdf
[2012.09.21 22:24:30 | 003,487,434 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.09.21 22:23:20 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.09.21 22:14:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.21 00:21:55 | 000,939,288 | ---- | C] () -- C:\Users\Dominik\Desktop\Anmeldung Niklas Lück Herrenmannschaft.pdf
[2012.09.19 14:40:44 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\Dominik\defogger_reenable
[2012.07.23 12:20:33 | 000,358,912 | ---- | C] () -- C:\Windows\SysWow64\pythoncom27.dll
[2012.07.23 12:20:33 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\pywintypes27.dll
[2012.07.23 12:20:33 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\pythoncomloader27.dll
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.03.11 13:24:42 | 000,022,251 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.01.31 16:58:01 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.01.31 16:58:01 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.31 16:58:00 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.08.13 22:38:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.09.27 21:47:23 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FileZilla
[2012.07.28 21:50:55 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\hdbADS
[2012.09.26 23:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ
[2012.03.11 14:04:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQLite
[2012.03.11 14:04:11 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\OCS
[2012.03.11 14:04:13 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Opera
[2012.09.22 20:54:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Spotify
[2012.08.07 23:43:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.08.13 22:38:20 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Adobe
[2012.09.06 22:22:59 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Apple Computer
[2012.03.09 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Avira
[2012.08.13 22:38:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.09.27 21:47:23 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FileZilla
[2012.07.28 21:50:55 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\hdbADS
[2012.09.26 23:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ
[2012.03.11 14:04:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQLite
[2012.03.09 15:40:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Identities
[2012.03.09 15:40:27 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Intel Corporation
[2012.03.09 15:43:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Macromedia
[2012.09.19 14:40:56 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2010.11.21 09:00:23 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Media Center Programs
[2012.06.24 01:02:43 | 000,000,000 | --SD | M] -- C:\Users\Dominik\AppData\Roaming\Microsoft
[2012.03.11 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mozilla
[2012.03.11 14:04:11 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\OCS
[2012.03.11 14:04:13 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Opera
[2012.05.28 17:30:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Skype
[2012.09.22 20:54:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Spotify
[2012.08.07 23:43:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2012.09.03 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\vlc
[2012.09.03 21:45:28 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Winamp
[2012.04.17 11:13:12 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2012.08.13 22:38:18 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Dominik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.07.25 23:21:52 | 000,010,134 | R--- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\Foren.exe
[2012.07.25 23:21:52 | 000,000,766 | R--- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\htmledit.exe
[2012.03.21 14:50:11 | 000,576,536 | R--- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Installer\{C5AC39F1-001D-4338-84C6-35109525588A}\TweetDeck.exe
[2012.03.11 14:04:11 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2012.03.11 14:04:11 | 000,040,960 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
[2012.08.24 15:56:52 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\Dominik\AppData\Roaming\Spotify\spotify.exe
[2012.08.24 15:56:52 | 000,114,904 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012.08.24 15:56:52 | 001,193,176 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) MD5=8180A2392E732E8871589B54FAB6991F -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) MD5=8180A2392E732E8871589B54FAB6991F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_74f348dee3038044\iaStor.sys
[2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) MD5=8180A2392E732E8871589B54FAB6991F -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_a0e315501c75a0d0\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2012.01.31 16:22:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2012.01.31 16:22:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2012.01.31 16:22:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2012.01.31 16:22:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2012.01.31 16:22:17 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2012.01.31 16:22:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2012.01.31 16:22:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2012.01.31 16:22:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.03.15 15:19:33 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.03.15 15:19:33 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012.06.06 07:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msxml3.dll

< End of report >
__________________
Alt 27.09.2012, 21:18   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{10BD97EA-5BF1-4F62-B23C-9F424574965F}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://search.kikin.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6B696B696E2E636F6D2F7365617263682F3F713D7B7365617263685465726D737D&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{BEF45F2C-B69D-4950-8893-DEE26A7906F4}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
IE - HKU\S-1-5-21-1994997717-2065594754-2853226106-1000\..\SearchScopes\{E53828DC-1389-40D6-B4B0-88608DF01665}: "URL" = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=30da08cb-341e-485b-af3c-e5e08ac5a97a&pid=murb&mode=bounce&k=1
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1994997717-2065594754-2853226106-1009..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.27 22:11:56 | 000,000,000 | ---D | M] - E:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2010.09.27 22:11:56 | 003,812,720 | R--- | M] (Electronic Arts Inc.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.09.27 22:11:56 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2010.09.27 22:11:56 | 003,812,720 | R--- | M] (Electronic Arts Inc.)
:Files
C:\Users\Dominik\AppData\Local\{*
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\MozillaProfil\user.js
C:\Users\Dominik\Downloads\FormatFactorySetup290.exe
C:\Users\Public\vom alten PC\MozillaProfil\user.js
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
__________________
Alt 27.09.2012, 21:31   #19
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


und hier die datei nach dem fix:

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Internet Explorer\SearchScopes\{10BD97EA-5BF1-4F62-B23C-9F424574965F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10BD97EA-5BF1-4F62-B23C-9F424574965F}\ not found.
Registry key HKEY_USERS\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}\ not found.
Registry key HKEY_USERS\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BEF45F2C-B69D-4950-8893-DEE26A7906F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEF45F2C-B69D-4950-8893-DEE26A7906F4}\ not found.
Registry key HKEY_USERS\S-1-5-21-1994997717-2065594754-2853226106-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E53828DC-1389-40D6-B4B0-88608DF01665}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E53828DC-1389-40D6-B4B0-88608DF01665}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1994997717-2065594754-2853226106-1009\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File  not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abe4fc47-69ea-11e1-a3e2-806e6f6e6963}\ not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
========== FILES ==========
C:\Users\Dominik\AppData\Local\{00267734-F7F8-4C1D-963D-656F972180E7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0102B2AD-D282-41BF-BEF1-AAB14624B06F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{015045FD-E42A-4945-B705-E6B14C6F7AC3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{01FB09B8-E631-4B0B-A0E5-EE64E8AF80F2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{02F784AE-51BC-4B72-8D44-EF492F1F77B8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{03E9F15D-F909-4312-BD72-1C7EEB4B95A5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{043811B9-0CCB-4F67-B7DB-C5EFFEABDD96} folder moved successfully.
C:\Users\Dominik\AppData\Local\{04559A1D-FCDB-4765-9CE0-5D2DDEECB065} folder moved successfully.
C:\Users\Dominik\AppData\Local\{049A415B-DD77-4E63-9C95-DCAE5E43AC0F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{057285CE-5DF2-4726-94BE-C6A935FB82D1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{05C52927-CE5F-4512-AB5F-26F30004054D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{06254EA6-345D-4F62-9670-0EE6422FF9ED} folder moved successfully.
C:\Users\Dominik\AppData\Local\{06A9557A-7769-40F0-9D76-B196B2006B5B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{074A34DA-2217-4C88-9ACB-BA7FA09B148D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0774C997-B104-4137-A207-C8B4E09A0654} folder moved successfully.
C:\Users\Dominik\AppData\Local\{084A08C6-0C59-4092-8942-54D2432C9696} folder moved successfully.
C:\Users\Dominik\AppData\Local\{08B0DFD0-EA31-4A22-A95E-7C5CC506F776} folder moved successfully.
C:\Users\Dominik\AppData\Local\{08B19102-6666-4CCE-A5CE-32A529B9E0F5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{09519FCF-2BFE-474F-B405-C6FDAFD1116F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{09A37031-92FC-4C1B-9248-4E4E1ECE4078} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0C11ADCC-FC3D-4B9C-A6CA-42B4F0848632} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0C5CD0F2-EDE9-4271-B9AD-0409D4866CAF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0C63A5D8-642A-4FAF-A59D-FEAAF8B06D91} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0C6D1522-ADC8-47B7-8796-2C701C089F20} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0CC1454D-796C-45F6-9A37-295EFAE3AFBA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0CC87418-D4D0-4253-B73B-2EB56A592B33} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0CEDF738-F3E4-48BA-9344-5CEAB1161B14} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0CFCDFE9-E916-4FAC-BEBB-FB1FB15524D2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0D05AA36-E2F9-4196-A90B-EFFBC3A17C01} folder moved successfully.
C:\Users\Dominik\AppData\Local\{0E69C9AE-0032-4894-8713-BF537551F6A2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{109EDFAC-E1C3-44D0-8253-B917FCD51A45} folder moved successfully.
C:\Users\Dominik\AppData\Local\{10F93881-CB61-468D-BB56-BD4FCBBD65DE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{11C1051F-6ECE-4A2D-A168-7746D29938F2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1244E071-7B10-4FC5-931B-C24580DFDE74} folder moved successfully.
C:\Users\Dominik\AppData\Local\{12B1DBB0-26D4-46C9-955A-DD0DED4FEEDD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{13192719-A480-481C-A50D-AF860B673084} folder moved successfully.
C:\Users\Dominik\AppData\Local\{14223CE4-FF3B-49F8-ADF1-695793F36F89} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1508F16E-0BAF-41F5-863F-D7402F4F9A70} folder moved successfully.
C:\Users\Dominik\AppData\Local\{17AC2CA3-06E2-4287-B49D-4CD2320D7AD1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{185866CE-0405-4CE7-AE0E-69AC393E4A55} folder moved successfully.
C:\Users\Dominik\AppData\Local\{190F08EF-9C22-4ACF-ADED-2490721D682E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{19B3A69D-3DBA-4425-8648-C1312030CFEB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{19CA2519-27DB-4235-A2F0-B7A0E262CE89} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1A45FD97-BC79-42D3-A543-422A4B256994} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1A80E05B-6304-424A-83FA-A778DC1F8889} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1B41BA5D-2D2A-4CF6-8586-6FC8E342B099} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1BB2EE0C-BBA2-4301-A521-D3EEA5BAD2DD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1CA29224-4DC1-4DFF-A042-C1CFB4354187} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1D7C3F20-1B84-494E-9D6C-15491D8A822E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1E4C6D28-CB27-4DB5-9D45-9DE5F3834B95} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1EEE8976-A481-437F-A907-20FFEC69A0AD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1F1A8406-250D-45E2-9955-5DE398F2B242} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1F65742D-40BE-4A4B-A3FD-A5990E41C233} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1F72F7EE-F394-4F2C-AC38-0D594312124B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{1F76C827-C0A1-45DA-AC31-542E78EDDC83} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2023D5CD-7982-452C-B558-968790D1C5C8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{20A5194F-F6EB-4E50-9912-A8D94543B5AB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{21BC999D-341A-4F39-9DDC-E3534437F3AA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{21C5D226-8FDC-49BD-B68B-D3B583665AFC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{21E48BDB-659D-4E28-8703-2ADBBF43C66F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{23257A81-1352-4397-944A-E2F4BF939102} folder moved successfully.
C:\Users\Dominik\AppData\Local\{233CBBD1-E48C-447A-8192-517BFF4EE368} folder moved successfully.
C:\Users\Dominik\AppData\Local\{23608BD9-D682-48DE-9D9B-9C083D12E0D9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{23DECC52-B79F-4DBA-A76F-978F8D2A6EFF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{23E3EC5E-C926-4500-9B69-030DA8C65703} folder moved successfully.
C:\Users\Dominik\AppData\Local\{25AD5E45-E62D-47C9-9079-D74146391D1F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{25CE444B-8F64-49DE-9864-72920953C772} folder moved successfully.
C:\Users\Dominik\AppData\Local\{26F01132-95A4-4E79-8EA0-DA2A5D4D9C12} folder moved successfully.
C:\Users\Dominik\AppData\Local\{27C3A288-40F9-4F39-A048-FFDF52066D83} folder moved successfully.
C:\Users\Dominik\AppData\Local\{29591F4D-4DA6-4310-BBBC-522EB9513D7D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{295C6248-AAE0-4C8C-B7C2-D39DD3198D6F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2A2CF08D-107F-4DE8-9D11-3BC39054AA5F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2A33FDBB-04F9-4574-86DE-254523F013D3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2AA5F6FB-87E9-4EC9-9705-47EA80AA0944} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2B4BE468-81E5-4677-B894-28CA60E897C5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2B6BBD26-9EEB-44D5-91FF-9E07D841692D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2B7A68BF-D19C-4BD7-BF60-E9BA09D16DFE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2C7D2E01-53AB-4E4D-9939-735A1738252A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2CAFE104-07CF-43E4-8065-CC7CBD1D73BA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2D1B3E7F-7BBC-4C93-9C62-23B7C6997A70} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2D8F0A96-F69A-47C0-8420-5EB264E73845} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2E16F212-3FF6-4C6B-B5A0-D94492F87969} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2E5666B4-8BFC-42D8-BD50-DD5939917A35} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2E7EC3CC-6105-4883-9075-7EFA36BDA5AC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{2EEF0C60-1543-403B-94FA-6781B174E2BE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3139FA66-0F77-41D4-B7CF-E1C19B6A8910} folder moved successfully.
C:\Users\Dominik\AppData\Local\{34EDB70A-DD2F-4862-AA9C-68916875E731} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3509829D-F762-401A-AF49-08E42976E22E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{35CDB190-64C0-4362-90FD-F1328FF7ADE3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{360E81BA-15E4-42A8-9E15-15B54336F284} folder moved successfully.
C:\Users\Dominik\AppData\Local\{363A45DD-3AD3-4A20-A385-0D0270DA6F10} folder moved successfully.
C:\Users\Dominik\AppData\Local\{36756DFB-9244-477E-9EDF-1935224FD46D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{368DBF9A-A3C7-4B54-BB22-A02D73050B16} folder moved successfully.
C:\Users\Dominik\AppData\Local\{37D65C59-201B-4D8C-B76A-958C305DFFE4} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3835D543-7E41-49A6-BACF-59A561CBF79E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{386189C9-F1F2-4DAD-A28A-8EA524BA1E1F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{38B59530-F6C4-401E-BDD1-C8A85A9528E3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3A5F1A41-4E53-4E67-8D78-F6AD3875C491} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3A6E0A88-49B7-4B8C-A338-8045D6F8D82D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3A962733-BCE0-48BE-8131-EF8AC82137D6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3A9D0DFE-6990-4D6A-8E82-87115A9659DB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3ACE88F9-EA59-4B16-A022-D32ED3906D05} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3C02E84F-A854-49B4-8326-060F111C5F09} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3C3C5152-4B9D-4358-8701-80BBE6ED165E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3C615725-5252-4658-BAE1-04C667C8CDE3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3CF7BB77-880D-4EFB-AF41-8F9FCF5425FE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3D24FB26-6D59-4F7E-B1E2-D35CAB2236BD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3D8335CD-54AA-4C87-966F-C69B8F2C8864} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3DD6001D-209C-4EEA-B3C1-A5CD4A5EB34C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3E0E481E-2278-439F-A136-0220614CAA43} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3E1CE2A1-C5BE-4F15-ABE6-A4DE9D594866} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3E389164-E925-49D9-9D0B-7D84FE8EDB8A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3E4AB9FD-C270-4A82-9B0E-BE49B8A2DC26} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3E8437DB-7BE3-47AB-8590-BE22841CB01D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3EA426DB-0B3F-46F3-95C3-0194E7DB558A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3ED47FCC-448E-484E-8925-3BFC1E851B22} folder moved successfully.
C:\Users\Dominik\AppData\Local\{3ED7EF71-517E-4E0D-841E-910C4B971F84} folder moved successfully.
C:\Users\Dominik\AppData\Local\{40122FD4-E8DD-48B2-B2B2-AB1118A32F97} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4083146E-4BD3-4544-8753-1CF2DA6426C3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{40E9914E-DF8E-4ADE-89F8-40ABB9402FB7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{416BD515-626F-4127-93EF-CCC744818A2B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4235B670-4671-4EE0-BF71-FBFAC46452E6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{44043AE0-6A71-446C-AA58-7ABEE282BFD5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{45227D5C-05F1-44EA-899C-40AE77BC3A9B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{45852FEA-1FA0-4069-A4F1-3B3E3191BC72} folder moved successfully.
C:\Users\Dominik\AppData\Local\{45B1E49D-8223-49F8-BEE1-B2E7D1B0608C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{45FE3773-7C9E-41A5-A406-7F684DB7417E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{460B49D2-2F5A-4F83-96EA-0BE18A0E8A9D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4650DE36-5574-4DFB-8D85-506A0BE653D9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{46770591-FDA0-4842-A899-BD352FAEA52A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{46A8EB48-66A7-4119-8999-032E43A82709} folder moved successfully.
C:\Users\Dominik\AppData\Local\{46ABDE6C-40BF-4934-BC17-98BFFAF344E5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{46D60C20-B52B-4D0D-ADEE-5C48D42E49F1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{47037542-795D-4456-A77E-8CFB6BAD9424} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4713093F-1EFC-4817-A6B5-4D49479F4BB9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{480ACD5A-7026-468C-AB97-7B627610F8CB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{481047FB-EE7B-48D4-B86E-FFBE736D8D7A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{48C99F89-61B2-44D1-93C1-5FB9C42CE115} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4919E102-8605-48F0-9DC8-93A2F4646850} folder moved successfully.
C:\Users\Dominik\AppData\Local\{496AFD2F-6470-4DBD-9790-80EB685EF43D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{49B464E7-E8FB-43F8-9D57-FB2795B25FEB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{49BB66AB-C035-4615-9C60-77B317331FA8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4A285EB0-743C-4536-8E87-0BF6C9DE8253} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4A4D73FA-55FC-4281-AABE-4E7CD13B45BA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4A9C0ACA-5FD3-465D-964F-088F74D454D7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4B944A4C-6452-412D-8050-16C7AB5A6231} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4C817801-699C-4DE4-ABCC-1CB89337A1D2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4D04BEC1-05E0-4E27-89F0-1C9E5281FBCE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{4DCFC741-ACB1-4ADF-ADF1-338703F2003F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{502130E4-E908-4324-80D6-88421557AC8C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{505D99A3-DEF8-4B6D-BC7E-C342C181813C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{510BE721-3999-4BFE-9D89-E2D3D087C0C8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5241C505-A296-4C67-81C1-62A84A906382} folder moved successfully.
C:\Users\Dominik\AppData\Local\{52B53C2C-A5A4-45AF-963B-6F492B1CD4AB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{53109093-B6F5-4F62-B34D-8AAB3C146152} folder moved successfully.
C:\Users\Dominik\AppData\Local\{53454157-80C3-4E2B-B760-051CCF30533C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{545447BE-2193-415B-80FE-F5531F39CB24} folder moved successfully.
C:\Users\Dominik\AppData\Local\{546E0C14-17B2-4B3F-9FA9-6E9F90F57E46} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5490F447-BC68-441E-8BB8-B558D5DB0A0E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{54B0C168-4E0B-42C3-996B-B55C4358D806} folder moved successfully.
C:\Users\Dominik\AppData\Local\{550226D6-28D6-4D9E-9603-FB43A63A54DA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{55999361-9237-4B25-85B0-86C75D67D0B0} folder moved successfully.
C:\Users\Dominik\AppData\Local\{55B1B402-4A7F-472A-930D-61095DACDD62} folder moved successfully.
C:\Users\Dominik\AppData\Local\{56551FDE-E88A-4547-9967-80C4FD5B4E4D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{56C850AC-8B0D-456F-B4A5-517D220F52CE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5879529D-595E-4E46-9CC2-CFE669370ABC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{591FEDCB-381A-4B0D-A0FA-715BBD2028A6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{598C96CA-C7E4-4074-B929-0443F6E0BCA8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{59B2A347-4D4E-428C-A19F-8FAFF7E04AA3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5AB77BF1-9465-43C3-9333-7F3DE9E332BE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5AE1482F-579C-4CFB-BC5F-61E1BB497396} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5BAA7FE9-671D-4A06-9F58-C6A3270D4599} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5BE7EBDA-4D53-4647-BCAD-0A7660532F44} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5BF9127B-AE1E-4B21-AE49-506BCACDD2FB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5CD544B7-9A9F-4823-ACD5-5B915D6EB3F3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5D511A44-93C0-4533-8894-9CA2558A7319} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5D75C523-3E31-4B1D-8734-2E3E65BE0A5A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5DC9A923-91FA-4DBB-BC42-48D32EA00ECA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5DD84246-5B37-4C3C-99C2-C334E9A6502E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5E90B58B-BCB5-42B6-9DF5-C39DFF2B4518} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5E996693-6127-418E-9F60-D2D65A6A7128} folder moved successfully.
C:\Users\Dominik\AppData\Local\{5F13AA44-743A-45C1-8FE5-A5074FCCC2CF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{60BDFBD1-1109-4379-8B3A-CD7C336F2C5F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{61188E4C-4910-445B-BF10-746252F345CA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6195D438-7FBB-46C3-BCFD-A3D9395A0633} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6345A6BE-1311-4CA5-83EF-E944181B42F7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{64C4E708-FB5F-4CD8-8942-31352A297E3B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{65F39A3E-A9C3-48DF-A38A-64878762E46E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{66788B54-A15B-4FEE-A782-C79C6A9D2180} folder moved successfully.
C:\Users\Dominik\AppData\Local\{66D7C110-514A-42A3-88EC-882C375E9341} folder moved successfully.
C:\Users\Dominik\AppData\Local\{692EA201-7ACF-4505-8FE6-0BE52D506A5A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{69BAD473-96DC-4F43-99BA-2AD94ABD8543} folder moved successfully.
C:\Users\Dominik\AppData\Local\{69C9C22F-CAC2-4AED-A846-D5D1BE601806} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6A799F95-C596-40FC-9217-CE07CA11B857} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6ACEAE9A-F2BA-4EC5-A52A-7DB786D26654} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6BAD9B1E-FCAF-45DD-AD7C-60B6BCBB5D6A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6BB27551-A53D-4696-B68A-F1AF2AB60DF7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6BE4CDB0-1160-4349-9543-50260D3B6771} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6CD1F538-E133-4EC7-BACB-35EB10502F1D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6D2FE25B-0CD9-4CF6-B53A-77A6727E8740} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6D4A6F41-C6DB-4DDD-BD64-4460D99156D5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6D9F76F3-A2BA-4E32-87E7-2328E669311C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6DFE34EA-8CD7-4A62-82C2-58492F2CAB93} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6F9A57BD-32A8-412F-AB75-D6C781BD3D08} folder moved successfully.
C:\Users\Dominik\AppData\Local\{6FF0C81D-C68C-4C8F-BE6A-1D0F5543B364} folder moved successfully.
C:\Users\Dominik\AppData\Local\{70A36F1A-3F00-4CB8-B976-D1BBDD8586BE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{71BB9C77-1FD8-48E3-A54D-CB560845B995} folder moved successfully.
C:\Users\Dominik\AppData\Local\{72194AA4-E70D-4620-AC07-93FF0A542FB3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{73DD7F19-E078-4C40-85EA-E2DE11A60F28} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7427FD77-E089-46A0-8C2F-D5B4077B2311} folder moved successfully.
C:\Users\Dominik\AppData\Local\{749B4DD3-4989-4F3F-AE9A-7B47ACE2B77C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{75429AC2-4FB8-4208-87C8-B5DF3452E80F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{762A2A66-3A3C-40BC-8D40-72E73B139175} folder moved successfully.
C:\Users\Dominik\AppData\Local\{76367127-4897-47F2-AE77-52D653E918BF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{783002ED-64BA-4A2E-86C5-77D101967D58} folder moved successfully.
C:\Users\Dominik\AppData\Local\{79310772-0838-4059-B082-B2634C921586} folder moved successfully.
C:\Users\Dominik\AppData\Local\{793487AC-4432-4095-888B-611FB381503D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{79F039AB-AA60-4394-A1DF-48A798071D0F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{79F5FD9E-3DEC-4C0E-8F0B-C168C524DE35} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7AC5CAFA-B91E-43BD-9076-655F14EC7976} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7AF61922-4E6D-4089-A700-014D674A9A8D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7B458D65-78BD-4582-9098-8A6D065B41EC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7B51BA9E-D4CF-469C-8DED-8D6A57C87847} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7B95ED64-6FA2-48FD-8103-7234160EF9A4} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7BCC873C-A8F5-4FC4-8974-3A8A096AA229} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7C04FEB7-1CD7-4376-8FB8-D0CFC99C86C1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7D0BD457-4341-4D87-94C2-F8A28C118063} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7DA225B5-ACE3-44EB-88C1-BBE113A1A3FE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7F0842C0-28B9-42D2-B4BC-B21A7AECD3FC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{7FFC886C-2513-4235-AED2-3DF116751568} folder moved successfully.
C:\Users\Dominik\AppData\Local\{800AA4CB-DDB3-47B3-9F0A-76BB20B2567B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8044DD5E-BF84-4B40-9195-5D80405201C3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{80CCD3CC-CB34-40F4-A1AD-A2D7C94C8696} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8111B8F3-4025-4F93-9B2F-33F94A0ADBE1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{81564872-2DC5-4606-9840-334A6DE3D6F2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{82039FAC-0258-46A7-A61F-59E83E3286CE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{823D0A15-95C3-4280-9B60-5B9915770CCC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{83BF229C-0CD1-4963-B906-685EDEEA4E57} folder moved successfully.
C:\Users\Dominik\AppData\Local\{84B1C916-5529-4C00-819A-D999A1AAA447} folder moved successfully.
C:\Users\Dominik\AppData\Local\{852ED18A-CDD4-4850-94D8-FCE1760ABEEA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{852FBFB7-00EB-42B4-BF2E-5A4B39AFF329} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8552A2EC-9463-4668-BF3F-2390E0CA8779} folder moved successfully.
C:\Users\Dominik\AppData\Local\{858383DE-8817-45ED-B486-49D751752EBD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{86F65671-8A18-4FCA-9A50-BCEB9DC8FB71} folder moved successfully.
C:\Users\Dominik\AppData\Local\{87C8BCF6-9913-44FF-BA59-0FEA39647B50} folder moved successfully.
C:\Users\Dominik\AppData\Local\{87ED16EC-B2B8-437A-882A-FA600632E2B7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{887B24CA-0319-4378-B438-6DAEFC2F89A5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{88AF93C4-F86C-4C3B-A714-3C79AAEC62B5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{89A71DF5-B33F-486A-873C-79ECBF63ABA8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8A39CC89-3EE7-4376-98F7-5159D3E8BE98} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8AC4E217-BD26-4DD4-8706-A6A7DC2DE1A4} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8AFBC74F-9B21-4971-9858-03234D9516C3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8B92F02C-F9F1-493A-A43A-4811B0A587B0} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8C1722F7-4EA3-470D-87EE-CC19EF42AD3E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8C2F2FEA-1969-490E-873F-51475D32C900} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8C5359D8-6C8E-4847-BEC3-B2A0F252B513} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8CF480E5-AC81-4733-BE17-8B50349B3613} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8D6AA65C-8E1D-44EF-9BF6-AA2F1ED3DD5F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8D93169D-7FC1-4792-9709-5D0CED000175} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8EB67918-3077-4F1F-BEA3-DBE6F667B61C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8FB99C24-FC48-4056-B225-7480F423F7F9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{8FF270B7-FF59-4C07-BDA2-57CD34BA3575} folder moved successfully.
C:\Users\Dominik\AppData\Local\{90113EB6-FD05-42D5-9E60-905FAAF95C5A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9041C739-2A04-4397-BF0A-D3A3240EA017} folder moved successfully.
C:\Users\Dominik\AppData\Local\{91009170-EC32-4159-886B-21AB709958B1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9143E9C0-9C1E-49A4-8EB8-26E3D46CD890} folder moved successfully.
C:\Users\Dominik\AppData\Local\{919E9FE7-8884-4B36-9A36-4423174BB8F2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{91BE1F1C-2D99-4644-B4EE-B4E9F4F78714} folder moved successfully.
C:\Users\Dominik\AppData\Local\{91F839BA-D46E-4D97-839C-803F90EC6636} folder moved successfully.
C:\Users\Dominik\AppData\Local\{92070E57-BAF8-4F26-BAA4-84C159C14DC5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{93292022-8997-4A10-A943-7AA2BB7E5445} folder moved successfully.
C:\Users\Dominik\AppData\Local\{93E40ACB-57FE-48BA-B2EF-4C6AC0C6943B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9457FFBD-C2EF-4562-8A35-6E391633FB70} folder moved successfully.
C:\Users\Dominik\AppData\Local\{94667738-A3C5-4B49-987A-97C78F870136} folder moved successfully.
C:\Users\Dominik\AppData\Local\{94FCEE4C-9E94-47D1-9720-0EFB1ACD0C57} folder moved successfully.
C:\Users\Dominik\AppData\Local\{95CD9828-CF68-4C8A-AAB0-A255C6D57137} folder moved successfully.
C:\Users\Dominik\AppData\Local\{968F4209-280B-42EE-9DD2-418FD25EB6AA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{96A07F17-11A7-4665-BEDE-53EB3DCFC45B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{96F8174A-AAF6-427B-A76C-171023F1C099} folder moved successfully.
C:\Users\Dominik\AppData\Local\{97569AE8-A6AA-425E-82F9-5673EF3B3CDA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{979F4D91-4267-453C-98E4-DFA2D7F66C22} folder moved successfully.
C:\Users\Dominik\AppData\Local\{97BF68D0-49E3-4DBD-9E87-78B1E0D7A215} folder moved successfully.
C:\Users\Dominik\AppData\Local\{98229962-E882-46F7-8B87-9FDE4823D7A6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{982ABBAD-367A-4334-B69C-E3B339979A1B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{99703EA7-AEE9-42D3-963C-D3881EBC421C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{99C5DEEC-28DD-42E2-86EA-3CA44255B854} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9A494DC6-45C3-4401-B2C6-B8272323BDF8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9A6BCDD7-1971-47B3-A846-2999589A5741} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9AD20EB3-4138-4772-8F37-D9D298238249} folder moved successfully.
C:\Users\Dominik\AppData\Local\{9E02C837-6E1E-408E-BA22-3DDB3099FF77} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A187C2B6-43C2-4047-85C6-5A63DFAD5F21} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A1EB1077-F50F-4BFF-A990-018B059BBD09} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A22880F6-BE00-4CC2-8F3D-4E0B6F723904} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A349FB95-88EA-4C24-8846-3158941F4F9F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A36C1587-74A2-489E-A018-B0F26C95B9F5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A7A679A1-F738-4024-A4A7-3E7F1B601319} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A8E26F2A-3FD4-40E2-A9A4-46D18F895581} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A8EA9DEA-3101-4952-B527-575340BEEF30} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A936D5CC-FD0A-4717-A248-40431A905091} folder moved successfully.
C:\Users\Dominik\AppData\Local\{A957F8BF-10CB-4245-A000-1955CAFCF5EA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AA43B391-587D-408C-A5E3-FC9D8F28C3EC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AAB35688-2131-4EF8-BD7B-AFEB1E935CCC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AAB97920-1C98-4566-98BA-8C2D7E392770} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AD88D87F-35A3-4596-8B63-9949761CA2F3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AD9567C1-2C45-4F88-8EB0-0A71D68B0DC7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{ADDEA1AC-BA1E-4AC2-80AB-36666EBA2F74} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AE138B8C-D925-4A31-B3FD-915AFE8AAE5F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AE545D60-16D8-4606-B7BC-B35FBFF37E8E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AE61AEEF-44DD-4A36-B5D3-D5AE2FC585A5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AF61A457-B37D-42B9-9C2B-899E0A402DEC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AFB56AA2-042A-494A-B0CC-B386693917E2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AFEB233B-8214-4964-A1C9-80DE12FEF04E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{AFFEE56B-5A04-4DC6-ABDD-2EDF071C755C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B0530218-0E21-4DE2-83AC-6C469D08B9BC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B0A0B737-DB02-4E75-BD70-7900F009F51E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B150BC35-F99A-4BAC-BF60-9C497D4E0DD6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B17BC7E3-3AC8-480E-BF02-DBDB371E485A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B1814599-6614-45BF-8395-7C14FDC9BC2E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B1BC55FD-783B-45B4-996D-E82165968571} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B4081BE7-0CAA-4C4F-96EB-265189439D7D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B428719F-61E6-4C30-AE60-53DE73B72D2E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B4A88706-0B4C-4BE5-AE91-E6103851E1B7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B648325A-3BC9-459A-82A8-1C5966F5F35D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B657F76D-39A1-4484-8D1D-AE97253E8906} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B6681644-24D1-43E0-9320-F0CDD5E690F3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B671528C-AC7C-4236-BB4F-B1B2B92F0CDE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B6C0BBD7-0603-470D-B96B-FAE51BBB84E2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B76ABAA7-1F07-4155-B1A8-04ED663FD13B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B77739D4-5394-4D99-B28A-E8AAD6F43D8F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B7D6431C-2CF9-4F64-899E-618B02F5C13F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B7E8C9FC-A927-4982-A979-FAE3E4CD1699} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B8CD6A78-1C0A-4502-BCF6-B0DA86C1E898} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B8FE9E77-6C1B-45EC-AEC1-8E3637423AD8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{B9650E50-DBB9-4EEE-A871-E348CB81A49C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{BB08421D-6DD9-4581-9BB2-3258AB7CD756} folder moved successfully.
C:\Users\Dominik\AppData\Local\{BBAC857C-4508-4F9C-B84F-C32C4FA218AA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{BBD344BF-301C-4E01-BBFB-AAF054A72BA8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{BE1F5614-CAE8-45D1-8EFF-2A55BA006066} folder moved successfully.
C:\Users\Dominik\AppData\Local\{BEDF2EA2-2326-4A9D-9650-289E61AB7825} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C011A9C1-D07D-4F8D-83CE-D499AFD885D0} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C097F58F-CEC2-4624-A4D8-4955FC254ED9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C1F519D4-678D-4DE5-A0D6-7F44B2C06839} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C23DF54A-6D3E-479F-A2E3-4FF096AFE4E2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C36309C1-BC12-448E-9ED6-7FC3DACE3F8C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C368AB86-2A6B-4141-B548-0F3123B74937} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C382C8CF-2D90-4B1B-8C1E-F4F23D138696} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C3B75B2F-9AA9-43EB-8DA5-BB47B51831A5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C5317B38-0E28-468C-9D57-FEA7FD0C051C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C610990F-D49D-4D76-A587-41A7406DDA97} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C632978F-0101-4E1E-8238-2F345E1813C2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C6C6AE91-E08C-4A18-B85D-047999DAF154} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C6D9D7B0-C099-4747-8437-5483A4021752} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C6EE5E4F-09A2-41C1-833D-A1C3E1C1AF0E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C7B98031-5C9A-4940-945D-45CEB3349013} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C7C9D5D9-C778-4805-800A-CF1BFF93A527} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C85A9E40-0CD3-4898-9AFE-392CB4FA9BC7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{C902831A-7D3F-4C36-982B-0E8034BB26A3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CA022E7C-6294-4F6C-AB85-590926E70D11} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CA336A32-368A-48D8-983E-C635177DEE31} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CA41EC8E-B0A7-4773-89FC-18E14322F6FD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CB49949F-8851-4DDA-BC16-F22093E0981C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CBD56EDC-2CDF-476A-AF20-D3454077ADA5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CC2D1608-7A1B-45D2-9B68-AA825D9497BA} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CC31E468-F232-4273-B389-25627345D68A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{CEC83EA1-2308-40B0-9CBD-5A804B52AC24} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D00CB703-EE6F-430E-951A-84073D036C35} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D03D8688-CDCB-4C3F-9CD3-8B70FA12A70D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D2696B72-697E-4698-808C-3893643AF5B9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D2D8110D-419D-4DCD-9AC2-A7C0C9464A2F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D31320CB-A84A-4F98-BC32-B28C6178C0D5} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D3471BEE-DE22-4633-99BA-056B6865204D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D399C075-DD6F-4A47-9B50-3FFA0575B70E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D4F78DF8-D262-4436-9418-DAA492F8F8A6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D573F321-22F2-4075-8D4C-5E2D56361743} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D5C62D85-9A29-4273-BE23-55F7A8931410} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D8877EAE-CAC1-4DAA-AD66-B86964FFAC89} folder moved successfully.
C:\Users\Dominik\AppData\Local\{D8F2D43B-8747-4AA8-840D-9B6BCA944B97} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DA6CAF82-0985-4284-93B4-B534C514F2C3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DA88C557-9A81-41DD-8E25-E22A828F5BB3} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DAC4728F-C629-4985-8DD4-DE7E04141A72} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DB41B75B-1A7A-4CFF-9935-92981FFDB360} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DB6A6566-D91B-41A3-BFFF-F87F25E89D9A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DB70CC4F-C464-44D1-B6A9-041E5CBDCF37} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DB75434E-9E82-408F-B331-8076C6CFB932} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DBEFF0DE-6D26-431B-AF14-639EEA84B49E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DC51D2D8-453A-4073-9BA3-7FD0366E77CE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DC8511E8-31D3-4CFC-BE89-0D5F6D37A280} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DCDB1D09-ECA8-4A26-9898-6F0FFBA2949A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DD8A608C-2F2E-4E25-9C63-AC67C2D3775B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DDFEFFC8-4436-4B29-8128-5E9EBDE78203} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DE1275D3-3EC6-445E-88C7-383355B2FBBD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DEBA69D2-0A0A-48F0-B072-1EFC15CCD3D8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DECB8CB0-0681-4441-A569-6FECA45E4886} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DF2DFA03-B96D-4A11-888E-3A396560ADBB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DF996BBC-D265-40BD-B1D3-20D2710B2A33} folder moved successfully.
C:\Users\Dominik\AppData\Local\{DFBB49F6-1EBC-45B3-8A70-C48550676FFC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E015DAEC-3D13-4413-B146-E1393181EA59} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E0580E78-30C1-4063-97B4-48526618F9AF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E07FEDDE-05CA-422B-A806-731A438F3875} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E10A6FBB-74D2-4557-BE0C-F9FE24397CCE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E1321329-EFCC-4C01-B3ED-10A794BF5A30} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E192609E-47F2-4F85-8449-25EAB45C8D78} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E21FA8B0-DF41-484C-A45A-DDE278D29EC7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E2348B69-6A09-410C-AED4-B645BBBD958B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E45BD9BA-A611-4C7D-87C0-4C1D9FD6D6C9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E477D1DD-9F71-45A4-BF79-B64CEAAA0535} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E507FC45-1A23-4A8F-9342-9A54272E0AAD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E562932B-DE95-40A0-BE98-B66AC88ED196} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E5EBAB68-C42F-4411-892B-4F5507A958F9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E60F9074-FA9B-4738-A502-476D56558711} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E61FEDA9-81DE-4A62-B2AF-9303A9336ED7} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E6640AB2-4EE4-4BA3-83B1-B545BA5B1BFF} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E6BC830C-8728-43A5-B311-C883FABCB1B0} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E6C2556D-B830-43FA-B09F-FF2AEEB6A455} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E71CCDF8-D35D-48FB-873A-C562CDEDDA44} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E74345BB-7A2C-42E0-AF38-968CB2097D10} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E8E4419B-A212-442B-8FDA-8B46CFBAF0C2} folder moved successfully.
C:\Users\Dominik\AppData\Local\{E9699B0B-66DD-489C-A1C8-5A64E4208866} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EBC5E1D2-2C2D-4C3A-BE0B-F9B6C969406E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{ECA880ED-C766-46E6-AC51-A4EC8E49B73A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{ECD8E533-2578-460E-B8C9-5D93039F55C8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{ED494615-5A2D-458D-8BAA-A5E9798335FB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EE18A5B2-4125-4185-A9E0-C541C75FCA10} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EE8B000C-AEBB-489E-8455-371DED348A6D} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EF184648-6057-4643-98DF-370015B3FD82} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EF319AD8-D044-4970-B361-7478C2ABAC3F} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EF729193-ADFB-4C36-BD3B-1D18F5D0C748} folder moved successfully.
C:\Users\Dominik\AppData\Local\{EFC09E2B-D6C0-4FC8-B3BA-E77747027EDB} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F1176C82-BC7A-4064-9D62-3ADC99FE8FED} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F13E526B-9744-44C0-AA22-555A5ED2BA58} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F2A27D98-9D04-429D-B2D6-B46FCF0BA333} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F327FF2B-0595-41E7-8B36-7D41C585CB9C} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F3C88BF6-B0D1-4466-B12B-4B1C28F88E7A} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F53F1F64-0812-465B-8EA1-D1E13CAD144E} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F5531BF9-E14E-4AA4-8110-2AA7F49C37EE} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F63E0A60-57B9-48AB-8B9F-3682BB7B32DD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F64D8F1E-01C8-4C2E-A5E0-D26252D470B8} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F66A9DFF-80E5-4E6C-8EEC-0D2101DAC714} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F83649C7-868E-4101-8486-49EB7575C68B} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F863BB47-90D1-4CD4-A5B1-54F73CE00645} folder moved successfully.
C:\Users\Dominik\AppData\Local\{F886FA93-1F14-44DA-BCE9-39799B8559B0} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FA4C0364-CDEF-4E67-A821-EF458F30B5A6} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FAE7AA9C-B2C2-4BA3-AB37-A1C248919792} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FBB74BF7-D151-4AE4-AD06-2E4A403920A9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FD56211C-E058-42BD-B4F9-43FB8E4769AD} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FE0A1A8D-9E9A-4178-9951-600BBD78BCA9} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FEC1DA64-F2B9-4758-A37B-52C2D060DEEC} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FF22B877-3E63-4442-9E16-919B05FC8157} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FF3C18BC-2BB6-4A9D-85C3-CFB233A0E5C1} folder moved successfully.
C:\Users\Dominik\AppData\Local\{FF59E1A3-28EE-4FCC-9C5A-069FC52E5978} folder moved successfully.
File\Folder C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\MozillaProfil\user.js not found.
C:\Users\Dominik\Downloads\FormatFactorySetup290.exe moved successfully.
C:\Users\Public\vom alten PC\MozillaProfil\user.js moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Dominik\Desktop\cmd.bat deleted successfully.
C:\Users\Dominik\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Dominik
->Temp folder emptied: 1138313936 bytes
->Temporary Internet Files folder emptied: 288116528 bytes
->Java cache emptied: 8940208 bytes
->FireFox cache emptied: 339100292 bytes
->Flash cache emptied: 130645 bytes
 
User: Public
 
User: UpdatusUser
 
User: UpdatusUser.Dominik-PCA
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 379222674 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 1171727608 bytes
 
Total Files Cleaned = 3.172,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 09272012_222542

Files\Folders moved on Reboot...
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
C:\Users\Dominik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 28.09.2012, 09:54   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.09.2012, 16:33   #21
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Hier ist die Datei:

Code:
ATTFilter
17:30:47.0300 5316  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:30:47.0520 5316  ============================================================
17:30:47.0520 5316  Current date / time: 2012/09/28 17:30:47.0520
17:30:47.0520 5316  SystemInfo:
17:30:47.0520 5316  
17:30:47.0520 5316  OS Version: 6.1.7601 ServicePack: 1.0
17:30:47.0520 5316  Product type: Workstation
17:30:47.0520 5316  ComputerName: DOMINIK-PCA
17:30:47.0520 5316  UserName: Dominik
17:30:47.0520 5316  Windows directory: C:\Windows
17:30:47.0520 5316  System windows directory: C:\Windows
17:30:47.0520 5316  Running under WOW64
17:30:47.0520 5316  Processor architecture: Intel x64
17:30:47.0520 5316  Number of processors: 4
17:30:47.0520 5316  Page size: 0x1000
17:30:47.0520 5316  Boot type: Normal boot
17:30:47.0520 5316  ============================================================
17:30:47.0960 5316  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:47.0970 5316  ============================================================
17:30:47.0970 5316  \Device\Harddisk0\DR0:
17:30:47.0970 5316  MBR partitions:
17:30:47.0970 5316  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A382000
17:30:47.0970 5316  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A382800, BlocksNum 0x3A383800
17:30:47.0970 5316  ============================================================
17:30:47.0980 5316  C: <-> \Device\Harddisk0\DR0\Partition1
17:30:48.0010 5316  D: <-> \Device\Harddisk0\DR0\Partition2
17:30:48.0010 5316  ============================================================
17:30:48.0010 5316  Initialize success
17:30:48.0010 5316  ============================================================
17:31:26.0446 5860  ============================================================
17:31:26.0446 5860  Scan started
17:31:26.0446 5860  Mode: Manual; SigCheck; TDLFS; 
17:31:26.0446 5860  ============================================================
17:31:28.0336 5860  ================ Scan system memory ========================
17:31:28.0336 5860  System memory - ok
17:31:28.0336 5860  ================ Scan services =============================
17:31:28.0486 5860  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:31:28.0616 5860  1394ohci - ok
17:31:28.0636 5860  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:31:28.0646 5860  ACPI - ok
17:31:28.0666 5860  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:31:28.0737 5860  AcpiPmi - ok
17:31:28.0827 5860  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:31:28.0837 5860  AdobeARMservice - ok
17:31:28.0947 5860  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:31:28.0967 5860  AdobeFlashPlayerUpdateSvc - ok
17:31:28.0997 5860  [ 132190688D8E51D61F88A150D7DF9FB4 ] adp3132         C:\Windows\system32\drivers\adp3132.sys
17:31:29.0047 5860  adp3132 - ok
17:31:29.0067 5860  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:31:29.0087 5860  adp94xx - ok
17:31:29.0117 5860  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:31:29.0127 5860  adpahci - ok
17:31:29.0147 5860  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:31:29.0157 5860  adpu320 - ok
17:31:29.0177 5860  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:31:29.0297 5860  AeLookupSvc - ok
17:31:29.0347 5860  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:31:29.0417 5860  AFD - ok
17:31:29.0427 5860  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:31:29.0447 5860  agp440 - ok
17:31:29.0477 5860  [ 6FE3ABBCDA2721D9EF33D53006FFAFFA ] ahcix64s        C:\Windows\system32\drivers\ahcix64s.sys
17:31:29.0487 5860  ahcix64s - ok
17:31:29.0517 5860  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:31:29.0577 5860  ALG - ok
17:31:29.0587 5860  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:31:29.0607 5860  aliide - ok
17:31:29.0677 5860  [ B5E2434FC851698C1F119CF1C3935A50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:31:29.0757 5860  AMD External Events Utility - ok
17:31:29.0807 5860  [ 30BFEEE0DFFD5BD79D29157CF080DEED ] amdhub30        C:\Windows\system32\drivers\amdhub30.sys
17:31:29.0817 5860  amdhub30 - ok
17:31:29.0827 5860  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:31:29.0837 5860  amdide - ok
17:31:29.0867 5860  [ D52A2E98C5EEFF88CED28793B6B04D84 ] amdide64        C:\Windows\system32\drivers\amdide64.sys
17:31:29.0897 5860  amdide64 - ok
17:31:29.0907 5860  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:31:29.0957 5860  AmdK8 - ok
17:31:30.0157 5860  [ 9E3B4946F7E1BCA0B763E19D81EDBF2C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:31:30.0447 5860  amdkmdag - ok
17:31:30.0467 5860  [ B9E1C7B7F1865F99B16FF2E1BB94EDB6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:31:30.0497 5860  amdkmdap - ok
17:31:30.0507 5860  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:31:30.0537 5860  AmdPPM - ok
17:31:30.0557 5860  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:31:30.0567 5860  amdsata - ok
17:31:30.0577 5860  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:31:30.0597 5860  amdsbs - ok
17:31:30.0607 5860  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:31:30.0607 5860  amdxata - ok
17:31:30.0637 5860  [ 321533578132C811EC834A1B741C994C ] amdxhc          C:\Windows\system32\drivers\amdxhc.sys
17:31:30.0647 5860  amdxhc - ok
17:31:30.0657 5860  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
17:31:30.0667 5860  amd_sata - ok
17:31:30.0677 5860  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
17:31:30.0687 5860  amd_xata - ok
17:31:30.0747 5860  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:31:30.0757 5860  AntiVirSchedulerService - ok
17:31:30.0777 5860  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:31:30.0787 5860  AntiVirService - ok
17:31:30.0817 5860  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:31:30.0948 5860  AppID - ok
17:31:30.0968 5860  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:31:31.0018 5860  AppIDSvc - ok
17:31:31.0028 5860  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:31:31.0078 5860  Appinfo - ok
17:31:31.0168 5860  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:31:31.0178 5860  Apple Mobile Device - ok
17:31:31.0198 5860  [ D73AAD4946051D074909FDFD34D94C7B ] arc             C:\Windows\system32\drivers\arc.sys
17:31:31.0208 5860  arc - ok
17:31:31.0218 5860  [ 46E8C3EB03224A1E55C6F0C100A9D2CC ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:31:31.0228 5860  arcsas - ok
17:31:31.0248 5860  [ 4DFF4312661F54EE87DC9A13CAEE60E0 ] asahci64        C:\Windows\system32\drivers\asahci64.sys
17:31:31.0248 5860  asahci64 - ok
17:31:31.0258 5860  [ C5F36B1087553BAC84B493E4DFEA9036 ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
17:31:31.0298 5860  asmthub3 - ok
17:31:31.0318 5860  [ AA6797E04AC24DBAC4C239A33F468463 ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
17:31:31.0358 5860  asmtxhci - ok
17:31:31.0378 5860  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:31:31.0418 5860  AsyncMac - ok
17:31:31.0438 5860  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:31:31.0438 5860  atapi - ok
17:31:31.0498 5860  [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:31:31.0508 5860  AtiHDAudioService - ok
17:31:31.0528 5860  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:31:31.0598 5860  AudioEndpointBuilder - ok
17:31:31.0598 5860  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:31:31.0628 5860  AudioSrv - ok
17:31:31.0658 5860  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:31:31.0668 5860  avgntflt - ok
17:31:31.0678 5860  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:31:31.0688 5860  avipbb - ok
17:31:31.0698 5860  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:31:31.0698 5860  avkmgr - ok
17:31:31.0718 5860  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:31:31.0788 5860  AxInstSV - ok
17:31:31.0808 5860  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:31:31.0868 5860  b06bdrv - ok
17:31:31.0888 5860  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:31:31.0928 5860  b57nd60a - ok
17:31:31.0988 5860  [ 66E66FD5A83C8BBFB791D14246D84015 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:31:31.0998 5860  BBSvc - ok
17:31:32.0008 5860  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:31:32.0068 5860  BDESVC - ok
17:31:32.0078 5860  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:31:32.0128 5860  Beep - ok
17:31:32.0248 5860  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:31:32.0278 5860  BFE - ok
17:31:32.0318 5860  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:31:32.0398 5860  BITS - ok
17:31:32.0408 5860  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:31:32.0428 5860  blbdrive - ok
17:31:32.0488 5860  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:31:32.0508 5860  Bonjour Service - ok
17:31:32.0528 5860  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:31:32.0568 5860  bowser - ok
17:31:32.0578 5860  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:31:32.0588 5860  BrFiltLo - ok
17:31:32.0598 5860  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:31:32.0618 5860  BrFiltUp - ok
17:31:32.0648 5860  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:31:32.0678 5860  Browser - ok
17:31:32.0688 5860  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:31:32.0748 5860  Brserid - ok
17:31:32.0758 5860  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:31:32.0798 5860  BrSerWdm - ok
17:31:32.0818 5860  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:31:32.0838 5860  BrUsbMdm - ok
17:31:32.0838 5860  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:31:32.0848 5860  BrUsbSer - ok
17:31:32.0858 5860  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:31:32.0878 5860  BTHMODEM - ok
17:31:32.0898 5860  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:31:32.0918 5860  bthserv - ok
17:31:32.0928 5860  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:31:32.0978 5860  cdfs - ok
17:31:32.0988 5860  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:31:32.0998 5860  cdrom - ok
17:31:33.0028 5860  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:31:33.0088 5860  CertPropSvc - ok
17:31:33.0108 5860  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
17:31:33.0138 5860  circlass - ok
17:31:33.0168 5860  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:31:33.0178 5860  CLFS - ok
17:31:33.0238 5860  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:31:33.0248 5860  clr_optimization_v2.0.50727_32 - ok
17:31:33.0278 5860  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:31:33.0288 5860  clr_optimization_v2.0.50727_64 - ok
17:31:33.0328 5860  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:31:33.0338 5860  clr_optimization_v4.0.30319_32 - ok
17:31:33.0358 5860  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:31:33.0368 5860  clr_optimization_v4.0.30319_64 - ok
17:31:33.0378 5860  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:31:33.0398 5860  CmBatt - ok
17:31:33.0418 5860  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:31:33.0428 5860  cmdide - ok
17:31:33.0468 5860  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:31:33.0528 5860  CNG - ok
17:31:33.0538 5860  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:31:33.0548 5860  Compbatt - ok
17:31:33.0558 5860  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:31:33.0578 5860  CompositeBus - ok
17:31:33.0598 5860  COMSysApp - ok
17:31:33.0598 5860  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:31:33.0608 5860  crcdisk - ok
17:31:33.0638 5860  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:31:33.0678 5860  CryptSvc - ok
17:31:33.0708 5860  [ 1CA90212A99DB6975C344826D11055C9 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
17:31:33.0718 5860  dc3d - ok
17:31:33.0758 5860  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:31:33.0858 5860  DcomLaunch - ok
17:31:33.0918 5860  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:31:33.0958 5860  defragsvc - ok
17:31:33.0988 5860  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:31:34.0038 5860  DfsC - ok
17:31:34.0058 5860  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:31:34.0108 5860  Dhcp - ok
17:31:34.0128 5860  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:31:34.0168 5860  discache - ok
17:31:34.0188 5860  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
17:31:34.0198 5860  Disk - ok
17:31:34.0218 5860  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:31:34.0268 5860  Dnscache - ok
17:31:34.0288 5860  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:31:34.0348 5860  dot3svc - ok
17:31:34.0368 5860  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:31:34.0428 5860  DPS - ok
17:31:34.0458 5860  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:31:34.0488 5860  drmkaud - ok
17:31:34.0518 5860  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:31:34.0538 5860  DXGKrnl - ok
17:31:34.0558 5860  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:31:34.0588 5860  EapHost - ok
17:31:34.0638 5860  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:31:34.0739 5860  ebdrv - ok
17:31:34.0749 5860  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:31:34.0769 5860  EFS - ok
17:31:34.0819 5860  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:31:34.0869 5860  ehRecvr - ok
17:31:34.0879 5860  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:31:34.0889 5860  ehSched - ok
17:31:34.0909 5860  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:31:34.0929 5860  elxstor - ok
17:31:34.0939 5860  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:31:34.0959 5860  ErrDev - ok
17:31:34.0989 5860  [ F4845B5EECA94D200F621BBAAF7946C1 ] EtronHub3       C:\Windows\System32\Drivers\EtronHub3.sys
17:31:35.0009 5860  EtronHub3 - ok
17:31:35.0029 5860  [ 4A5945B5CDCF8EC3F842AE8AAA146A1F ] EtronXHCI       C:\Windows\System32\Drivers\EtronXHCI.sys
17:31:35.0049 5860  EtronXHCI - ok
17:31:35.0069 5860  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:31:35.0099 5860  EventSystem - ok
17:31:35.0119 5860  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:31:35.0149 5860  exfat - ok
17:31:35.0149 5860  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:31:35.0189 5860  fastfat - ok
17:31:35.0219 5860  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:31:35.0269 5860  Fax - ok
17:31:35.0289 5860  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
17:31:35.0299 5860  fdc - ok
17:31:35.0309 5860  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:31:35.0339 5860  fdPHost - ok
17:31:35.0359 5860  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:31:35.0399 5860  FDResPub - ok
17:31:35.0429 5860  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:31:35.0439 5860  FileInfo - ok
17:31:35.0449 5860  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:31:35.0489 5860  Filetrace - ok
17:31:35.0509 5860  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:31:35.0519 5860  flpydisk - ok
17:31:35.0529 5860  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:31:35.0539 5860  FltMgr - ok
17:31:35.0559 5860  [ F82F68BE29096C552CA25511F08005E7 ] FLxHCIc         C:\Windows\system32\drivers\FLxHCIc.sys
17:31:35.0569 5860  FLxHCIc - ok
17:31:35.0589 5860  [ 256F51C79AB03AD6D68ECAE96ADB4746 ] FLxHCIh         C:\Windows\system32\drivers\FLxHCIh.sys
17:31:35.0599 5860  FLxHCIh - ok
17:31:35.0629 5860  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
17:31:35.0679 5860  FontCache - ok
17:31:35.0729 5860  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:31:35.0739 5860  FontCache3.0.0.0 - ok
17:31:35.0750 5860  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:31:35.0760 5860  FsDepends - ok
17:31:35.0810 5860  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
17:31:35.0820 5860  fssfltr - ok
17:31:35.0910 5860  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:31:35.0960 5860  fsssvc - ok
17:31:35.0980 5860  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:31:35.0990 5860  Fs_Rec - ok
17:31:36.0000 5860  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:31:36.0020 5860  fvevol - ok
17:31:36.0040 5860  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:31:36.0050 5860  gagp30kx - ok
17:31:36.0080 5860  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:31:36.0090 5860  GEARAspiWDM - ok
17:31:36.0120 5860  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:31:36.0170 5860  gpsvc - ok
17:31:36.0170 5860  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:31:36.0190 5860  hcw85cir - ok
17:31:36.0210 5860  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:31:36.0240 5860  HdAudAddService - ok
17:31:36.0260 5860  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:31:36.0290 5860  HDAudBus - ok
17:31:36.0290 5860  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:31:36.0310 5860  HidBatt - ok
17:31:36.0320 5860  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:31:36.0330 5860  HidBth - ok
17:31:36.0350 5860  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:31:36.0360 5860  HidIr - ok
17:31:36.0370 5860  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:31:36.0400 5860  hidserv - ok
17:31:36.0410 5860  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:31:36.0420 5860  HidUsb - ok
17:31:36.0440 5860  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:31:36.0480 5860  hkmsvc - ok
17:31:36.0490 5860  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:31:36.0510 5860  HomeGroupListener - ok
17:31:36.0540 5860  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:31:36.0560 5860  HomeGroupProvider - ok
17:31:36.0580 5860  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:31:36.0580 5860  HpSAMD - ok
17:31:36.0620 5860  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:31:36.0680 5860  HTTP - ok
17:31:36.0700 5860  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:31:36.0700 5860  hwpolicy - ok
17:31:36.0720 5860  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:31:36.0730 5860  i8042prt - ok
17:31:36.0760 5860  [ 8180A2392E732E8871589B54FAB6991F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
17:31:36.0780 5860  iaStor - ok
17:31:36.0790 5860  [ BC14E2C46AECD17D22D3356CA0A2DD4B ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
17:31:36.0810 5860  iaStorA - ok
17:31:36.0850 5860  [ 17125B7D2F56B4B35441561C780C2CCB ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:31:36.0850 5860  IAStorDataMgrSvc - ok
17:31:36.0860 5860  [ 33D28E16388BE5630FEE19B933FAA440 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
17:31:36.0860 5860  iaStorF - ok
17:31:36.0880 5860  [ B5845D5141C64A19F4C20BCFC46256E3 ] iaStorS         C:\Windows\system32\drivers\iaStorS.sys
17:31:36.0900 5860  iaStorS - ok
17:31:37.0000 5860  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:31:37.0020 5860  iaStorV - ok
17:31:37.0070 5860  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:31:37.0100 5860  idsvc - ok
17:31:37.0120 5860  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:31:37.0130 5860  iirsp - ok
17:31:37.0150 5860  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:31:37.0190 5860  IKEEXT - ok
17:31:37.0210 5860  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
17:31:37.0260 5860  Impcd - ok
17:31:37.0370 5860  [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:31:37.0490 5860  IntcAzAudAddService - ok
17:31:37.0500 5860  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:31:37.0510 5860  intelide - ok
17:31:37.0520 5860  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:31:37.0550 5860  intelppm - ok
17:31:37.0570 5860  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:31:37.0620 5860  IPBusEnum - ok
17:31:37.0620 5860  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:31:37.0650 5860  IpFilterDriver - ok
17:31:37.0660 5860  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:31:37.0710 5860  iphlpsvc - ok
17:31:37.0730 5860  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:31:37.0740 5860  IPMIDRV - ok
17:31:37.0750 5860  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:31:37.0801 5860  IPNAT - ok
17:31:37.0861 5860  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:31:37.0891 5860  iPod Service - ok
17:31:37.0901 5860  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:31:37.0941 5860  IRENUM - ok
17:31:37.0951 5860  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:31:37.0961 5860  isapnp - ok
17:31:37.0971 5860  [ AC45D94185CF67267D06BF2F45E9E31E ] ISASerial       C:\Windows\system32\drivers\ISASerial.sys
17:31:38.0001 5860  ISASerial - ok
17:31:38.0011 5860  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:31:38.0031 5860  iScsiPrt - ok
17:31:38.0041 5860  [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir          C:\Windows\system32\drivers\itecir.sys
17:31:38.0051 5860  itecir - ok
17:31:38.0061 5860  [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
17:31:38.0061 5860  iusb3hcs - ok
17:31:38.0091 5860  [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
17:31:38.0101 5860  iusb3hub - ok
17:31:38.0121 5860  [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
17:31:38.0151 5860  iusb3xhc - ok
17:31:38.0151 5860  [ C0D9BA660A41EE8A269EF804E6CD0D7B ] JRAID           C:\Windows\system32\drivers\jraid.sys
17:31:38.0161 5860  JRAID - ok
17:31:38.0181 5860  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:31:38.0191 5860  kbdclass - ok
17:31:38.0211 5860  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:31:38.0231 5860  kbdhid - ok
17:31:38.0251 5860  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:31:38.0261 5860  KeyIso - ok
17:31:38.0281 5860  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:31:38.0291 5860  KSecDD - ok
17:31:38.0301 5860  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:31:38.0311 5860  KSecPkg - ok
17:31:38.0331 5860  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:31:38.0371 5860  ksthunk - ok
17:31:38.0381 5860  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:31:38.0431 5860  KtmRm - ok
17:31:38.0451 5860  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:31:38.0481 5860  LanmanServer - ok
17:31:38.0511 5860  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:38.0551 5860  LanmanWorkstation - ok
17:31:38.0561 5860  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:31:38.0611 5860  lltdio - ok
17:31:38.0631 5860  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:31:38.0671 5860  lltdsvc - ok
17:31:38.0691 5860  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:31:38.0731 5860  lmhosts - ok
17:31:38.0751 5860  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:31:38.0761 5860  LSI_FC - ok
17:31:38.0781 5860  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:31:38.0781 5860  LSI_SAS - ok
17:31:38.0791 5860  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:31:38.0801 5860  LSI_SAS2 - ok
17:31:38.0821 5860  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:31:38.0831 5860  LSI_SCSI - ok
17:31:38.0861 5860  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:31:38.0901 5860  luafv - ok
17:31:38.0951 5860  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:31:38.0961 5860  MBAMProtector - ok
17:31:39.0001 5860  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:31:39.0011 5860  MBAMScheduler - ok
17:31:39.0041 5860  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:31:39.0051 5860  MBAMService - ok
17:31:39.0071 5860  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
17:31:39.0081 5860  MBfilt - ok
17:31:39.0121 5860  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
17:31:39.0131 5860  McComponentHostService - ok
17:31:39.0141 5860  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:31:39.0151 5860  Mcx2Svc - ok
17:31:39.0171 5860  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:31:39.0181 5860  megasas - ok
17:31:39.0201 5860  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:31:39.0211 5860  MegaSR - ok
17:31:39.0241 5860  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:31:39.0251 5860  MEIx64 - ok
17:31:39.0311 5860  Microsoft SharePoint Workspace Audit Service - ok
17:31:39.0341 5860  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:31:39.0391 5860  MMCSS - ok
17:31:39.0421 5860  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:31:39.0451 5860  Modem - ok
17:31:39.0471 5860  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:31:39.0491 5860  monitor - ok
17:31:39.0511 5860  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:31:39.0521 5860  mouclass - ok
17:31:39.0521 5860  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:31:39.0551 5860  mouhid - ok
17:31:39.0581 5860  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:31:39.0591 5860  mountmgr - ok
17:31:39.0641 5860  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:39.0651 5860  MozillaMaintenance - ok
17:31:39.0671 5860  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:31:39.0681 5860  mpio - ok
17:31:39.0701 5860  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:31:39.0731 5860  mpsdrv - ok
17:31:39.0751 5860  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:31:39.0781 5860  MpsSvc - ok
17:31:39.0801 5860  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:31:39.0831 5860  MRxDAV - ok
17:31:39.0861 5860  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:39.0881 5860  mrxsmb - ok
17:31:39.0901 5860  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:39.0911 5860  mrxsmb10 - ok
17:31:39.0921 5860  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:39.0921 5860  mrxsmb20 - ok
17:31:39.0931 5860  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:31:39.0941 5860  msahci - ok
17:31:39.0951 5860  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:31:39.0961 5860  msdsm - ok
17:31:39.0981 5860  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:31:40.0011 5860  MSDTC - ok
17:31:40.0041 5860  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:31:40.0081 5860  Msfs - ok
17:31:40.0101 5860  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:31:40.0121 5860  mshidkmdf - ok
17:31:40.0131 5860  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:31:40.0141 5860  msisadrv - ok
17:31:40.0151 5860  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:31:40.0181 5860  MSiSCSI - ok
17:31:40.0181 5860  msiserver - ok
17:31:40.0191 5860  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:31:40.0221 5860  MSKSSRV - ok
17:31:40.0231 5860  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:40.0271 5860  MSPCLOCK - ok
17:31:40.0281 5860  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:31:40.0301 5860  MSPQM - ok
17:31:40.0321 5860  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:31:40.0331 5860  MsRPC - ok
17:31:40.0341 5860  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:31:40.0351 5860  mssmbios - ok
17:31:40.0351 5860  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:31:40.0371 5860  MSTEE - ok
17:31:40.0381 5860  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:31:40.0401 5860  MTConfig - ok
17:31:40.0421 5860  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\drivers\ASACPI.sys
17:31:40.0431 5860  MTsensor - ok
17:31:40.0441 5860  [ 07AD6825D5C658595CAB7F8F5849401C ] MtsHID          C:\Windows\system32\drivers\MtsHID.sys
17:31:40.0451 5860  MtsHID - ok
17:31:40.0461 5860  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:31:40.0471 5860  Mup - ok
17:31:40.0471 5860  [ 3F70E83C6A9F617D649A82149D337724 ] mv91cons        C:\Windows\system32\drivers\mv91cons.sys
17:31:40.0481 5860  mv91cons - ok
17:31:40.0501 5860  [ 611EBE534DF049AD9413552FA81ECF75 ] mv91xx          C:\Windows\system32\drivers\mv91xx.sys
17:31:40.0511 5860  mv91xx - ok
17:31:40.0541 5860  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:31:40.0611 5860  napagent - ok
17:31:40.0641 5860  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:31:40.0691 5860  NativeWifiP - ok
17:31:40.0751 5860  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:31:40.0791 5860  NDIS - ok
17:31:40.0801 5860  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:40.0831 5860  NdisCap - ok
17:31:40.0851 5860  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:40.0881 5860  NdisTapi - ok
17:31:40.0891 5860  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:40.0921 5860  Ndisuio - ok
17:31:40.0931 5860  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:40.0971 5860  NdisWan - ok
17:31:40.0981 5860  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:31:41.0011 5860  NDProxy - ok
17:31:41.0051 5860  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
17:31:41.0071 5860  Netaapl - ok
17:31:41.0081 5860  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:31:41.0141 5860  NetBIOS - ok
17:31:41.0161 5860  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:31:41.0191 5860  NetBT - ok
17:31:41.0201 5860  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:31:41.0211 5860  Netlogon - ok
17:31:41.0251 5860  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:31:41.0291 5860  Netman - ok
17:31:41.0321 5860  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:31:41.0361 5860  netprofm - ok
17:31:41.0371 5860  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:31:41.0381 5860  NetTcpPortSharing - ok
17:31:41.0411 5860  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:31:41.0431 5860  nfrd960 - ok
17:31:41.0461 5860  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:31:41.0511 5860  NlaSvc - ok
17:31:41.0511 5860  NmPar - ok
17:31:41.0511 5860  nmserial - ok
17:31:41.0531 5860  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:31:41.0561 5860  Npfs - ok
17:31:41.0581 5860  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:31:41.0631 5860  nsi - ok
17:31:41.0671 5860  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:31:41.0711 5860  nsiproxy - ok
17:31:41.0771 5860  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:31:41.0841 5860  Ntfs - ok
17:31:41.0851 5860  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:31:41.0891 5860  Null - ok
17:31:41.0931 5860  [ B227E75AD10A142DD326B4CC8D73A6D9 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:31:41.0951 5860  nusb3hub - ok
17:31:41.0971 5860  [ 55959DB860E4E484681586824D09E52C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:31:41.0991 5860  nusb3xhc - ok
17:31:42.0001 5860  [ 7FD5C060CB907489A5702F628226F54A ] nvamacpi        C:\Windows\system32\drivers\NVAMACPI.sys
17:31:42.0001 5860  nvamacpi - ok
17:31:42.0041 5860  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:31:42.0051 5860  NVHDA - ok
17:31:42.0281 5860  [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:31:42.0571 5860  nvlddmkm - ok
17:31:42.0591 5860  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:31:42.0601 5860  nvraid - ok
17:31:42.0621 5860  [ 694F5E9D9D624D47F432F5B2E66A0528 ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
17:31:42.0631 5860  nvrd64 - ok
17:31:42.0641 5860  [ E58D81FB8616D0CB55C1E36AA0B213C9 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
17:31:42.0651 5860  nvsmu - ok
17:31:42.0671 5860  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:31:42.0671 5860  nvstor - ok
17:31:42.0691 5860  [ 05DE5DC43AFE6CAB78F9C7CA044CBCBE ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
17:31:42.0701 5860  nvstor64 - ok
17:31:42.0761 5860  [ 43F91595049DE14C4B61D1E76436164F ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:31:42.0792 5860  nvsvc - ok
17:31:42.0862 5860  [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:31:42.0902 5860  nvUpdatusService - ok
17:31:42.0932 5860  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:31:42.0942 5860  nv_agp - ok
17:31:42.0962 5860  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:31:42.0982 5860  ohci1394 - ok
17:31:43.0012 5860  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:43.0032 5860  ose - ok
17:31:43.0142 5860  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:31:43.0262 5860  osppsvc - ok
17:31:43.0302 5860  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:31:43.0352 5860  p2pimsvc - ok
17:31:43.0382 5860  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:31:43.0402 5860  p2psvc - ok
17:31:43.0412 5860  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
17:31:43.0452 5860  Parport - ok
17:31:43.0492 5860  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:31:43.0502 5860  partmgr - ok
17:31:43.0522 5860  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:31:43.0562 5860  PcaSvc - ok
17:31:43.0592 5860  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:31:43.0602 5860  pci - ok
17:31:43.0622 5860  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:31:43.0632 5860  pciide - ok
17:31:43.0642 5860  [ D7C203015E2C2A2EAC8DACEF156D8DC3 ] PciIsaSerial    C:\Windows\system32\drivers\PciIsaSerial.sys
17:31:43.0692 5860  PciIsaSerial - ok
17:31:43.0702 5860  [ 088B509B2F35A3CEE00AC0E0BC4C5BED ] PciPPorts       C:\Windows\system32\drivers\PciPPorts.sys
17:31:43.0732 5860  PciPPorts - ok
17:31:43.0752 5860  [ 7F97CDD5E91FC73DA2B01344957AA058 ] PciSPorts       C:\Windows\system32\drivers\PciSPorts.sys
17:31:43.0762 5860  PciSPorts - ok
17:31:43.0782 5860  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:31:43.0792 5860  pcmcia - ok
17:31:43.0832 5860  PCSUService - ok
17:31:43.0852 5860  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:31:43.0862 5860  pcw - ok
17:31:43.0872 5860  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:31:43.0932 5860  PEAUTH - ok
17:31:43.0982 5860  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:31:44.0002 5860  PerfHost - ok
17:31:44.0032 5860  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:31:44.0122 5860  pla - ok
17:31:44.0152 5860  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:31:44.0202 5860  PlugPlay - ok
17:31:44.0212 5860  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:31:44.0232 5860  PNRPAutoReg - ok
17:31:44.0242 5860  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:31:44.0252 5860  PNRPsvc - ok
17:31:44.0302 5860  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
17:31:44.0312 5860  Point64 - ok
17:31:44.0352 5860  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:31:44.0402 5860  PolicyAgent - ok
17:31:44.0422 5860  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:31:44.0472 5860  Power - ok
17:31:44.0472 5860  [ 14C04684A25C221EBE2105D169B4B6FF ] PPorts          C:\Windows\system32\drivers\PPorts.sys
17:31:44.0482 5860  PPorts - ok
17:31:44.0502 5860  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:31:44.0542 5860  PptpMiniport - ok
17:31:44.0562 5860  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
17:31:44.0572 5860  Processor - ok
17:31:44.0602 5860  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:31:44.0652 5860  ProfSvc - ok
17:31:44.0662 5860  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:44.0672 5860  ProtectedStorage - ok
17:31:44.0692 5860  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:31:44.0752 5860  Psched - ok
17:31:44.0792 5860  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:31:44.0822 5860  ql2300 - ok
17:31:44.0832 5860  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:31:44.0842 5860  ql40xx - ok
17:31:44.0862 5860  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:31:44.0872 5860  QWAVE - ok
17:31:44.0892 5860  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:31:44.0902 5860  QWAVEdrv - ok
17:31:44.0912 5860  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:31:44.0932 5860  RasAcd - ok
17:31:44.0972 5860  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:44.0992 5860  RasAgileVpn - ok
17:31:45.0002 5860  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:31:45.0032 5860  RasAuto - ok
17:31:45.0042 5860  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:45.0072 5860  Rasl2tp - ok
17:31:45.0092 5860  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:31:45.0122 5860  RasMan - ok
17:31:45.0132 5860  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:45.0162 5860  RasPppoe - ok
17:31:45.0172 5860  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:31:45.0202 5860  RasSstp - ok
17:31:45.0212 5860  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:31:45.0232 5860  rdbss - ok
17:31:45.0242 5860  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:31:45.0272 5860  rdpbus - ok
17:31:45.0272 5860  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:45.0292 5860  RDPCDD - ok
17:31:45.0322 5860  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:31:45.0352 5860  RDPENCDD - ok
17:31:45.0372 5860  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:31:45.0392 5860  RDPREFMP - ok
17:31:45.0422 5860  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:31:45.0472 5860  RDPWD - ok
17:31:45.0482 5860  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:31:45.0502 5860  rdyboost - ok
17:31:45.0522 5860  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:31:45.0572 5860  RemoteAccess - ok
17:31:45.0592 5860  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:31:45.0612 5860  RemoteRegistry - ok
17:31:45.0632 5860  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:31:45.0672 5860  RpcEptMapper - ok
17:31:45.0692 5860  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:31:45.0722 5860  RpcLocator - ok
17:31:45.0752 5860  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:31:45.0792 5860  RpcSs - ok
17:31:45.0822 5860  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:31:45.0842 5860  rspndr - ok
17:31:45.0872 5860  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
17:31:45.0882 5860  RSUSBSTOR - ok
17:31:45.0902 5860  [ 6CF9DB101A75360E98659F823852E540 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:45.0922 5860  RTL8167 - ok
17:31:45.0922 5860  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:31:45.0932 5860  SamSs - ok
17:31:45.0942 5860  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:31:45.0952 5860  sbp2port - ok
17:31:45.0962 5860  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:31:45.0992 5860  SCardSvr - ok
17:31:46.0002 5860  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:31:46.0032 5860  scfilter - ok
17:31:46.0062 5860  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:31:46.0102 5860  Schedule - ok
17:31:46.0112 5860  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:31:46.0132 5860  SCPolicySvc - ok
17:31:46.0142 5860  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:31:46.0172 5860  SDRSVC - ok
17:31:46.0222 5860  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:31:46.0242 5860  SeaPort - ok
17:31:46.0332 5860  [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
17:31:46.0352 5860  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
17:31:46.0352 5860  SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
17:31:46.0372 5860  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:31:46.0432 5860  secdrv - ok
17:31:46.0442 5860  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:31:46.0472 5860  seclogon - ok
17:31:46.0492 5860  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:31:46.0522 5860  SENS - ok
17:31:46.0542 5860  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:31:46.0592 5860  SensrSvc - ok
17:31:46.0612 5860  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:31:46.0622 5860  Serenum - ok
17:31:46.0632 5860  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
17:31:46.0672 5860  Serial - ok
17:31:46.0712 5860  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:31:46.0742 5860  sermouse - ok
17:31:46.0762 5860  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:31:46.0822 5860  SessionEnv - ok
17:31:46.0832 5860  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:31:46.0852 5860  sffdisk - ok
17:31:46.0862 5860  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:31:46.0892 5860  sffp_mmc - ok
17:31:46.0902 5860  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:31:46.0932 5860  sffp_sd - ok
17:31:46.0952 5860  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:31:46.0962 5860  sfloppy - ok
17:31:46.0972 5860  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:31:47.0022 5860  SharedAccess - ok
17:31:47.0042 5860  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:47.0072 5860  ShellHWDetection - ok
17:31:47.0082 5860  [ DA492C8305434EC6F9BDD60C8B83B10E ] Si3124r5        C:\Windows\system32\drivers\Si3124r5.sys
17:31:47.0092 5860  Si3124r5 - ok
17:31:47.0132 5860  [ 8D10887A1699CF61E74467694B929B09 ] SiFilter        C:\Windows\system32\drivers\SiWinAcc.sys
17:31:47.0132 5860  SiFilter - ok
17:31:47.0152 5860  [ 94E1EDA9A0B305A67EE1BBD0A68CE21A ] SiRemFil        C:\Windows\system32\drivers\SiRemFil.sys
17:31:47.0162 5860  SiRemFil - ok
17:31:47.0182 5860  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:31:47.0182 5860  SiSRaid2 - ok
17:31:47.0192 5860  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:31:47.0202 5860  SiSRaid4 - ok
17:31:47.0252 5860  [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:47.0262 5860  SkypeUpdate - ok
17:31:47.0282 5860  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:31:47.0312 5860  Smb - ok
17:31:47.0352 5860  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:31:47.0382 5860  SNMPTRAP - ok
17:31:47.0382 5860  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:31:47.0392 5860  spldr - ok
17:31:47.0432 5860  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:31:47.0482 5860  Spooler - ok
17:31:47.0502 5860  [ 739C2571867F351167D1D958990E9D84 ] SPorts          C:\Windows\system32\drivers\SPorts.sys
17:31:47.0522 5860  SPorts - ok
17:31:47.0602 5860  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:31:47.0692 5860  sppsvc - ok
17:31:47.0702 5860  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:31:47.0732 5860  sppuinotify - ok
17:31:47.0742 5860  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:31:47.0762 5860  srv - ok
17:31:47.0792 5860  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:31:47.0812 5860  srv2 - ok
17:31:47.0832 5860  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:31:47.0842 5860  srvnet - ok
17:31:47.0862 5860  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:31:47.0882 5860  SSDPSRV - ok
17:31:47.0892 5860  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:31:47.0922 5860  SstpSvc - ok
17:31:47.0932 5860  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:31:47.0942 5860  stexstor - ok
17:31:47.0972 5860  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:31:48.0012 5860  stisvc - ok
17:31:48.0022 5860  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:31:48.0032 5860  swenum - ok
17:31:48.0052 5860  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:31:48.0092 5860  swprv - ok
17:31:48.0132 5860  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:31:48.0182 5860  SysMain - ok
17:31:48.0192 5860  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:48.0212 5860  TabletInputService - ok
17:31:48.0232 5860  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:31:48.0272 5860  TapiSrv - ok
17:31:48.0292 5860  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:31:48.0312 5860  TBS - ok
17:31:48.0442 5860  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:31:48.0502 5860  Tcpip - ok
17:31:48.0532 5860  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:31:48.0562 5860  TCPIP6 - ok
17:31:48.0572 5860  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:31:48.0612 5860  tcpipreg - ok
17:31:48.0632 5860  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:31:48.0662 5860  TDPIPE - ok
17:31:48.0692 5860  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:31:48.0712 5860  TDTCP - ok
17:31:48.0722 5860  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:31:48.0752 5860  tdx - ok
17:31:48.0772 5860  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:31:48.0772 5860  TermDD - ok
17:31:48.0792 5860  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:31:48.0832 5860  TermService - ok
17:31:48.0832 5860  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:31:48.0852 5860  Themes - ok
17:31:48.0862 5860  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:31:48.0892 5860  THREADORDER - ok
17:31:48.0902 5860  [ 68FE3D89829E27D4FD5EEA7BD2C41985 ] tihub3          C:\Windows\system32\drivers\tihub3.sys
17:31:48.0912 5860  tihub3 - ok
17:31:48.0942 5860  [ 0102C9633CE1F18A6AC021F28B734DB5 ] tixhci          C:\Windows\system32\drivers\tixhci.sys
17:31:48.0952 5860  tixhci - ok
17:31:48.0972 5860  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:31:49.0012 5860  TrkWks - ok
17:31:49.0062 5860  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:49.0102 5860  TrustedInstaller - ok
17:31:49.0112 5860  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:49.0152 5860  tssecsrv - ok
17:31:49.0162 5860  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:31:49.0182 5860  TsUsbFlt - ok
17:31:49.0192 5860  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:31:49.0202 5860  TsUsbGD - ok
17:31:49.0212 5860  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:31:49.0252 5860  tunnel - ok
17:31:49.0262 5860  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:31:49.0272 5860  uagp35 - ok
17:31:49.0292 5860  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:31:49.0332 5860  udfs - ok
17:31:49.0352 5860  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:31:49.0362 5860  UI0Detect - ok
17:31:49.0382 5860  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:31:49.0392 5860  uliagpkx - ok
17:31:49.0402 5860  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:31:49.0422 5860  umbus - ok
17:31:49.0442 5860  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:31:49.0452 5860  UmPass - ok
17:31:49.0472 5860  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:31:49.0502 5860  upnphost - ok
17:31:49.0532 5860  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:31:49.0562 5860  USBAAPL64 - ok
17:31:49.0602 5860  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:31:49.0622 5860  usbaudio - ok
17:31:49.0652 5860  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:49.0662 5860  usbccgp - ok
17:31:49.0682 5860  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:31:49.0692 5860  usbcir - ok
17:31:49.0702 5860  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:31:49.0722 5860  usbehci - ok
17:31:49.0742 5860  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:31:49.0782 5860  usbhub - ok
17:31:49.0792 5860  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:31:49.0812 5860  usbohci - ok
17:31:49.0832 5860  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:31:49.0862 5860  usbprint - ok
17:31:49.0882 5860  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:31:49.0902 5860  usbscan - ok
17:31:49.0912 5860  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:49.0922 5860  USBSTOR - ok
17:31:49.0932 5860  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:31:49.0952 5860  usbuhci - ok
17:31:49.0972 5860  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:31:50.0002 5860  usbvideo - ok
17:31:50.0012 5860  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:31:50.0042 5860  UxSms - ok
17:31:50.0042 5860  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:31:50.0052 5860  VaultSvc - ok
17:31:50.0052 5860  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:31:50.0062 5860  vdrvroot - ok
17:31:50.0082 5860  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:31:50.0122 5860  vds - ok
17:31:50.0132 5860  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:50.0142 5860  vga - ok
17:31:50.0152 5860  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:31:50.0182 5860  VgaSave - ok
17:31:50.0202 5860  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:31:50.0212 5860  vhdmp - ok
17:31:50.0222 5860  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:31:50.0232 5860  viaide - ok
17:31:50.0232 5860  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:31:50.0242 5860  volmgr - ok
17:31:50.0262 5860  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:31:50.0272 5860  volmgrx - ok
17:31:50.0282 5860  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:31:50.0292 5860  volsnap - ok
17:31:50.0302 5860  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:31:50.0312 5860  vsmraid - ok
17:31:50.0352 5860  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:31:50.0402 5860  VSS - ok
17:31:50.0432 5860  [ 5BE34BFADE20FF6C154B4663605B6212 ] VUSB3HUB        C:\Windows\system32\drivers\ViaHub3.sys
17:31:50.0472 5860  VUSB3HUB - ok
17:31:50.0492 5860  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:31:50.0502 5860  vwifibus - ok
17:31:50.0512 5860  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:31:50.0542 5860  W32Time - ok
17:31:50.0542 5860  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:31:50.0572 5860  WacomPen - ok
17:31:50.0592 5860  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0632 5860  WANARP - ok
17:31:50.0632 5860  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0662 5860  Wanarpv6 - ok
17:31:50.0692 5860  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:31:50.0722 5860  wbengine - ok
17:31:50.0742 5860  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:31:50.0752 5860  WbioSrvc - ok
17:31:50.0772 5860  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:31:50.0792 5860  wcncsvc - ok
17:31:50.0802 5860  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:50.0842 5860  WcsPlugInService - ok
17:31:50.0852 5860  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
17:31:50.0862 5860  Wd - ok
17:31:50.0882 5860  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:31:50.0902 5860  Wdf01000 - ok
17:31:50.0922 5860  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:31:51.0012 5860  WdiServiceHost - ok
17:31:51.0012 5860  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:31:51.0032 5860  WdiSystemHost - ok
17:31:51.0052 5860  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:31:51.0062 5860  WebClient - ok
17:31:51.0072 5860  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:31:51.0112 5860  Wecsvc - ok
17:31:51.0132 5860  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:31:51.0162 5860  wercplsupport - ok
17:31:51.0172 5860  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:31:51.0202 5860  WerSvc - ok
17:31:51.0212 5860  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:51.0232 5860  WfpLwf - ok
17:31:51.0232 5860  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:31:51.0242 5860  WIMMount - ok
17:31:51.0252 5860  WinDefend - ok
17:31:51.0262 5860  WinHttpAutoProxySvc - ok
17:31:51.0302 5860  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:31:51.0332 5860  Winmgmt - ok
17:31:51.0392 5860  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:31:51.0462 5860  WinRM - ok
17:31:51.0502 5860  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:31:51.0542 5860  WinUsb - ok
17:31:51.0582 5860  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:31:51.0652 5860  Wlansvc - ok
17:31:51.0702 5860  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:31:51.0712 5860  wlcrasvc - ok
17:31:51.0803 5860  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:31:51.0843 5860  wlidsvc - ok
17:31:51.0873 5860  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:31:51.0883 5860  WmiAcpi - ok
17:31:51.0903 5860  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:31:51.0923 5860  wmiApSrv - ok
17:31:51.0963 5860  WMPNetworkSvc - ok
17:31:51.0983 5860  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:31:52.0003 5860  WPCSvc - ok
17:31:52.0023 5860  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:31:52.0053 5860  WPDBusEnum - ok
17:31:52.0053 5860  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:31:52.0083 5860  ws2ifsl - ok
17:31:52.0103 5860  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:31:52.0113 5860  wscsvc - ok
17:31:52.0113 5860  WSearch - ok
17:31:52.0183 5860  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:31:52.0263 5860  wuauserv - ok
17:31:52.0273 5860  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:31:52.0323 5860  WudfPf - ok
17:31:52.0343 5860  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:52.0383 5860  WUDFRd - ok
17:31:52.0403 5860  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:31:52.0433 5860  wudfsvc - ok
17:31:52.0463 5860  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:31:52.0503 5860  WwanSvc - ok
17:31:52.0533 5860  [ 109B6F1888845661D19B7A458776D5D1 ] xhcdrv          C:\Windows\system32\drivers\xhcdrv.sys
17:31:52.0563 5860  xhcdrv - ok
17:31:52.0653 5860  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:31:52.0673 5860  YahooAUService - ok
17:31:52.0703 5860  ================ Scan global ===============================
17:31:52.0723 5860  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:31:52.0753 5860  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:31:52.0763 5860  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:31:52.0783 5860  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:31:52.0813 5860  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:31:52.0823 5860  [Global] - ok
17:31:52.0823 5860  ================ Scan MBR ==================================
17:31:52.0853 5860  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:53.0103 5860  \Device\Harddisk0\DR0 - ok
17:31:53.0103 5860  ================ Scan VBR ==================================
17:31:53.0103 5860  [ F8B8C809891EC8E2A14177659FD1C6D6 ] \Device\Harddisk0\DR0\Partition1
17:31:53.0103 5860  \Device\Harddisk0\DR0\Partition1 - ok
17:31:53.0133 5860  [ 65744C35DAA2D7E5CCC1414BD955217C ] \Device\Harddisk0\DR0\Partition2
17:31:53.0133 5860  \Device\Harddisk0\DR0\Partition2 - ok
17:31:53.0133 5860  ============================================================
17:31:53.0133 5860  Scan finished
17:31:53.0133 5860  ============================================================
17:31:53.0143 5428  Detected object count: 1
17:31:53.0143 5428  Actual detected object count: 1
17:32:16.0946 5428  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:16.0946 5428  SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 28.09.2012, 18:52   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.09.2012, 21:05   #23
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Hier das Log von combofix:

Code:
ATTFilter
ComboFix 12-09-27.03 - Dominik 28.09.2012  21:55:03.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4085.2608 [GMT 2:00]
ausgeführt von:: c:\users\Dominik\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-28 bis 2012-09-28  ))))))))))))))))))))))))))))))
.
.
2012-09-28 20:02 . 2012-09-28 20:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-28 20:02 . 2012-09-28 20:02	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{800C71BA-727E-4D96-93EC-3CB3B3CC02C9}\offreg.dll
2012-09-28 08:55 . 2012-08-30 07:27	9308616	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{800C71BA-727E-4D96-93EC-3CB3B3CC02C9}\mpengine.dll
2012-09-27 20:25 . 2012-09-27 20:25	--------	d-----w-	C:\_OTL
2012-09-26 09:50 . 2012-08-21 21:01	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-09-23 10:50 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-23 10:49 . 2012-09-23 10:49	--------	d-----w-	c:\program files\iPod
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\program files\iTunes
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\program files (x86)\iTunes
2012-09-21 20:25 . 2012-09-28 13:24	--------	d-----w-	c:\users\UpdatusUser.Dominik-PCA
2012-09-21 20:24 . 2012-08-30 16:18	891240	----a-w-	c:\windows\system32\nvvsvc.exe
2012-09-21 20:24 . 2012-08-30 16:18	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-09-21 20:24 . 2012-08-30 16:18	2557800	----a-w-	c:\windows\system32\nvsvcr.dll
2012-09-21 20:24 . 2012-08-30 16:18	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-09-21 20:24 . 2012-08-30 16:18	3487434	----a-w-	c:\windows\system32\nvcoproc.bin
2012-09-21 20:24 . 2012-08-30 16:18	3266920	----a-w-	c:\windows\system32\nvsvc64.dll
2012-09-21 20:24 . 2012-08-30 16:17	6198120	----a-w-	c:\windows\system32\nvcpl.dll
2012-09-21 20:24 . 2012-08-30 19:14	60776	----a-w-	c:\windows\system32\OpenCL.dll
2012-09-21 20:24 . 2012-08-30 19:14	52584	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-09-21 20:24 . 2012-09-21 20:24	--------	d-----w-	c:\programdata\NVIDIA Corporation
2012-09-21 20:14 . 2012-09-21 20:14	0	----a-w-	c:\windows\ativpsrm.bin
2012-09-21 11:16 . 2012-09-21 11:16	--------	d-----w-	c:\users\Dominik\AppData\Local\ElevatedDiagnostics
2012-09-19 20:41 . 2012-09-19 20:41	--------	d-----w-	c:\program files (x86)\ESET
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Malwarebytes
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\programdata\Malwarebytes
2012-09-19 12:40 . 2012-09-07 15:04	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-09-12 08:01 . 2012-08-22 18:12	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-12 08:01 . 2012-08-22 18:12	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-12 08:01 . 2012-08-02 17:58	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-09-12 08:01 . 2012-08-02 16:57	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-09-12 08:01 . 2012-07-04 20:26	41472	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 08:01 . 2012-08-22 18:12	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-12 08:01 . 2012-08-22 18:12	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-06 20:22 . 2012-09-28 19:31	--------	d-----w-	c:\users\Dominik\AppData\Local\F833A6A9-DA5F-441D-9BF8-9CB3465A1588.aplzod
2012-09-03 13:09 . 2012-09-03 13:09	--------	d-----w-	c:\program files (x86)\Winamp Detect
2012-09-03 13:09 . 2012-09-03 13:09	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-09-03 13:09 . 2012-09-03 19:45	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Winamp
2012-09-03 13:09 . 2012-09-03 13:10	--------	d-----w-	c:\program files (x86)\Winamp
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-09-03 13:02 . 2012-09-03 13:02	--------	d-----w-	c:\program files (x86)\QuickTime
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 14:58 . 2012-04-17 09:11	696240	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 14:58 . 2012-03-09 13:38	73136	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-12 21:39 . 2012-08-10 11:33	64462936	----a-w-	c:\windows\system32\MRT.exe
2012-08-21 11:01 . 2012-03-11 20:51	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-03-11 20:51	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2012-07-18 18:15 . 2012-08-15 19:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-07-09 11:42 . 2012-07-09 11:42	4547984	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42	52736	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2012-07-04 22:16 . 2012-08-15 19:15	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 19:15	59392	----a-w-	c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-15 19:15	136704	----a-w-	c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-15 19:15	41984	----a-w-	c:\windows\SysWow64\browcli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-02-22 6591800]
"Spotify Web Helper"="c:\users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-24 1193176]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-09-10 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ICQ Lite"="c:\program files (x86)\ICQLite\ICQLite.exe" [2005-02-03 2903632]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-20 74752]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 PCSUService;PC Speed Up Service;c:\program files (x86)\PC Beschleunigen\PCSUService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 adp3132;adp3132;c:\windows\system32\drivers\adp3132.sys [2010-01-28 385072]
R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys [2011-05-20 282704]
R3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2011-03-17 87168]
R3 amdide64;amdide64;c:\windows\system32\drivers\amdide64.sys [2007-10-12 10632]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2011-03-17 188544]
R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys [2011-09-21 49760]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-10-03 129512]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-10-03 394728]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-15 183560]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys [2012-01-06 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys [2012-01-06 84608]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys [2011-11-04 221440]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys [2011-11-04 70912]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2011-10-12 562456]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys [2011-10-12 630552]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
R3 ISASerial;PCIe-ISA Communication Port;c:\windows\system32\drivers\ISASerial.sys [2008-02-20 72192]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-07-13 69736]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys [2012-01-05 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
R3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys [2009-07-15 27664]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys [2011-06-16 24880]
R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [2011-06-16 310576]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\drivers\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\nmserial.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\drivers\NVAMACPI.sys [2009-07-16 28192]
R3 PciIsaSerial;PCI-ISA Communication Port;c:\windows\system32\drivers\PciIsaSerial.sys [2008-05-22 72192]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys [2008-05-22 95744]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys [2008-05-22 126464]
R3 PPorts;PCIe ECP Parallel Port;c:\windows\system32\drivers\PPorts.sys [2008-02-20 95744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-10-29 250984]
R3 Si3124r5;Si3124r5;c:\windows\system32\drivers\Si3124r5.sys [2010-04-13 340008]
R3 SPorts;High-Speed PCIe Serial Port;c:\windows\system32\drivers\SPorts.sys [2008-02-20 124416]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [2011-07-20 136000]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-07-20 406336]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys [2011-05-21 176640]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys [2011-05-21 230400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2011-10-12 23832]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-12-06 235520]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-03-11 40960]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 44391291
*Deregistered* - 44391291
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 14:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"Ocs_SM"="c:\users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-03-11 106496]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\MozillaProfil\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.fm-o.com/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-PCSpeedUp - c:\program files (x86)\PC Beschleunigen\PCSUNotifier.exe
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-28  22:04:17
ComboFix-quarantined-files.txt  2012-09-28 20:04
.
Vor Suchlauf: 12 Verzeichnis(se), 364.774.432.768 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 364.747.669.504 Bytes frei
.
- - End Of File - - C35B3F8158FC18EA0B668902BA26A25E


Edit: Grade gesehen, dass ich den Windows Defender vergessen hab auszumachen.

Soll ich den scan nochmal machen ?

Alt 28.09.2012, 21:26   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Nein, mach so weiter

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
ATTFilter
Firefox::
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\MozillaProfil\
FF - prefs.js: browser.search.defaulturl - http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.startup.homepage - http://www.fm-o.com/
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.09.2012, 21:54   #25
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Hier die Combofix:

Code:
ATTFilter
ComboFix 12-09-27.03 - Dominik 28.09.2012  22:45:39.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4085.2136 [GMT 2:00]
ausgeführt von:: c:\users\Dominik\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Dominik\Desktop\CFScript.txt.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-28 bis 2012-09-28  ))))))))))))))))))))))))))))))
.
.
2012-09-28 20:49 . 2012-09-28 20:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-09-28 20:49 . 2012-09-28 20:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-28 08:55 . 2012-08-30 07:27	9308616	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{800C71BA-727E-4D96-93EC-3CB3B3CC02C9}\mpengine.dll
2012-09-27 20:25 . 2012-09-27 20:25	--------	d-----w-	C:\_OTL
2012-09-26 09:50 . 2012-08-21 21:01	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-09-23 10:50 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-23 10:49 . 2012-09-23 10:49	--------	d-----w-	c:\program files\iPod
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\program files\iTunes
2012-09-23 10:49 . 2012-09-23 10:50	--------	d-----w-	c:\program files (x86)\iTunes
2012-09-21 20:25 . 2012-09-28 13:24	--------	d-----w-	c:\users\UpdatusUser.Dominik-PCA
2012-09-21 20:24 . 2012-08-30 16:18	891240	----a-w-	c:\windows\system32\nvvsvc.exe
2012-09-21 20:24 . 2012-08-30 16:18	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-09-21 20:24 . 2012-08-30 16:18	2557800	----a-w-	c:\windows\system32\nvsvcr.dll
2012-09-21 20:24 . 2012-08-30 16:18	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-09-21 20:24 . 2012-08-30 16:18	3487434	----a-w-	c:\windows\system32\nvcoproc.bin
2012-09-21 20:24 . 2012-08-30 16:18	3266920	----a-w-	c:\windows\system32\nvsvc64.dll
2012-09-21 20:24 . 2012-08-30 16:17	6198120	----a-w-	c:\windows\system32\nvcpl.dll
2012-09-21 20:24 . 2012-08-30 19:14	60776	----a-w-	c:\windows\system32\OpenCL.dll
2012-09-21 20:24 . 2012-08-30 19:14	52584	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-09-21 20:24 . 2012-09-21 20:24	--------	d-----w-	c:\programdata\NVIDIA Corporation
2012-09-21 20:14 . 2012-09-21 20:14	0	----a-w-	c:\windows\ativpsrm.bin
2012-09-21 11:16 . 2012-09-21 11:16	--------	d-----w-	c:\users\Dominik\AppData\Local\ElevatedDiagnostics
2012-09-19 20:41 . 2012-09-19 20:41	--------	d-----w-	c:\program files (x86)\ESET
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Malwarebytes
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-19 12:40 . 2012-09-19 12:40	--------	d-----w-	c:\programdata\Malwarebytes
2012-09-19 12:40 . 2012-09-07 15:04	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-09-12 08:01 . 2012-08-22 18:12	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-12 08:01 . 2012-08-22 18:12	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-12 08:01 . 2012-08-02 17:58	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-09-12 08:01 . 2012-08-02 16:57	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-09-12 08:01 . 2012-07-04 20:26	41472	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 08:01 . 2012-08-22 18:12	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-12 08:01 . 2012-08-22 18:12	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-06 20:22 . 2012-09-28 20:18	--------	d-----w-	c:\users\Dominik\AppData\Local\F833A6A9-DA5F-441D-9BF8-9CB3465A1588.aplzod
2012-09-03 13:09 . 2012-09-03 13:09	--------	d-----w-	c:\program files (x86)\Winamp Detect
2012-09-03 13:09 . 2012-09-03 13:09	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2012-09-03 13:09 . 2012-09-03 19:45	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Winamp
2012-09-03 13:09 . 2012-09-03 13:10	--------	d-----w-	c:\program files (x86)\Winamp
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-09-03 13:02 . 2012-09-03 13:02	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-09-03 13:02 . 2012-09-03 13:02	--------	d-----w-	c:\program files (x86)\QuickTime
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 14:58 . 2012-04-17 09:11	696240	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 14:58 . 2012-03-09 13:38	73136	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-12 21:39 . 2012-08-10 11:33	64462936	----a-w-	c:\windows\system32\MRT.exe
2012-08-21 11:01 . 2012-03-11 20:51	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-03-11 20:51	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2012-07-18 18:15 . 2012-08-15 19:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-07-09 11:42 . 2012-07-09 11:42	4547984	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42	52736	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2012-07-04 22:16 . 2012-08-15 19:15	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 19:15	59392	----a-w-	c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-15 19:15	136704	----a-w-	c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-15 19:15	41984	----a-w-	c:\windows\SysWow64\browcli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-02-22 6591800]
"Spotify Web Helper"="c:\users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-24 1193176]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-09-10 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ICQ Lite"="c:\program files (x86)\ICQLite\ICQLite.exe" [2005-02-03 2903632]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-20 74752]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 PCSUService;PC Speed Up Service;c:\program files (x86)\PC Beschleunigen\PCSUService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 adp3132;adp3132;c:\windows\system32\drivers\adp3132.sys [2010-01-28 385072]
R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys [2011-05-20 282704]
R3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2011-03-17 87168]
R3 amdide64;amdide64;c:\windows\system32\drivers\amdide64.sys [2007-10-12 10632]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2011-03-17 188544]
R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys [2011-09-21 49760]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-10-03 129512]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-10-03 394728]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-15 183560]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys [2012-01-06 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys [2012-01-06 84608]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys [2011-11-04 221440]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys [2011-11-04 70912]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys [2011-10-12 562456]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys [2011-10-12 630552]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]
R3 ISASerial;PCIe-ISA Communication Port;c:\windows\system32\drivers\ISASerial.sys [2008-02-20 72192]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-07-13 69736]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys [2012-01-05 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
R3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys [2009-07-15 27664]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys [2011-06-16 24880]
R3 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys [2011-06-16 310576]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
R3 NmPar;MosChip PCI Parallel Port;c:\windows\system32\drivers\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\nmserial.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\drivers\NVAMACPI.sys [2009-07-16 28192]
R3 PciIsaSerial;PCI-ISA Communication Port;c:\windows\system32\drivers\PciIsaSerial.sys [2008-05-22 72192]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys [2008-05-22 95744]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys [2008-05-22 126464]
R3 PPorts;PCIe ECP Parallel Port;c:\windows\system32\drivers\PPorts.sys [2008-02-20 95744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-10-29 250984]
R3 Si3124r5;Si3124r5;c:\windows\system32\drivers\Si3124r5.sys [2010-04-13 340008]
R3 SPorts;High-Speed PCIe Serial Port;c:\windows\system32\drivers\SPorts.sys [2008-02-20 124416]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [2011-07-20 136000]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-07-20 406336]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys [2011-05-21 176640]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys [2011-05-21 230400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys [2011-10-12 23832]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-12-06 235520]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-03-11 40960]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 44391291
*Deregistered* - 44391291
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 14:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"Ocs_SM"="c:\users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-03-11 106496]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\MozillaProfil\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-28  22:50:25
ComboFix-quarantined-files.txt  2012-09-28 20:50
ComboFix2.txt  2012-09-28 20:04
.
Vor Suchlauf: 17 Verzeichnis(se), 364.793.630.720 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 364.725.321.728 Bytes frei
.
- - End Of File - - F14FFB67BAE7BBF658BD2B3241289734

Alt 28.09.2012, 22:22   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.10.2012, 13:05   #27
dommymaster
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


einmal OSAM:

Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:45:48 on 04.10.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Mozilla Corporation Firefox 15.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"MosChip PCI Parallel Port" (NmPar) - ? - C:\Windows\system32\drivers\NmPar.sys  (File not found)
"MosChip PCI Serial Port" (nmserial) - ? - C:\Windows\system32\drivers\nmserial.sys  (File not found)
"TechniSat Mantis BDA HID Driver" (MtsHID) - "TechniSat Provide" - C:\Windows\system32\drivers\MtsHID.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Program Files (x86)\ICQLite\ICQLiteShell.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -   (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
{E601996F-E400-41CA-804B-CD6373A7EEE2} "ClsidExtension" - ? -   (File not found | COM-object registry key not found)
"ICQ Lite" - "ICQ Ltd." - C:\Program Files (x86)\ICQLite\ICQLite.exe
"ICQ7.7" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.7\ICQ.exe
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
<binary data> "Yahoo! Toolbar" - "Yahoo! Inc." - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{02478D38-C3F9-4efb-9B51-7695ECA05670} "&Yahoo! Toolbar Helper" - "Yahoo! Inc." - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"ApplePhotoStreams" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
"iCloudServices" - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
"Messenger (Yahoo!)" - "Yahoo! Inc." - "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
"msnmsgr" - "Microsoft Corporation" - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
"Spotify Web Helper" - ? - "C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  (File found, but it contains no detailed information)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce )-----
"ICQ Lite" - "ICQ Ltd." - C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"BCSSync" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"ICQ Lite" - "ICQ Ltd." - C:\Program Files (x86)\ICQLite\ICQLite.exe -minimize
"iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"CutePDF Writer Monitor" - ? - C:\Windows\system32\cpwmon64.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"PC Speed Up Service" (PCSUService) - ? - C:\Program Files (x86)\PC Beschleunigen\PCSUService.exe  (File not found)
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
"SearchAnonymizer" (SearchAnonymizer) - ? - C:\Users\Dominik\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
"Yahoo! Updater" (YahooAUService) - "Yahoo! Inc." - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

und aswMBR:

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-04 14:01:39
-----------------------------
14:01:39.197    OS Version: Windows x64 6.1.7601 Service Pack 1
14:01:39.197    Number of processors: 4 586 0x2A07
14:01:39.198    ComputerName: DOMINIK-PCA  UserName: Dominik
14:01:40.271    Initialize success
14:01:45.151    AVAST engine defs: 12100302
14:01:53.272    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:01:53.275    Disk 0 Vendor: WDC_WD10 51.0 Size: 953869MB BusType: 3
14:01:53.294    Disk 0 MBR read successfully
14:01:53.297    Disk 0 MBR scan
14:01:53.302    Disk 0 Windows 7 default MBR code
14:01:53.307    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       476932 MB offset 2048
14:01:53.332    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       476935 MB offset 976758784
14:01:53.362    Disk 0 scanning C:\Windows\system32\drivers
14:02:02.236    Service scanning
14:02:19.022    Modules scanning
14:02:19.030    Disk 0 trace - called modules:
14:02:19.044    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys iaStor.sys hal.dll 
14:02:19.049    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f3b790]
14:02:19.379    3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> [0xfffffa8004c13a90]
14:02:19.385    5 iaStorF.sys[fffff88001ab22fa] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f3e050]
14:02:19.391    Scan finished successfully
14:04:14.005    Disk 0 MBR has been saved successfully to "C:\Users\Dominik\Desktop\MBR.dat"
14:04:14.008    The log file has been saved successfully to "C:\Users\Dominik\Desktop\aswMBR.txt"

Alt 04.10.2012, 13:32   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
EXP/JAVA.Ternub.Gen auf meinem PC - Standard

EXP/JAVA.Ternub.Gen auf meinem PC


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu EXP/JAVA.Ternub.Gen auf meinem PC
antivir, autorun, avg, avira, bho, bingbar, bonjour, cleaner pro, document, error, failed, firefox, flash player, format, home, install.exe, installation, logfile, mozilla, nvidia update, plug-in, realtek, registry, rundll, scan, security, senden, spotify web helper, svchost.exe, teamspeak, udp, windows, wsearch


« ADWARE/InstallBrain.Gen | Trojaner eingefangen der immer meine McAffey Firewall deaktiviert »


Ähnliche Themen: EXP/JAVA.Ternub.Gen auf meinem PC


  1. Virenfunde u.a. EXP/JAVA.Ternub.Gen
    Log-Analyse und Auswertung - 30.10.2013 (14)
  2. Virenfund EXP/JAVA.Ternub.Gen, entfernt nach Deinstallation von Java?
    Log-Analyse und Auswertung - 22.07.2013 (13)
  3. Avira Fund exp/java.ternub.gen
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (15)
  4. EXP/JAVA.Ternub.Gen und JS/Blacole.GB.153
    Log-Analyse und Auswertung - 14.06.2013 (19)
  5. Avira Antivir findet JAVA/Agent.LP, EXP/JAVA.Ternub.Gen und EXP/CVE-2012-0507.AR
    Log-Analyse und Auswertung - 21.01.2013 (1)
  6. Ohja, EXP/JAVA.Ternub.Gen
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (13)
  7. AviraExploitsfunde:EXP/2011-3544.CZ.2; EXP/Java.Ternub.a.6; EXP/Java.Ternub.a.28 &Fund APPL/HideWindows.31232 in C:\Programme\MioNet\cmd.exe
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (33)
  8. Avira-Quarantäneordner mit EXP/JAVA.Ternub.Gen und EXP/08-5353.AJ
    Log-Analyse und Auswertung - 28.09.2012 (9)
  9. exp/java.ternub.gen und Rogue.Installer
    Log-Analyse und Auswertung - 27.09.2012 (11)
  10. Malware EXP/JAVA.Ternub.Gen (GVU-Trojaner) auf Windows 7-PC eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (19)
  11. Mehrere Funde! EXP/JAVA.Ternub.Gen - JAVA/Dldr.Small.CI - JAVA/Dldr.OpenC.A - EXP/08-5353.AI.5.A
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (29)
  12. Avira meldet EXP/JAVA.Ternub.Gen
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (13)
  13. HTML/IFrame.aho und EXP/JAVA.Ternub.Gen
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (21)
  14. exp/java.ternub.gen gefunden
    Log-Analyse und Auswertung - 13.07.2012 (0)
  15. EXP/JAVA.Ternub.Gen gefunden
    Log-Analyse und Auswertung - 12.07.2012 (10)
  16. EXP/JAVA.Ternub.Gen
    Log-Analyse und Auswertung - 19.06.2012 (1)
  17. EXP/JAVA.Ternub.Gen
    Plagegeister aller Art und deren Bekämpfung - 13.03.2012 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema EXP/JAVA.Ternub.Gen auf meinem PC - Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: - EXP/JAVA.Ternub.Gen auf meinem PC...
Archiv
Du betrachtest: EXP/JAVA.Ternub.Gen auf meinem PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130