Malewarebytes findet ganz viele PUPBlabbers

Fabienne · 13.10.2012, 01:45

Hallo ihr,

ich habe eben einen Scan mit Malewarebytes durchgeführt und bin ganz erschrocken, dass über 30 infizierte Objekte gefunden wurden.
Es sind ausschließlich PUPBlabbers.

Ich benutze als Anti-Virenprogramm Avast Security System und es sagt mir oft mehrmals am Tag, dass die Virendatenbank aktualisiert wurde - deswegen hätte ich jetzt nicht mit so vielen Infizierungen gerechnet.

Ich hoffe es ist ok, wenn ich schonmal den Malewarebytes-Log hier poste.
Bei Vista finde ich den manchmal nicht wieder.

Zitat:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.12.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Fabiènne :: FABIÈNNE-PC [Administrator]

13.10.2012 01:49:09
mbam-log-2012-10-13 (02-16-03).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211315
Laufzeit: 11 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 20
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Dateien: 11
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.

(Ende)

Ich hoffe ihr könnt mir weiterhelfen.
Danke schonmal im Voraus.

LG Fabienne

cosinus · 13.10.2012, 14:25

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Fabienne · 13.10.2012, 15:52

Danke für deine Antwort.

Hier ist der Log vom Vollscan:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Surfen :: FABIÈNNE-PC [limited]

13.10.2012 15:29:19
mbam-log-2012-10-13 (15-29-19).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 300533
Time elapsed: 1 hour(s), 4 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Fabiènne\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> No action taken.

Ich hatte gestern alle Funde in die Quarantäne verschoben....wenn ich da heute draufklicke sind sie nicht mehr drin. Grad wars wieder das gleiche -hab sie verschoben und als ich Malewarebytes neu geöffnet habe, waren sie nicht mehr da. Ist das normal?

Hier kommen noch die älteren Logs:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.24.12

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Surfen :: FABIÈNNE-PC [limited]

25.07.2012 02:03:09
mbam-log-2012-07-25 (02-03-09).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 287212
Time elapsed: 1 hour(s), 8 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Die sind alle ohne Befund. Soll ich trotzdem alle posten?

LG Fabienne

cosinus · 13.10.2012, 17:50

Nein die reichen mir

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Fabienne · 13.10.2012, 22:07

ok, habe alles geschafft...

der log sieht so aus:

Code:

ATTFilter

 
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9e8b27a129deed46b1ad5f7a705aec97
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-13 06:40:47
# local_time=2012-10-13 08:40:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776573 100 100 111510 187686326 0 0
# compatibility_mode=8192 67108863 100 0 221 221 0 0
# scanned=597
# found=0
# cleaned=0
# scan_time=48
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=9e8b27a129deed46b1ad5f7a705aec97
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-13 08:54:17
# local_time=2012-10-13 10:54:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776573 100 100 111612 187686428 0 0
# compatibility_mode=8192 67108863 100 0 323 323 0 0
# scanned=160443
# found=4
# cleaned=0
# scan_time=7956
C:\Users\Fabiènne\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe	Win32/Toolbar.Funmoods application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Fabiènne\AppData\Roaming\BrowserCompanion\tbhcn.exe	Win32/BrowserCompanion application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Surfen\Downloads\SoftonicDownloader_fuer_10-tage-bis-die-welt-versinkt.exe	a variant of Win32/SoftonicDownloader.E application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Surfen\Downloads\SoftonicDownloader_fuer_age-of-oracles-taras-journey.exe	a variant of Win32/SoftonicDownloader.E application (unable to clean)	00000000000000000000000000000000	I

Danke für deine Mühe!

cosinus · 14.10.2012, 16:02

Code:

ATTFilter

C:\Users\Surfen\Downloads\SoftonicDownloader_fuer_10-tage-bis-die-welt

Vermüllte Software von Softonic scheint gerade stark in Mode zu sein!

Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Fabienne · 14.10.2012, 17:30

Danke dir!

Zitat:

Finger weg von Softonic!!

*hüstel*

alles klar! gut zu wissen...ich spiele gerne wimmelbildspiele - hab mir die jetzt auf cd gekauft.

das sagt adwCleaner:

Code:

ATTFilter

 # AdwCleaner v2.005 - Datei am 14/10/2012 um 18:15:32 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Fabiènne - FABIÈNNE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Surfen\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : \user.js
Datei Gefunden : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\searchplugins\Plusnetwork.xml
Datei Gefunden : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\searchplugins\softonic.xml
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\Fabiènne\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Fabiènne\AppData\LocalLow\Softonic
Ordner Gefunden : C:\Users\Fabiènne\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\bbrs_002@blabbers.com
Ordner Gefunden : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\ffxtlbra@softonic.com
Ordner Gefunden : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\staged
Ordner Gefunden : C:\Users\Surfen\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Surfen\AppData\LocalLow\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=vit4
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\prefs.js

Gefunden : user_pref("browser.search.selectedEngine", "Search the web (Softonic)");
Gefunden : user_pref("extensions.Softonic.admin", false);
Gefunden : user_pref("extensions.Softonic.aflt", "SD");
Gefunden : user_pref("extensions.Softonic.autoRvrt", "false");
Gefunden : user_pref("extensions.Softonic.cntry", "DE");
Gefunden : user_pref("extensions.Softonic.cv", "cv5");
Gefunden : user_pref("extensions.Softonic.dfltLng", "de");
Gefunden : user_pref("extensions.Softonic.dfltSrch", true);
Gefunden : user_pref("extensions.Softonic.dfltlng", "de");
Gefunden : user_pref("extensions.Softonic.dfltsrch", true);
Gefunden : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Gefunden : user_pref("extensions.Softonic.dspOld", "");
Gefunden : user_pref("extensions.Softonic.envrmnt", "production");
Gefunden : user_pref("extensions.Softonic.excTlbr", false);
Gefunden : user_pref("extensions.Softonic.hdrMd5", "3C0F1FCFF3186AFEFBE33E2BB484A809");
Gefunden : user_pref("extensions.Softonic.hmpg", true);
Gefunden : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1[...]
Gefunden : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&[...]
Gefunden : user_pref("extensions.Softonic.hpOld", "");
Gefunden : user_pref("extensions.Softonic.hrdid", "f469a3e50000000000000024d2134395");
Gefunden : user_pref("extensions.Softonic.id", "f469a3e50000000000000024d2134395");
Gefunden : user_pref("extensions.Softonic.instlDay", "15560");
Gefunden : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Gefunden : user_pref("extensions.Softonic.instlday", "15560");
Gefunden : user_pref("extensions.Softonic.instlref", "INF1205T01");
Gefunden : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Gefunden : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gefunden : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gefunden : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.41:57:05");
Gefunden : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Gefunden : user_pref("extensions.Softonic.newTab", true);
Gefunden : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gefunden : user_pref("extensions.Softonic.newtab", true);
Gefunden : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gefunden : user_pref("extensions.Softonic.prdct", "Softonic");
Gefunden : user_pref("extensions.Softonic.propectorlck", 83108679);
Gefunden : user_pref("extensions.Softonic.prtkhmpg", 1);
Gefunden : user_pref("extensions.Softonic.prtnrId", "softonic");
Gefunden : user_pref("extensions.Softonic.prtnrid", "softonic");
Gefunden : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Gefunden : user_pref("extensions.Softonic.savedVrsnTs", "1");
Gefunden : user_pref("extensions.Softonic.sg", "az");
Gefunden : user_pref("extensions.Softonic.smplGrp", "none");
Gefunden : user_pref("extensions.Softonic.smplgrp", "none");
Gefunden : user_pref("extensions.Softonic.srch", "");
Gefunden : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Gefunden : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Gefunden : user_pref("extensions.Softonic.tlbrId", "base");
Gefunden : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gefunden : user_pref("extensions.Softonic.tlbrid", "base");
Gefunden : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gefunden : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Gefunden : user_pref("extensions.Softonic.vrsnTs", "1.6.7.41:57:05");
Gefunden : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Gefunden : user_pref("extensions.Softonic.vrsnts", "1.6.7.41:57:05");
Gefunden : user_pref("extensions.Softonic_i.dnsErr", true);
Gefunden : user_pref("extensions.Softonic_i.hmpg", true);
Gefunden : user_pref("extensions.Softonic_i.newTab", true);
Gefunden : user_pref("extensions.Softonic_i.smplGrp", "none");
Gefunden : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.41:57:05");
Gefunden : user_pref("extensions.enabledAddons", "bbrs_002@blabbers.com:1.0.5,ffxtlbra@softonic.com:1.6.0,{73a6[...]
Gefunden : user_pref("keyword.URL", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");

Profilname : default 
Datei : C:\Users\Surfen\AppData\Roaming\Mozilla\Firefox\Profiles\k4hfcwgp.default\prefs.js

Gefunden : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,{73a6fe31-595d-460b-a920-fcc[...]

-\\ Opera v12.2.1578.0

Datei : C:\Users\Fabiènne\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

Datei : C:\Users\Surfen\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [9346 octets] - [14/10/2012 18:15:32]

########## EOF - \AdwCleaner[R1].txt - [9406 octets] ##########

Du liebe Zeit....alles voll von dem zeug

cosinus · 14.10.2012, 19:58

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Fabienne · 14.10.2012, 21:44

hier is der log:

Code:

ATTFilter

 # AdwCleaner v2.005 - Datei am 14/10/2012 um 22:33:53 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Fabiènne - FABIÈNNE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Surfen\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : \user.js
Datei Gelöscht : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\searchplugins\Plusnetwork.xml
Datei Gelöscht : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\searchplugins\softonic.xml
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Users\Fabiènne\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Fabiènne\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Fabiènne\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\ffxtlbra@softonic.com
Ordner Gelöscht : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\extensions\staged
Ordner Gelöscht : C:\Users\Surfen\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Surfen\AppData\LocalLow\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=vit4 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\prefs.js

C:\Users\Fabiènne\AppData\Roaming\Mozilla\Firefox\Profiles\7sozphux.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.search.selectedEngine", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.admin", false);
Gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Gelöscht : user_pref("extensions.Softonic.cntry", "DE");
Gelöscht : user_pref("extensions.Softonic.cv", "cv5");
Gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Gelöscht : user_pref("extensions.Softonic.dfltlng", "de");
Gelöscht : user_pref("extensions.Softonic.dfltsrch", true);
Gelöscht : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.dspOld", "");
Gelöscht : user_pref("extensions.Softonic.envrmnt", "production");
Gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Gelöscht : user_pref("extensions.Softonic.hdrMd5", "3C0F1FCFF3186AFEFBE33E2BB484A809");
Gelöscht : user_pref("extensions.Softonic.hmpg", true);
Gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1[...]
Gelöscht : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&[...]
Gelöscht : user_pref("extensions.Softonic.hpOld", "");
Gelöscht : user_pref("extensions.Softonic.hrdid", "f469a3e50000000000000024d2134395");
Gelöscht : user_pref("extensions.Softonic.id", "f469a3e50000000000000024d2134395");
Gelöscht : user_pref("extensions.Softonic.instlDay", "15560");
Gelöscht : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Gelöscht : user_pref("extensions.Softonic.instlday", "15560");
Gelöscht : user_pref("extensions.Softonic.instlref", "INF1205T01");
Gelöscht : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Gelöscht : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gelöscht : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gelöscht : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.41:57:05");
Gelöscht : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Gelöscht : user_pref("extensions.Softonic.newTab", true);
Gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gelöscht : user_pref("extensions.Softonic.newtab", true);
Gelöscht : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Gelöscht : user_pref("extensions.Softonic.propectorlck", 83108679);
Gelöscht : user_pref("extensions.Softonic.prtkhmpg", 1);
Gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Gelöscht : user_pref("extensions.Softonic.prtnrid", "softonic");
Gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Gelöscht : user_pref("extensions.Softonic.savedVrsnTs", "1");
Gelöscht : user_pref("extensions.Softonic.sg", "az");
Gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Gelöscht : user_pref("extensions.Softonic.smplgrp", "none");
Gelöscht : user_pref("extensions.Softonic.srch", "");
Gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gelöscht : user_pref("extensions.Softonic.tlbrid", "base");
Gelöscht : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gelöscht : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.6.7.41:57:05");
Gelöscht : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Gelöscht : user_pref("extensions.Softonic.vrsnts", "1.6.7.41:57:05");
Gelöscht : user_pref("extensions.Softonic_i.dnsErr", true);
Gelöscht : user_pref("extensions.Softonic_i.hmpg", true);
Gelöscht : user_pref("extensions.Softonic_i.newTab", true);
Gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.41:57:05");
Gelöscht : user_pref("extensions.enabledAddons", "bbrs_002@blabbers.com:1.0.5,ffxtlbra@softonic.com:1.6.0,{73a6[...]
Gelöscht : user_pref("keyword.URL", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");

Profilname : default 
Datei : C:\Users\Surfen\AppData\Roaming\Mozilla\Firefox\Profiles\k4hfcwgp.default\prefs.js

Gelöscht : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,{73a6fe31-595d-460b-a920-fcc[...]

-\\ Opera v12.2.1578.0

Datei : C:\Users\Fabiènne\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

Datei : C:\Users\Surfen\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [9198 octets] - [14/10/2012 22:33:53]
AdwCleaner[R2].txt - [9533 octets] - [14/10/2012 18:16:16]
AdwCleaner[R1].txt - [9473 octets] - [14/10/2012 18:15:32]

########## EOF - \AdwCleaner[S1].txt - [9378 octets] ##########

cosinus · 15.10.2012, 13:18

Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Fabienne · 15.10.2012, 19:28

Hallo,

Windows ging die ganze Zeit über und macht auch weiterhin keine Probleme.
Ich bin überhaupt nur auf die Idee gekommen, dass was nicht stimmt, weil der Lappi sehr oft beim Hochfahren hängenblieb und ich beim Wechseln der Tabs immerzu das Fenster noch gesehen habe,was ich vorher mal offen hatte.

Im Startmenu sind alle Orner vorhanden und ich habe auch keinen leeren gefunden.

LG Fabienne

cosinus · 15.10.2012, 20:58

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Fabienne · 15.10.2012, 21:47

sooo, auch das wäre geschafft.

hier is der log:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 15.10.2012 22:14:19 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Surfen\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,96 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 61,77% Memory free
4,15 Gb Paging File | 3,24 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109,88 Gb Total Space | 32,64 Gb Free Space | 29,71% Space Free | Partition Type: NTFS
Drive D: | 110,00 Gb Total Space | 84,69 Gb Free Space | 76,99% Space Free | Partition Type: NTFS
 
Computer Name: FABIÈNNE-PC | User Name: Fabiènne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.15 22:12:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Surfen\Downloads\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.21 11:12:23 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Users\Fabiènne\Desktop\PSI\PSIA.exe
PRC - [2011.04.19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Users\Fabiènne\Desktop\PSI\psi_tray.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.08 02:19:12 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008.10.06 11:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.08.26 02:59:54 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2008.08.07 04:55:38 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.07.10 13:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.07.10 13:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.12 06:19:52 | 000,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2001.02.23 11:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.08.23 19:58:06 | 000,094,208 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll
MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.09 14:34:45 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.08 15:02:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.21 11:12:23 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.13 16:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Users\Fabiènne\Desktop\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2008.07.10 13:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.07.10 13:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2001.02.23 11:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VMC326.sys -- (VMC326)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VMC302.sys -- (VMC302)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,202,928 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.08.21 11:13:13 | 000,113,776 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:44:51 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2009.12.17 16:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007.05.23 10:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\..\SearchScopes\{394C5622-9D9B-4C92-BB8E-B71EDC23138A}: "URL" = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=69
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http:\\www.samsungcomputer.com
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1004\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1867499432-3885610887-3941038006-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://google.de/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.16 11:54:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.23 22:05:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.08 15:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.15 13:54:28 | 000,000,000 | ---D | M]
 
[2011.07.09 03:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\Extensions
[2012.10.14 22:33:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\Firefox\Profiles\7sozphux.default\extensions
[2012.05.27 03:41:55 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\Firefox\Profiles\7sozphux.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.10.13 20:30:18 | 000,518,756 | ---- | M] () (No name found) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\firefox\profiles\7sozphux.default\extensions\toolbar@web.de.xpi
[2012.08.09 23:50:48 | 000,526,190 | ---- | M] () (No name found) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\firefox\profiles\7sozphux.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.08.09 23:50:48 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Fabiènne\AppData\Roaming\mozilla\firefox\profiles\7sozphux.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.07 01:52:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\FABIÃ¨NNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7SOZPHUX.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
File not found (No name found) -- C:\USERS\FABIÃ¨NNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7SOZPHUX.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
File not found (No name found) -- C:\USERS\FABIÃ¨NNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7SOZPHUX.DEFAULT\EXTENSIONS\BBRS_002@BLABBERS.COM
File not found (No name found) -- C:\USERS\FABIÃ¨NNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7SOZPHUX.DEFAULT\EXTENSIONS\FFXTLBRA@SOFTONIC.COM
[2012.09.08 15:02:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.08 15:02:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003..\Run: [Exetender_148] "C:\Program Files\FreeRide Games\GPlayer.exe" /schedule 300000 File not found
O4 - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003..\Run: [Spiele Post] C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe File not found
O4 - HKU\S-1-5-21-1867499432-3885610887-3941038006-1004..\Run: [Exetender_148] "C:\Program Files\FreeRide Games\GPlayer.exe" /schedule 300000 File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003..\RunOnce: [DependencyCheck] Performed File not found
O4 - HKU\S-1-5-21-1867499432-3885610887-3941038006-1003..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\Fabiènne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk =  File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}  (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{325B4744-7293-499E-87B7-6D35321CA512}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Fabiènne\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Fabiènne\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{879af369-a9c1-11e0-8640-001377e0973a}\Shell - "" = AutoRun
O33 - MountPoints2\{879af369-a9c1-11e0-8640-001377e0973a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{c7146092-fbfa-11dd-9f2a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c7146092-fbfa-11dd-9f2a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe /AUTORUN
O33 - MountPoints2\{c7146092-fbfa-11dd-9f2a-806e6f6e6963}\Shell\configure\command - "" = E:\setup.exe
O33 - MountPoints2\{c7146092-fbfa-11dd-9f2a-806e6f6e6963}\Shell\install\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\SL_ANET.ACM (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 20:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.13 20:35:51 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Fabiènne\Desktop\esetsmartinstaller_enu.exe
[2012.10.13 01:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.13 01:48:03 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.13 01:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.07 02:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.15 21:54:53 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 21:54:53 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 21:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.15 19:54:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.15 19:54:49 | 2106,179,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.13 20:35:53 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Fabiènne\Desktop\esetsmartinstaller_enu.exe
[2012.10.13 01:48:05 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.27 13:44:03 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.27 13:44:03 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.27 13:44:03 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.27 13:44:02 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
 
========== Files Created - No Company Name ==========
 
[2012.10.13 01:48:05 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.07 03:02:28 | 000,000,880 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.02.01 11:32:56 | 000,000,000 | ---- | C] () -- C:\Users\Fabiènne\defogger_reenable
[2011.11.21 19:04:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.07.12 00:57:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.07.12 00:57:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.07.10 03:24:53 | 000,005,632 | ---- | C] () -- C:\Users\Fabiènne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.11 19:10:52 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011.02.11 19:10:50 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011.02.11 19:10:50 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.02.11 18:38:44 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.08.03 01:52:40 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Absolutist
[2012.08.02 03:22:43 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Alawar Entertainment
[2012.08.10 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\AlawarEntertainment
[2011.07.14 01:42:41 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\BSW
[2012.08.09 23:08:24 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\FlyWheelGames
[2012.08.10 21:48:00 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Freeze Tag
[2011.07.09 03:05:46 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Opera
[2012.08.09 23:57:03 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Phantasmat_intenium_se
[2012.08.02 21:33:31 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\SpinTop Games
[2011.07.20 02:33:27 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\SumatraPDF
[2012.08.02 20:45:40 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Alawar Entertainment
[2012.08.04 17:34:06 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Ancient Quest of Saqqarah_alawar
[2011.12.09 04:58:28 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\BSW
[2012.08.03 14:20:38 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Cat's Eye Games
[2012.08.03 14:15:45 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Exent Technologies
[2012.05.09 01:23:11 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\FileZilla
[2012.08.29 02:25:30 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Freeze Tag
[2011.12.04 03:25:04 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Nik Software
[2011.09.11 18:36:23 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Opera
[2012.08.04 02:35:20 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Phantasmat_alawar_se
[2012.08.10 01:44:03 | 000,000,000 | ---D | M] -- C:\Users\Surfen\AppData\Roaming\Phantasmat_intenium_se
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.08.03 01:52:40 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Absolutist
[2011.07.09 23:17:21 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Adobe
[2012.08.02 03:22:43 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Alawar Entertainment
[2012.08.10 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\AlawarEntertainment
[2011.07.14 01:42:41 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\BSW
[2011.10.29 18:33:30 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\DivX
[2012.08.09 23:08:24 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\FlyWheelGames
[2012.08.10 21:48:00 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Freeze Tag
[2009.03.29 19:52:06 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Identities
[2011.07.10 01:44:39 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Macromedia
[2012.02.13 14:35:14 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Media Center Programs
[2012.08.23 21:53:31 | 000,000,000 | --SD | M] -- C:\Users\Fabiènne\AppData\Roaming\Microsoft
[2011.07.09 03:31:40 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Mozilla
[2011.07.09 03:05:46 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Opera
[2012.08.09 23:57:03 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\Phantasmat_intenium_se
[2012.08.02 21:33:31 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\SpinTop Games
[2011.07.20 02:33:27 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\SumatraPDF
[2012.08.02 02:05:09 | 000,000,000 | ---D | M] -- C:\Users\Fabiènne\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2008.07.22 08:33:26 | 000,396,312 | ---- | M] (Intel Corporation) MD5=5C62352AFF7F1FB36B2C19329F7C949D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.07.22 08:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.22 08:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.22 08:33:02 | 000,319,000 | ---- | M] (Intel Corporation) MD5=ABFEBC5F846C71AFEBD7F8F6BA740C03 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_783fb8da\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

--- --- ---

cosinus · 16.10.2012, 16:09

Ist ziemlich unauffällig

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Fabienne · 17.10.2012, 14:41

hab ich erledigt...

er hat 4 sachen bemängelt:

Code:

ATTFilter

 15:30:12.0507 5580  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:30:12.0769 5580  ============================================================
15:30:12.0769 5580  Current date / time: 2012/10/17 15:30:12.0769
15:30:12.0769 5580  SystemInfo:
15:30:12.0769 5580  
15:30:12.0770 5580  OS Version: 6.0.6002 ServicePack: 2.0
15:30:12.0770 5580  Product type: Workstation
15:30:12.0770 5580  ComputerName: FABIÈNNE-PC
15:30:12.0770 5580  UserName: Fabiènne
15:30:12.0770 5580  Windows directory: C:\Windows
15:30:12.0770 5580  System windows directory: C:\Windows
15:30:12.0770 5580  Processor architecture: Intel x86
15:30:12.0770 5580  Number of processors: 2
15:30:12.0770 5580  Page size: 0x1000
15:30:12.0770 5580  Boot type: Normal boot
15:30:12.0770 5580  ============================================================
15:30:13.0453 5580  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:30:13.0491 5580  ============================================================
15:30:13.0491 5580  \Device\Harddisk0\DR0:
15:30:13.0491 5580  MBR partitions:
15:30:13.0491 5580  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0xDBC3800
15:30:13.0491 5580  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF5C4000, BlocksNum 0xDC01000
15:30:13.0491 5580  ============================================================
15:30:13.0530 5580  C: <-> \Device\Harddisk0\DR0\Partition1
15:30:13.0633 5580  D: <-> \Device\Harddisk0\DR0\Partition2
15:30:13.0633 5580  ============================================================
15:30:13.0633 5580  Initialize success
15:30:13.0634 5580  ============================================================
15:30:45.0569 4756  ============================================================
15:30:45.0569 4756  Scan started
15:30:45.0569 4756  Mode: Manual; SigCheck; TDLFS; 
15:30:45.0569 4756  ============================================================
15:30:45.0959 4756  ================ Scan system memory ========================
15:30:45.0959 4756  System memory - ok
15:30:45.0959 4756  ================ Scan services =============================
15:30:46.0177 4756  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:30:46.0364 4756  ACPI - ok
15:30:46.0458 4756  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:30:46.0473 4756  AdobeARMservice - ok
15:30:46.0536 4756  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:30:46.0551 4756  AdobeFlashPlayerUpdateSvc - ok
15:30:46.0598 4756  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:30:46.0629 4756  adp94xx - ok
15:30:46.0692 4756  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:30:46.0723 4756  adpahci - ok
15:30:46.0754 4756  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:30:46.0770 4756  adpu160m - ok
15:30:46.0801 4756  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:30:46.0817 4756  adpu320 - ok
15:30:46.0848 4756  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:30:47.0035 4756  AeLookupSvc - ok
15:30:47.0097 4756  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
15:30:47.0175 4756  AFD - ok
15:30:47.0238 4756  [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
15:30:47.0378 4756  AgereSoftModem - ok
15:30:47.0425 4756  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:30:47.0441 4756  agp440 - ok
15:30:47.0472 4756  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:30:47.0503 4756  aic78xx - ok
15:30:47.0519 4756  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
15:30:47.0581 4756  ALG - ok
15:30:47.0612 4756  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:30:47.0628 4756  aliide - ok
15:30:47.0643 4756  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:30:47.0659 4756  amdagp - ok
15:30:47.0675 4756  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:30:47.0690 4756  amdide - ok
15:30:47.0721 4756  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:30:47.0768 4756  AmdK7 - ok
15:30:47.0784 4756  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:30:47.0846 4756  AmdK8 - ok
15:30:47.0877 4756  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
15:30:47.0940 4756  Appinfo - ok
15:30:47.0971 4756  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
15:30:47.0987 4756  arc - ok
15:30:48.0018 4756  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:30:48.0033 4756  arcsas - ok
15:30:48.0080 4756  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:30:48.0455 4756  aswFsBlk - ok
15:30:48.0595 4756  [ 09678587C5C70F91720631EF048B4744 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
15:30:48.0626 4756  aswFW - ok
15:30:48.0673 4756  [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:30:48.0720 4756  aswKbd - ok
15:30:48.0782 4756  [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:30:48.0813 4756  aswMonFlt - ok
15:30:48.0845 4756  [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
15:30:48.0876 4756  aswNdis - ok
15:30:48.0907 4756  [ C6E5E1E0FB3827B2359F4D394ECAA070 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
15:30:48.0954 4756  aswNdis2 - ok
15:30:48.0969 4756  [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
15:30:48.0985 4756  AswRdr - ok
15:30:49.0047 4756  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:30:49.0094 4756  aswSnx - ok
15:30:49.0157 4756  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:30:49.0203 4756  aswSP - ok
15:30:49.0266 4756  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:30:49.0297 4756  aswTdi - ok
15:30:49.0344 4756  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:30:49.0391 4756  AsyncMac - ok
15:30:49.0422 4756  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:30:49.0437 4756  atapi - ok
15:30:49.0515 4756  [ F32FEE7CB2EE32C1F808409BC8019701 ] athr            C:\Windows\system32\DRIVERS\athr.sys
15:30:49.0625 4756  athr - ok
15:30:49.0687 4756  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:30:49.0734 4756  AudioEndpointBuilder - ok
15:30:49.0765 4756  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:30:49.0796 4756  Audiosrv - ok
15:30:49.0905 4756  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:30:49.0921 4756  avast! Antivirus - ok
15:30:49.0999 4756  [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:30:50.0015 4756  avast! Firewall - ok
15:30:50.0124 4756  [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
15:30:50.0202 4756  bcm4sbxp - ok
15:30:50.0233 4756  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:30:50.0295 4756  Beep - ok
15:30:50.0342 4756  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
15:30:50.0389 4756  BFE - ok
15:30:50.0639 4756  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
15:30:50.0779 4756  BITS - ok
15:30:50.0857 4756  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:30:50.0951 4756  blbdrive - ok
15:30:50.0997 4756  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:30:51.0029 4756  bowser - ok
15:30:51.0060 4756  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:30:51.0107 4756  BrFiltLo - ok
15:30:51.0169 4756  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:30:51.0231 4756  BrFiltUp - ok
15:30:51.0247 4756  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
15:30:51.0309 4756  Browser - ok
15:30:51.0325 4756  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:30:51.0387 4756  Brserid - ok
15:30:51.0434 4756  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:30:51.0512 4756  BrSerWdm - ok
15:30:51.0528 4756  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:30:51.0590 4756  BrUsbMdm - ok
15:30:51.0606 4756  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:30:51.0684 4756  BrUsbSer - ok
15:30:51.0699 4756  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:30:51.0793 4756  BTHMODEM - ok
15:30:51.0949 4756  [ AA84638EB071A54FAEF41DA601D3DE1D ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:30:51.0980 4756  btwdins - ok
15:30:51.0996 4756  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:30:52.0058 4756  cdfs - ok
15:30:52.0089 4756  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:30:52.0121 4756  cdrom - ok
15:30:52.0183 4756  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:30:52.0245 4756  CertPropSvc - ok
15:30:52.0277 4756  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
15:30:52.0339 4756  circlass - ok
15:30:52.0417 4756  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
15:30:52.0464 4756  CLFS - ok
15:30:52.0635 4756  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:30:52.0682 4756  clr_optimization_v2.0.50727_32 - ok
15:30:52.0760 4756  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:30:52.0776 4756  clr_optimization_v4.0.30319_32 - ok
15:30:52.0823 4756  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:30:52.0869 4756  CmBatt - ok
15:30:52.0885 4756  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:30:52.0932 4756  cmdide - ok
15:30:52.0947 4756  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:30:52.0963 4756  Compbatt - ok
15:30:52.0979 4756  COMSysApp - ok
15:30:52.0994 4756  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:30:53.0025 4756  crcdisk - ok
15:30:53.0057 4756  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:30:53.0088 4756  Crusoe - ok
15:30:53.0119 4756  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:30:53.0166 4756  CryptSvc - ok
15:30:53.0228 4756  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:30:53.0291 4756  DcomLaunch - ok
15:30:53.0337 4756  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:30:53.0384 4756  DfsC - ok
15:30:53.0665 4756  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
15:30:53.0868 4756  DFSR - ok
15:30:53.0930 4756  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:30:53.0993 4756  Dhcp - ok
15:30:54.0024 4756  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
15:30:54.0039 4756  disk - ok
15:30:54.0086 4756  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:30:54.0117 4756  Dnscache - ok
15:30:54.0211 4756  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:30:54.0273 4756  dot3svc - ok
15:30:54.0305 4756  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
15:30:54.0351 4756  DPS - ok
15:30:54.0398 4756  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:30:54.0461 4756  drmkaud - ok
15:30:54.0554 4756  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:30:54.0601 4756  DXGKrnl - ok
15:30:54.0632 4756  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:30:54.0679 4756  E1G60 - ok
15:30:54.0710 4756  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
15:30:54.0757 4756  EapHost - ok
15:30:54.0819 4756  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:30:54.0835 4756  Ecache - ok
15:30:54.0944 4756  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:30:54.0991 4756  ehRecvr - ok
15:30:55.0007 4756  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
15:30:55.0069 4756  ehSched - ok
15:30:55.0069 4756  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
15:30:55.0100 4756  ehstart - ok
15:30:55.0147 4756  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:30:55.0178 4756  elxstor - ok
15:30:55.0256 4756  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:30:55.0334 4756  EMDMgmt - ok
15:30:55.0365 4756  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:30:55.0412 4756  ErrDev - ok
15:30:55.0506 4756  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
15:30:55.0599 4756  EventSystem - ok
15:30:55.0818 4756  [ 2D41D7250F73272946DE04FF7A19761E ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:30:55.0943 4756  EvtEng ( UnsignedFile.Multi.Generic ) - warning
15:30:55.0943 4756  EvtEng - detected UnsignedFile.Multi.Generic (1)
15:30:55.0989 4756  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
15:30:56.0036 4756  exfat - ok
15:30:56.0083 4756  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:30:56.0130 4756  fastfat - ok
15:30:56.0161 4756  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:30:56.0192 4756  fdc - ok
15:30:56.0223 4756  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:30:56.0270 4756  fdPHost - ok
15:30:56.0286 4756  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:30:56.0348 4756  FDResPub - ok
15:30:56.0379 4756  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:30:56.0395 4756  FileInfo - ok
15:30:56.0411 4756  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:30:56.0457 4756  Filetrace - ok
15:30:56.0504 4756  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:30:56.0582 4756  flpydisk - ok
15:30:56.0629 4756  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:30:56.0676 4756  FltMgr - ok
15:30:56.0754 4756  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
15:30:56.0847 4756  FontCache - ok
15:30:57.0003 4756  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:30:57.0019 4756  FontCache3.0.0.0 - ok
15:30:57.0081 4756  [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:30:57.0097 4756  fssfltr - ok
15:30:57.0222 4756  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:30:57.0331 4756  fsssvc - ok
15:30:57.0393 4756  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:30:57.0456 4756  Fs_Rec - ok
15:30:57.0471 4756  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:30:57.0503 4756  gagp30kx - ok
15:30:57.0596 4756  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:30:57.0721 4756  gpsvc - ok
15:30:57.0768 4756  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:30:57.0846 4756  HdAudAddService - ok
15:30:57.0971 4756  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:30:58.0033 4756  HDAudBus - ok
15:30:58.0080 4756  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:30:58.0142 4756  HidBth - ok
15:30:58.0158 4756  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:30:58.0236 4756  HidIr - ok
15:30:58.0267 4756  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
15:30:58.0329 4756  hidserv - ok
15:30:58.0361 4756  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:30:58.0392 4756  HidUsb - ok
15:30:58.0407 4756  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:30:58.0454 4756  hkmsvc - ok
15:30:58.0470 4756  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:30:58.0485 4756  HpCISSs - ok
15:30:58.0563 4756  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:30:58.0657 4756  HTTP - ok
15:30:58.0688 4756  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:30:58.0704 4756  i2omp - ok
15:30:58.0766 4756  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:30:58.0813 4756  i8042prt - ok
15:30:59.0109 4756  [ DCE0B53570703CCE580D066F89EF58CD ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:30:59.0499 4756  ialm - ok
15:30:59.0546 4756  [ ABFEBC5F846C71AFEBD7F8F6BA740C03 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:30:59.0562 4756  iaStor - ok
15:30:59.0593 4756  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:30:59.0624 4756  iaStorV - ok
15:30:59.0687 4756  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:30:59.0749 4756  idsvc - ok
15:31:00.0014 4756  [ DCE0B53570703CCE580D066F89EF58CD ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:31:00.0389 4756  igfx - ok
15:31:00.0404 4756  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:31:00.0420 4756  iirsp - ok
15:31:00.0482 4756  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:31:00.0529 4756  IKEEXT - ok
15:31:00.0623 4756  [ FFD2B3BC042596ABE785D3C15F51AB46 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:31:00.0888 4756  IntcAzAudAddService - ok
15:31:00.0935 4756  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:31:00.0950 4756  intelide - ok
15:31:00.0966 4756  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:31:01.0013 4756  intelppm - ok
15:31:01.0044 4756  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:31:01.0091 4756  IPBusEnum - ok
15:31:01.0122 4756  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:01.0169 4756  IpFilterDriver - ok
15:31:01.0184 4756  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:31:01.0215 4756  iphlpsvc - ok
15:31:01.0231 4756  IpInIp - ok
15:31:01.0262 4756  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:31:01.0309 4756  IPMIDRV - ok
15:31:01.0325 4756  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:31:01.0356 4756  IPNAT - ok
15:31:01.0387 4756  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:31:01.0403 4756  IRENUM - ok
15:31:01.0434 4756  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:31:01.0449 4756  isapnp - ok
15:31:01.0496 4756  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:01.0527 4756  iScsiPrt - ok
15:31:01.0559 4756  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:31:01.0574 4756  iteatapi - ok
15:31:01.0590 4756  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:31:01.0605 4756  iteraid - ok
15:31:01.0621 4756  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:01.0637 4756  kbdclass - ok
15:31:01.0652 4756  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:31:01.0699 4756  kbdhid - ok
15:31:01.0746 4756  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
15:31:01.0793 4756  KeyIso - ok
15:31:01.0824 4756  [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
15:31:01.0839 4756  KMDFMEMIO - ok
15:31:01.0886 4756  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:31:01.0902 4756  KSecDD - ok
15:31:01.0949 4756  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:31:02.0027 4756  KtmRm - ok
15:31:02.0089 4756  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:31:02.0136 4756  LanmanServer - ok
15:31:02.0183 4756  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:02.0229 4756  LanmanWorkstation - ok
15:31:02.0276 4756  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:31:02.0307 4756  lltdio - ok
15:31:02.0339 4756  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:31:02.0385 4756  lltdsvc - ok
15:31:02.0401 4756  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:31:02.0448 4756  lmhosts - ok
15:31:02.0479 4756  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:31:02.0495 4756  LSI_FC - ok
15:31:02.0510 4756  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:31:02.0526 4756  LSI_SAS - ok
15:31:02.0541 4756  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:31:02.0557 4756  LSI_SCSI - ok
15:31:02.0588 4756  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
15:31:02.0635 4756  luafv - ok
15:31:02.0666 4756  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:31:02.0697 4756  Mcx2Svc - ok
15:31:02.0775 4756  [ 4EA37B969B8C659C51E1CABB6D435325 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
15:31:02.0807 4756  MDM ( UnsignedFile.Multi.Generic ) - warning
15:31:02.0807 4756  MDM - detected UnsignedFile.Multi.Generic (1)
15:31:02.0838 4756  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:31:02.0853 4756  megasas - ok
15:31:02.0900 4756  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:31:02.0931 4756  MegaSR - ok
15:31:02.0947 4756  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
15:31:02.0994 4756  MMCSS - ok
15:31:03.0009 4756  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
15:31:03.0072 4756  Modem - ok
15:31:03.0103 4756  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:31:03.0150 4756  monitor - ok
15:31:03.0165 4756  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:31:03.0197 4756  mouclass - ok
15:31:03.0212 4756  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:31:03.0275 4756  mouhid - ok
15:31:03.0290 4756  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:31:03.0321 4756  MountMgr - ok
15:31:03.0368 4756  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:31:03.0399 4756  MozillaMaintenance - ok
15:31:03.0431 4756  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:31:03.0462 4756  mpio - ok
15:31:03.0493 4756  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:31:03.0540 4756  mpsdrv - ok
15:31:03.0587 4756  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:31:03.0649 4756  MpsSvc - ok
15:31:03.0680 4756  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:31:03.0696 4756  Mraid35x - ok
15:31:03.0727 4756  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:31:03.0758 4756  MRxDAV - ok
15:31:03.0789 4756  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:03.0805 4756  mrxsmb - ok
15:31:03.0852 4756  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:03.0883 4756  mrxsmb10 - ok
15:31:03.0899 4756  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:03.0930 4756  mrxsmb20 - ok
15:31:03.0961 4756  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:31:03.0977 4756  msahci - ok
15:31:03.0992 4756  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:31:04.0008 4756  msdsm - ok
15:31:04.0023 4756  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
15:31:04.0086 4756  MSDTC - ok
15:31:04.0117 4756  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:31:04.0148 4756  Msfs - ok
15:31:04.0195 4756  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:31:04.0211 4756  msisadrv - ok
15:31:04.0242 4756  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:31:04.0304 4756  MSiSCSI - ok
15:31:04.0320 4756  msiserver - ok
15:31:04.0351 4756  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:31:04.0398 4756  MSKSSRV - ok
15:31:04.0445 4756  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:04.0476 4756  MSPCLOCK - ok
15:31:04.0491 4756  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:31:04.0523 4756  MSPQM - ok
15:31:04.0554 4756  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:31:04.0585 4756  MsRPC - ok
15:31:04.0601 4756  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:04.0616 4756  mssmbios - ok
15:31:04.0632 4756  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:31:04.0663 4756  MSTEE - ok
15:31:04.0694 4756  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
15:31:04.0710 4756  Mup - ok
15:31:04.0741 4756  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
15:31:04.0788 4756  napagent - ok
15:31:04.0850 4756  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:31:04.0866 4756  NativeWifiP - ok
15:31:04.0913 4756  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:31:04.0959 4756  NDIS - ok
15:31:05.0006 4756  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:05.0037 4756  NdisTapi - ok
15:31:05.0053 4756  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:05.0084 4756  Ndisuio - ok
15:31:05.0131 4756  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:05.0178 4756  NdisWan - ok
15:31:05.0193 4756  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:31:05.0225 4756  NDProxy - ok
15:31:05.0225 4756  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:31:05.0271 4756  NetBIOS - ok
15:31:05.0318 4756  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:31:05.0365 4756  netbt - ok
15:31:05.0365 4756  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
15:31:05.0396 4756  Netlogon - ok
15:31:05.0412 4756  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
15:31:05.0474 4756  Netman - ok
15:31:05.0490 4756  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
15:31:05.0537 4756  netprofm - ok
15:31:05.0583 4756  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:31:05.0615 4756  NetTcpPortSharing - ok
15:31:05.0989 4756  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
15:31:06.0192 4756  NETw3v32 - ok
15:31:06.0223 4756  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:31:06.0239 4756  nfrd960 - ok
15:31:06.0285 4756  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:31:06.0317 4756  NlaSvc - ok
15:31:06.0379 4756  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:31:06.0426 4756  Npfs - ok
15:31:06.0441 4756  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
15:31:06.0488 4756  nsi - ok
15:31:06.0504 4756  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:31:06.0551 4756  nsiproxy - ok
15:31:06.0956 4756  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:31:07.0143 4756  Ntfs - ok
15:31:07.0190 4756  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:31:07.0253 4756  ntrigdigi - ok
15:31:07.0331 4756  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
15:31:07.0409 4756  Null - ok
15:31:07.0455 4756  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:31:07.0471 4756  nvraid - ok
15:31:07.0487 4756  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:31:07.0518 4756  nvstor - ok
15:31:07.0533 4756  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:31:07.0565 4756  nv_agp - ok
15:31:07.0565 4756  NwlnkFlt - ok
15:31:07.0580 4756  NwlnkFwd - ok
15:31:07.0611 4756  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:31:07.0658 4756  ohci1394 - ok
15:31:07.0923 4756  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:31:08.0064 4756  p2pimsvc - ok
15:31:08.0095 4756  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:31:08.0157 4756  p2psvc - ok
15:31:08.0204 4756  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
15:31:08.0345 4756  Parport - ok
15:31:08.0438 4756  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:31:08.0485 4756  partmgr - ok
15:31:08.0532 4756  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:31:08.0672 4756  Parvdm - ok
15:31:08.0750 4756  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:31:08.0906 4756  PcaSvc - ok
15:31:08.0953 4756  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
15:31:09.0000 4756  pci - ok
15:31:09.0062 4756  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
15:31:09.0109 4756  pciide - ok
15:31:09.0140 4756  [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:31:09.0171 4756  pcmcia - ok
15:31:09.0203 4756  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:31:09.0312 4756  PEAUTH - ok
15:31:09.0764 4756  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
15:31:09.0951 4756  pla - ok
15:31:10.0029 4756  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:31:10.0107 4756  PlugPlay - ok
15:31:10.0139 4756  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:31:10.0185 4756  PNRPAutoReg - ok
15:31:10.0201 4756  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:31:10.0295 4756  PNRPsvc - ok
15:31:10.0404 4756  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:31:10.0513 4756  PolicyAgent - ok
15:31:10.0544 4756  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:31:10.0591 4756  PptpMiniport - ok
15:31:10.0607 4756  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
15:31:10.0638 4756  Processor - ok
15:31:10.0731 4756  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:31:10.0794 4756  ProfSvc - ok
15:31:10.0809 4756  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:10.0825 4756  ProtectedStorage - ok
15:31:10.0872 4756  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:31:10.0950 4756  PSched - ok
15:31:10.0981 4756  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
15:31:11.0012 4756  PSI - ok
15:31:11.0075 4756  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:31:11.0184 4756  ql2300 - ok
15:31:11.0215 4756  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:31:11.0246 4756  ql40xx - ok
15:31:11.0277 4756  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
15:31:11.0324 4756  QWAVE - ok
15:31:11.0340 4756  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:31:11.0387 4756  QWAVEdrv - ok
15:31:11.0402 4756  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:31:11.0433 4756  RasAcd - ok
15:31:11.0465 4756  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
15:31:11.0511 4756  RasAuto - ok
15:31:11.0527 4756  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:11.0574 4756  Rasl2tp - ok
15:31:11.0621 4756  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
15:31:11.0667 4756  RasMan - ok
15:31:11.0745 4756  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:11.0808 4756  RasPppoe - ok
15:31:11.0839 4756  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:31:11.0855 4756  RasSstp - ok
15:31:11.0901 4756  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:31:11.0948 4756  rdbss - ok
15:31:11.0964 4756  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:12.0011 4756  RDPCDD - ok
15:31:12.0073 4756  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:31:12.0135 4756  rdpdr - ok
15:31:12.0135 4756  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:31:12.0182 4756  RDPENCDD - ok
15:31:12.0229 4756  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:31:12.0276 4756  RDPWD - ok
15:31:12.0588 4756  [ ED8C9F16E10C1E4C4C5D16CD04966E24 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:31:12.0650 4756  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
15:31:12.0650 4756  RegSrvc - detected UnsignedFile.Multi.Generic (1)
15:31:12.0697 4756  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:31:12.0728 4756  RemoteAccess - ok
15:31:12.0837 4756  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:31:12.0884 4756  RemoteRegistry - ok
15:31:12.0900 4756  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
15:31:12.0947 4756  RpcLocator - ok
15:31:12.0978 4756  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
15:31:13.0025 4756  RpcSs - ok
15:31:13.0056 4756  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:31:13.0118 4756  rspndr - ok
15:31:13.0134 4756  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
15:31:13.0149 4756  SamSs - ok
15:31:13.0415 4756  [ A9D840FA78F65857EB554229914F855C ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
15:31:13.0493 4756  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
15:31:13.0493 4756  Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
15:31:13.0524 4756  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:31:13.0539 4756  sbp2port - ok
15:31:13.0602 4756  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:31:13.0649 4756  SCardSvr - ok
15:31:13.0820 4756  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
15:31:13.0961 4756  Schedule - ok
15:31:14.0007 4756  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:31:14.0054 4756  SCPolicySvc - ok
15:31:14.0117 4756  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:31:14.0226 4756  sdbus - ok
15:31:14.0288 4756  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:31:14.0335 4756  SDRSVC - ok
15:31:14.0366 4756  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:31:14.0460 4756  secdrv - ok
15:31:14.0491 4756  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
15:31:14.0538 4756  seclogon - ok
15:31:14.0663 4756  Secunia PSI Agent - ok
15:31:14.0709 4756  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
15:31:14.0772 4756  SENS - ok
15:31:14.0787 4756  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:31:14.0850 4756  Serenum - ok
15:31:14.0912 4756  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
15:31:14.0990 4756  Serial - ok
15:31:15.0021 4756  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:31:15.0053 4756  sermouse - ok
15:31:15.0115 4756  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:31:15.0193 4756  SessionEnv - ok
15:31:15.0224 4756  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:31:15.0255 4756  sffdisk - ok
15:31:15.0271 4756  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:31:15.0333 4756  sffp_mmc - ok
15:31:15.0349 4756  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:31:15.0396 4756  sffp_sd - ok
15:31:15.0411 4756  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:31:15.0536 4756  sfloppy - ok
15:31:15.0755 4756  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:31:15.0911 4756  SharedAccess - ok
15:31:15.0957 4756  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:31:16.0035 4756  ShellHWDetection - ok
15:31:16.0067 4756  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:31:16.0082 4756  sisagp - ok
15:31:16.0098 4756  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:31:16.0113 4756  SiSRaid2 - ok
15:31:16.0129 4756  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:31:16.0145 4756  SiSRaid4 - ok
15:31:16.0659 4756  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
15:31:16.0893 4756  slsvc - ok
15:31:16.0909 4756  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:31:16.0971 4756  SLUINotify - ok
15:31:17.0018 4756  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:31:17.0065 4756  Smb - ok
15:31:17.0112 4756  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:31:17.0159 4756  SNMPTRAP - ok
15:31:17.0190 4756  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
15:31:17.0221 4756  spldr - ok
15:31:17.0252 4756  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
15:31:17.0299 4756  Spooler - ok
15:31:17.0361 4756  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:31:17.0377 4756  SQLWriter - ok
15:31:17.0424 4756  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:31:17.0486 4756  srv - ok
15:31:17.0502 4756  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:31:17.0533 4756  srv2 - ok
15:31:17.0564 4756  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:31:17.0595 4756  srvnet - ok
15:31:17.0642 4756  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:31:17.0720 4756  SSDPSRV - ok
15:31:17.0751 4756  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:31:17.0783 4756  SstpSvc - ok
15:31:17.0845 4756  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
15:31:17.0923 4756  stisvc - ok
15:31:17.0954 4756  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:31:17.0985 4756  swenum - ok
15:31:18.0032 4756  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
15:31:18.0110 4756  swprv - ok
15:31:18.0141 4756  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:31:18.0173 4756  Symc8xx - ok
15:31:18.0188 4756  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:31:18.0219 4756  Sym_hi - ok
15:31:18.0235 4756  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:31:18.0266 4756  Sym_u3 - ok
15:31:18.0297 4756  [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:31:18.0313 4756  SynTP - ok
15:31:18.0391 4756  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
15:31:18.0485 4756  SysMain - ok
15:31:18.0531 4756  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:31:18.0578 4756  TabletInputService - ok
15:31:18.0625 4756  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:31:18.0703 4756  TapiSrv - ok
15:31:18.0734 4756  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
15:31:18.0797 4756  TBS - ok
15:31:18.0859 4756  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:31:18.0953 4756  Tcpip - ok
15:31:18.0999 4756  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:31:19.0062 4756  Tcpip6 - ok
15:31:19.0093 4756  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:31:19.0140 4756  tcpipreg - ok
15:31:19.0171 4756  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:31:19.0233 4756  TDPIPE - ok
15:31:19.0233 4756  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:31:19.0280 4756  TDTCP - ok
15:31:19.0311 4756  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:31:19.0358 4756  tdx - ok
15:31:19.0374 4756  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:31:19.0389 4756  TermDD - ok
15:31:19.0436 4756  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
15:31:19.0483 4756  TermService - ok
15:31:19.0499 4756  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
15:31:19.0514 4756  Themes - ok
15:31:19.0561 4756  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:31:19.0592 4756  THREADORDER - ok
15:31:19.0608 4756  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
15:31:19.0670 4756  TrkWks - ok
15:31:19.0717 4756  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:31:19.0764 4756  TrustedInstaller - ok
15:31:19.0795 4756  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:19.0842 4756  tssecsrv - ok
15:31:19.0857 4756  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:31:19.0889 4756  tunmp - ok
15:31:19.0904 4756  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:31:19.0920 4756  tunnel - ok
15:31:19.0951 4756  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:31:19.0967 4756  uagp35 - ok
15:31:19.0998 4756  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:31:20.0029 4756  udfs - ok
15:31:20.0060 4756  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:31:20.0091 4756  UI0Detect - ok
15:31:20.0123 4756  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:31:20.0138 4756  uliagpkx - ok
15:31:20.0169 4756  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:31:20.0185 4756  uliahci - ok
15:31:20.0216 4756  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:31:20.0232 4756  UlSata - ok
15:31:20.0247 4756  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:31:20.0263 4756  ulsata2 - ok
15:31:20.0279 4756  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:31:20.0325 4756  umbus - ok
15:31:20.0357 4756  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
15:31:20.0403 4756  upnphost - ok
15:31:20.0435 4756  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:20.0481 4756  usbccgp - ok
15:31:20.0513 4756  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:31:20.0559 4756  usbcir - ok
15:31:20.0606 4756  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:31:20.0622 4756  usbehci - ok
15:31:20.0669 4756  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:31:20.0715 4756  usbhub - ok
15:31:20.0731 4756  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:31:20.0778 4756  usbohci - ok
15:31:20.0793 4756  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:31:20.0840 4756  usbprint - ok
15:31:20.0856 4756  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:20.0887 4756  USBSTOR - ok
15:31:20.0918 4756  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:31:20.0965 4756  usbuhci - ok
15:31:20.0996 4756  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:31:21.0027 4756  usbvideo - ok
15:31:21.0059 4756  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
15:31:21.0090 4756  UxSms - ok
15:31:21.0121 4756  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
15:31:21.0230 4756  vds - ok
15:31:21.0293 4756  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:21.0308 4756  vga - ok
15:31:21.0339 4756  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:31:21.0402 4756  VgaSave - ok
15:31:21.0417 4756  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:31:21.0433 4756  viaagp - ok
15:31:21.0449 4756  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:31:21.0480 4756  ViaC7 - ok
15:31:21.0495 4756  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
15:31:21.0511 4756  viaide - ok
15:31:21.0527 4756  VMC302 - ok
15:31:21.0542 4756  VMC326 - ok
15:31:21.0558 4756  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:31:21.0573 4756  volmgr - ok
15:31:21.0620 4756  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:31:21.0651 4756  volmgrx - ok
15:31:21.0683 4756  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:31:21.0714 4756  volsnap - ok
15:31:21.0745 4756  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:31:21.0761 4756  vsmraid - ok
15:31:21.0807 4756  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
15:31:21.0917 4756  VSS - ok
15:31:21.0963 4756  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
15:31:22.0010 4756  W32Time - ok
15:31:22.0041 4756  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:31:22.0088 4756  WacomPen - ok
15:31:22.0104 4756  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:31:22.0135 4756  Wanarp - ok
15:31:22.0151 4756  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:31:22.0182 4756  Wanarpv6 - ok
15:31:22.0197 4756  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:31:22.0229 4756  wcncsvc - ok
15:31:22.0275 4756  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:31:22.0322 4756  WcsPlugInService - ok
15:31:22.0353 4756  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
15:31:22.0369 4756  Wd - ok
15:31:22.0385 4756  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:31:22.0416 4756  Wdf01000 - ok
15:31:22.0447 4756  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:31:22.0494 4756  WdiServiceHost - ok
15:31:22.0494 4756  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:31:22.0525 4756  WdiSystemHost - ok
15:31:22.0572 4756  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
15:31:22.0619 4756  WebClient - ok
15:31:22.0650 4756  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:31:22.0697 4756  Wecsvc - ok
15:31:22.0728 4756  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:31:22.0775 4756  wercplsupport - ok
15:31:22.0821 4756  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:31:22.0853 4756  WerSvc - ok
15:31:22.0899 4756  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:31:22.0931 4756  WinDefend - ok
15:31:22.0931 4756  WinHttpAutoProxySvc - ok
15:31:23.0009 4756  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:31:23.0024 4756  Winmgmt - ok
15:31:23.0087 4756  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:31:23.0211 4756  WinRM - ok
15:31:23.0274 4756  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:31:23.0367 4756  Wlansvc - ok
15:31:23.0414 4756  [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:31:23.0430 4756  wlcrasvc - ok
15:31:23.0539 4756  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:31:23.0633 4756  wlidsvc - ok
15:31:23.0664 4756  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:31:23.0695 4756  WmiAcpi - ok
15:31:23.0742 4756  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:31:23.0773 4756  wmiApSrv - ok
15:31:23.0851 4756  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:31:23.0976 4756  WMPNetworkSvc - ok
15:31:24.0023 4756  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:31:24.0085 4756  WPCSvc - ok
15:31:24.0132 4756  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:31:24.0210 4756  WPDBusEnum - ok
15:31:24.0319 4756  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:31:24.0350 4756  WPFFontCache_v0400 - ok
15:31:24.0381 4756  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:31:24.0428 4756  ws2ifsl - ok
15:31:24.0475 4756  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
15:31:24.0522 4756  wscsvc - ok
15:31:24.0537 4756  WSearch - ok
15:31:24.0631 4756  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:31:24.0725 4756  wuauserv - ok
15:31:24.0740 4756  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:24.0787 4756  WUDFRd - ok
15:31:24.0818 4756  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:31:24.0881 4756  wudfsvc - ok
15:31:24.0927 4756  [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
15:31:24.0943 4756  yukonwlh - ok
15:31:24.0959 4756  ================ Scan global ===============================
15:31:24.0974 4756  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:31:25.0005 4756  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:31:25.0037 4756  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:31:25.0083 4756  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:31:25.0099 4756  [Global] - ok
15:31:25.0099 4756  ================ Scan MBR ==================================
15:31:25.0115 4756  [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
15:31:25.0785 4756  \Device\Harddisk0\DR0 - ok
15:31:25.0785 4756  ================ Scan VBR ==================================
15:31:25.0785 4756  [ 778BD02862DAF00CBA9203AD1F772529 ] \Device\Harddisk0\DR0\Partition1
15:31:25.0785 4756  \Device\Harddisk0\DR0\Partition1 - ok
15:31:25.0817 4756  [ 3AEF6052CF435B768F153AC751BE2BF1 ] \Device\Harddisk0\DR0\Partition2
15:31:25.0817 4756  \Device\Harddisk0\DR0\Partition2 - ok
15:31:25.0817 4756  ============================================================
15:31:25.0817 4756  Scan finished
15:31:25.0817 4756  ============================================================
15:31:25.0832 3456  Detected object count: 4
15:31:25.0832 3456  Actual detected object count: 4
15:34:00.0429 3456  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:00.0429 3456  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:34:00.0429 3456  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:00.0429 3456  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:34:00.0429 3456  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:00.0429 3456  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:34:00.0429 3456  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
15:34:00.0445 3456  Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:34:12.0285 4876  Deinitialize success

15.10.2012, 13:18	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Malewarebytes findet ganz viele PUPBlabbers Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!) 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

Malewarebytes findet ganz viele PUPBlabbers

Plagegeister aller Art und deren Bekämpfung: Malewarebytes findet ganz viele PUPBlabbers