| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.01.2013, 15:11
| #1 |
 |  Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hallo zusammen, ich habe vorhin festgestellt, daß mir ein, b.z.w. zwei Progamme bei Firefox ständig versuchen irgendwelche Coupons anzudrehen. Ich habe die beiden als " Browse to save " und "fast save" ausgemacht. Da diese Popups oder wie man sie nennen mag die automatische Passworteingabe bei ein paar Internetseiten gestört haben ( also das PW wurde nicht wie normal automatisch eingefügt sondern ich musste es manuell eingeben), habe ich direkt im Internet gesucht was das sein könnte. Nun gingen dort die Aussagen von Malware über Spyware bis hin zum Virus. Daraufhin habe ich mir von der Seite www.securitystronghold.com ein Programm Names " Browse To Save Removal Tool " geladen. Soweit schön und gut. Nun bin ich aber ja nicht blöd und habe auch andere Malware und Spyware Erkennungsprogramme laufen lassen. Weder Malware Bytes, noch feasyclean oder Norton Power Eraser haben irgendetwas gefunden. Nun hat das Removal Tool bis jetzt 3 Dateien ausgemacht die infiziert sein sollen. Komisch ist aber, daß diese Dateien teils seit 3 Jahren auf dem PC sind und noch nie Probleme gemacht haben. Der einzel Scan mit den genannten Programmen ergibt auch keinen Treffer und mein Norton Security ebenfalls nicht. Ich habe auch bei www.virustotal.com alle Dateien überprüfen lassen - kein Treffer. Die werden da von bis zu 46 verschiedenen Scannern durchsucht. Was dort allerdings bei einem der Scanner einen Treffer verursacht hat ist das Removal Tool selbst.... Da hieß es dann bei ESET-NOD32 " a variant of Win32/SecurityStronghold " Nun bin ich natürlich völlig verwirrt und weiß nicht ob vielleicht das Programm welches eine eventuelle Spyware beheben sollte, nicht die Spyware selbst ist  Die Dateien die das Removal Tool bisher entfernen möchte sind: c:\End c:\Windows\System32\COMDLG32.OCX c:\Windows\System32\MSINET.OCX c:\Windows\Left 4 Dead\uninstall.exe und er ist gerade mal zur Hälfte fertig mit Scannen. Also die letzte Datei kann nicht verseucht sein. Die ist Monatelang bereits bei mir und wurde von Steam installiert.... Auch die Dateien im System 32 sind von 2009 b.z.w. 2010 und ich habe im Internet nachgesehen was diese Dateien so machen und herausgefunden daß sie teilweise sehr schwer zu beschaffen sind wenn sie fehlen. Also wieso will das Programm Dateien löschen an die ich kaum noch rankomme ? Das "Browse to Save " und " Fast Save " Problem habe ich inzwischen gelöst, indem ich eine Erweiterung in Firefox deinstalliert habe. Da sie " Fast Save " hieß und ich am Anfang nur nach " Browse to Save " gesucht hatte, habe ich sie erst nicht gefunden. Sonst hätte ich garnicht erst im Internet nacheiner Möglichkeit zum entfernen gesucht. Nun kommen keine Gutschein und Coupon Angebote mehr - aber die Sorge etwas zu haben oder sich etwas einzufangen ist nun da. Wer hat Recht ? Das Removal Tool, oder meine 3 Malwarescanner ? |
|
10.01.2013, 15:13
| #2 |
| /// Malware-holic   | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hi
__________________lösche diesen komischen Remover. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
10.01.2013, 16:01
| #3 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 10.01.2013 15:23:31 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop\Trojaner und Malware Bekämpfung Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 52,60% Memory free 9,11 Gb Paging File | 7,61 Gb Available in Paging File | 83,51% Paging File free Paging file location(s): c:\pagefile.sys 6000 6000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 10,35 Gb Free Space | 10,61% Space Free | Partition Type: NTFS Drive D: | 7,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 368,10 Gb Total Space | 154,33 Gb Free Space | 41,93% Space Free | Partition Type: NTFS Drive F: | 1863,01 Gb Total Space | 0,60 Gb Free Space | 0,03% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.05 21:44:45 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.11.30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.11.08 17:29:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\Trojaner und Malware Bekämpfung\OTL.exe PRC - [2012.10.11 03:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\ccsvchst.exe PRC - [2012.10.02 20:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.10.02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.06.28 09:52:12 | 004,941,768 | ---- | M] (SafeNet Inc.) -- C:\Windows\System32\hasplms.exe PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010.07.29 06:05:38 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Programme\Common Files\Nuance\dgnsvc.exe PRC - [2009.07.21 08:17:46 | 000,323,584 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\SetPoint II\SetPointII.exe PRC - [2009.07.10 11:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (No Company Name) ========== MOD - [2012.12.05 21:44:44 | 002,397,152 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.12.05 18:09:41 | 002,148,376 | ---- | M] () -- c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll MOD - [2012.11.30 03:07:48 | 000,100,248 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2012.11.30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2012.05.30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\wincfi39.dll MOD - [2010.07.04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Programme\Unlocker\UnlockerCOM.dll MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - [2013.01.01 19:37:34 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.12.05 21:44:44 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.11 03:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security CBE\Engine\20.2.0.19\ccSvcHst.exe -- (NIS) SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.08.30 20:13:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.06.28 09:52:12 | 004,941,768 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms) SRV - [2012.06.17 08:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Disabled | Stopped] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.01.11 07:04:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.29 06:05:38 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Programme\Common Files\Nuance\dgnsvc.exe -- (DragonSvc) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\***\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\***\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a3tqiwo3) DRV - [2013.01.10 12:59:30 | 000,097,440 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR311.SYS -- (SMR311) DRV - [2013.01.07 04:14:30 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130109.040\NAVEX15.SYS -- (NAVEX15) DRV - [2013.01.07 04:14:30 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130109.040\NAVENG.SYS -- (NAVENG) DRV - [2012.12.06 03:09:18 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012.10.31 10:36:43 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2012.10.27 08:51:20 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130109.001\IDSvix86.sys -- (IDSVix86) DRV - [2012.10.24 00:34:24 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130107.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.10.09 02:00:02 | 000,586,400 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\srtsp.sys -- (SRTSP) DRV - [2012.10.04 02:40:35 | 000,927,904 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\symefa.sys -- (SymEFA) DRV - [2012.10.04 02:40:20 | 000,368,288 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\symds.sys -- (SymDS) DRV - [2012.10.04 02:19:14 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\ccsetx86.sys -- (ccSet_NIS) DRV - [2012.09.26 14:02:32 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2012.09.07 03:05:14 | 000,338,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\symnets.sys -- (SymNetS) DRV - [2012.09.07 02:48:08 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\ironx86.sys -- (SymIRON) DRV - [2012.08.18 02:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012.06.28 09:51:46 | 000,362,496 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge) DRV - [2012.06.17 08:51:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2012.05.24 22:36:56 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402000.013\srtspx.sys -- (SRTSPX) DRV - [2011.08.10 15:05:24 | 000,596,424 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock) DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.10.06 04:48:29 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010.10.06 04:48:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.09.22 20:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss) DRV - [2010.07.06 19:52:50 | 000,097,376 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus) DRV - [2010.07.04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010.02.24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11) DRV - [2009.09.17 12:02:04 | 001,086,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.06.26 08:29:34 | 001,656,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ambfilt.sys -- (AMBFilt) DRV - [2009.06.17 08:56:18 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 08:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.05.21 14:39:54 | 000,090,472 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd) DRV - [2009.05.04 17:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008.12.02 07:56:00 | 001,389,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Monfilt.sys -- (MonFilt) DRV - [2008.01.19 04:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir) DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD) DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2001.11.07 01:00:00 | 000,166,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\webc3vid.sys -- (CTL511Plus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\URLSearchHook: {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Programme\AF-HSS\tbAF-H.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2765711 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=4812_8&babsrc=SP_ss&mntrId=54a93cd60000000000000025223606c8 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=15527&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&tpr=111 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2765711 IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.2.0 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12 FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.11 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=109727&tt=4812_8&babsrc=KW_ss&mntrId=54a93cd60000000000000025223606c8&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files\Downloader\npdd.dll (Metaboli) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\Binaries\NPMPDRM.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.11 12:07:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012.10.31 10:36:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.01.10 14:14:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.11.03 18:03:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.31 18:15:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.31 18:15:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mj7a9djq.default\extensions\firejump@firejump.net FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012.12.07 02:13:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.31 18:15:21 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.31 18:15:39 | 000,000,000 | ---D | M] [2012.02.18 04:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.02.02 18:01:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\celtx@celtx.com [2013.01.10 14:29:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\mj7a9djq.default\extensions [2012.11.22 05:58:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\mj7a9djq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.09.14 22:39:55 | 000,004,404 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\extensions\youtubeunblocker@unblocker.yt.xpi [2012.08.07 07:59:36 | 000,154,252 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi [2013.01.05 08:50:09 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012.11.24 08:34:41 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.09.25 20:07:58 | 000,271,097 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2012.09.14 22:32:46 | 000,000,853 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\11-suche.xml [2012.09.14 22:32:47 | 000,002,209 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\englische-ergebnisse.xml [2012.09.14 22:32:46 | 000,010,506 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\gmx-suche.xml [2012.09.14 22:32:46 | 000,002,368 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\lastminute.xml [2012.12.02 22:44:11 | 000,002,536 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\mngr.xml [2012.09.14 22:32:46 | 000,005,489 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\mj7a9djq.default\searchplugins\webde-suche.xml [2012.10.30 09:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.11.02 19:57:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.10.27 09:09:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.10.27 09:09:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.10.30 09:42:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.10.27 09:09:59 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Programme\Mozilla Firefox\extensions\YPlayer@yummy.net [2012.10.30 09:42:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.12.05 21:44:45 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.02.16 12:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.12.02 22:43:50 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.08.30 01:02:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.02.16 12:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.02.16 12:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.16 12:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.16 12:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://search.babylon.com/?affID=109727&tt=4812_8&babsrc=HP_ss&mntrId=54a93cd60000000000000025223606c8 CHR - default_search_provider: ICQ Search (Enabled) CHR - default_search_provider: search_url = hxxp://search.icq.com/search/results.php?ch_id=osd&q={searchTerms}&icid=chrome CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://search.babylon.com/?affID=109727&tt=4812_8&babsrc=HP_ss&mntrId=54a93cd60000000000000025223606c8 CHR - plugin: Erster Nutzer (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll CHR - plugin: Error reading preferences file CHR - Extension: Linkury Smartbar = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: Browse2save = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmalahghdikadpdonhnpjopablkibj\1\ CHR - Extension: Babylon Toolbar = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\ CHR - Extension: Freemake Video Converter = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: Norton Identity Protection = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Settings Protector = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ O1 HOSTS File: ([2010.10.06 23:35:35 | 000,000,863 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 launcher01.kalypsomedia.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Browse2save) - {AF0D7BA7-2A75-9534-3D50-855D8141DBD3} - C:\ProgramData\Browse2save\50e7da3064f4b.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (AF-HSS Toolbar) - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Programme\AF-HSS\tbAF-H.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (AF-HSS Toolbar) - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Programme\AF-HSS\tbAF-H.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security CBE\Engine\20.2.0.19\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (AF-HSS Toolbar) - {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Programme\AF-HSS\tbAF-H.dll (Conduit Ltd.) O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Programme\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare) O4 - HKCU..\Run: [ASRockIES] File not found O4 - HKCU..\Run: [Personal ID] C:\Programme\coolspot AG\Personal ID\pid.exe (coolspot AG, Düsseldorf) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [zASRockInstantBoot] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C5B0027-A7E3-417D-B1E6-D31E32DA8C0D}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\browse~1\25976~1.107\{c16c1~1\mngr.dll) - c:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012.05.14 14:35:13 | 000,000,081 | R--- | M] () - D:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2012.08.01 14:05:00 | 000,000,000 | R--D | M] - D:\autostarter -- [ UDF ] O32 - AutoRun File - [2007.07.30 10:00:50 | 000,233,472 | R--- | M] () - D:\AutoStarter.exe -- [ UDF ] O32 - AutoRun File - [2010.07.10 02:10:56 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ] O33 - MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\Shell\AutoRun\command - "" = J:\setup.exe O33 - MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\Shell\AutoRun\command - "" = G:\PzC-AfrikaKorps-SetupRelease-DE-v112.exe O33 - MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\Shell\AutoRun\command - "" = Z:\Setup.exe O33 - MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\Shell\AutoRun\command - "" = Z:\autorun.exe O33 - MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\Setup.exe O33 - MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\Setup.exe O33 - MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = W:\autorun.exe -auto O33 - MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = W:\Autorun.exe O33 - MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\AUTOSTARTER.EXE O33 - MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE O33 - MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE O33 - MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE O33 - MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\Shell\AutoRun\command - "" = X:\autorun.exe O33 - MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\Shell\AutoRun\command - "" = Y:\autorun.exe O33 - MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe O33 - MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = H:\autoplay.exe O33 - MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = H:\setup.exe O33 - MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe O33 - MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe O33 - MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = K:\SETUP.EXE O33 - MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = L:\CD_Start.exe O33 - MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\Shell\AutoRun\command - "" = J:\DNF.exe O33 - MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\Shell\AutoRun\command - "" = K:\OriginInstaller.exe O33 - MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe O33 - MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\Shell\AutoRun\command - "" = I:\setup.exe O33 - MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\Shell\AutoRun\command - "" = J:\setup.exe O33 - MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\autoset.exe O33 - MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\Autorun.exe O33 - MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\Shell\AutoRun\command - "" = I:\Autorun.exe O33 - MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\Shell\AutoRun\command - "" = G:\install.exe O33 - MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\METT-Program-Player.exe O33 - MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\Shell\AutoRun\command - "" = Y:\autorun.exe O33 - MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\Shell\AutoRun\command - "" = Z:\autorun.exe O33 - MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\Shell\AutoRun\command - "" = V:\Autorun.exe O33 - MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\Shell\AutoRun\command - "" = K:\Autorun.exe O33 - MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\setup.exe O33 - MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = L:\CD_Start.exe O33 - MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe O33 - MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe O33 - MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = V:\FalloutLauncher.exe O33 - MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = W:\FalloutLauncher.exe O33 - MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = X:\DE_Fallout_3_DLC.EXE O33 - MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = X:\AUTOSTARTER.EXE O33 - MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\directx\command - "" = G:\Support\DirectX\DXSETUP.exe O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\install\command - "" = G:\setup.exe O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\directx\command - "" = G:\Support\DirectX\DXSETUP.exe O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\install\command - "" = G:\setup.exe O33 - MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\Shell\AutoRun\command - "" = D:\0data\cbs.exe -- [2012.05.14 14:28:10 | 003,430,400 | R--- | M] () O33 - MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = H:\Setup.exe O33 - MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = I:\CoDMW2.exe O33 - MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = 1 O33 - MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = 1 O33 - MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\Shell\AutoRun\command - "" = J:\StartUp.exe O33 - MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\Shell\AutoRun\command - "" = G:\Setup.exe O33 - MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\Shell\AutoRun\command - "" = H:\autoplay.exe O33 - MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe O33 - MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe O33 - MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\Shell\AutoRun\command - "" = Z:\Setup.exe O33 - MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\Shell\AutoRun\command - "" = F:\Autostart.exe O33 - MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\Shell\AutoRun\command - "" = J:\steambackup2.EXE O33 - MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\Shell\AutoRun\command - "" = J:\CD_Start.exe O33 - MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\Shell\AutoRun\command - "" = H:\PanzerCorpsWehrmacht-SetupRelease-v103.exe O33 - MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\Support\AutoRun\AutoRun.exe O33 - MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\AUTOSTARTER.EXE O33 - MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\Shell\AutoRun\command - "" = G:\StartHere.exe O33 - MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\Shell\AutoRun\command - "" = L:\SETUP.EXE O33 - MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe O33 - MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe O33 - MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe O33 - MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\Shell\AutoRun\command - "" = G:\Setup.exe O33 - MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\Shell\AutoRun\command - "" = I:\Autorun.exe O33 - MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe -auto O33 - MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe -auto O33 - MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = L:\autorun.exe -auto O33 - MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun O33 - MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = L:\autorun.exe -auto O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoBrowser Camera Monitor.lnk - C:\Programme\PIXELA\VideoBrowser\CameraMonitor.exe - (PIXELA CORPORATION) MsConfig - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - () MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: DNS7reminder - hkey= - key= - C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe (Nuance Communications, Inc.) MsConfig - StartUpReg: dradio-RecorderTimer - hkey= - key= - C:\Programme\dradio-Recorder\phonostarTimer.exe () MsConfig - StartUpReg: EA Core - hkey= - key= - File not found MsConfig - StartUpReg: F-Secure Hoster (666) - hkey= - key= - File not found MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: HDAudDeck - hkey= - key= - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) MsConfig - StartUpReg: ISUSPM - hkey= - key= - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) MsConfig - StartUpReg: Linkury Chrome Smartbar - hkey= - key= - C:\Program Files\Linkury\Linkury.exe (Linkury) MsConfig - StartUpReg: Malwarebytes Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - File not found MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: SandboxieControl - hkey= - key= - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) MsConfig - StartUpReg: Skype - hkey= - key= - File not found MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: UnlockerAssistant - hkey= - key= - C:\Program Files\Unlocker\UnlockerAssistant.exe () MsConfig - StartUpReg: USBToolTip - hkey= - key= - File not found MsConfig - StartUpReg: WinampAgent - hkey= - key= - File not found MsConfig - State: "startup" - 2 MsConfig - State: "services" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.01.10 12:59:30 | 000,097,440 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS [2013.01.10 12:58:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Programs [2013.01.10 12:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Browse To Save Removal Tool [2013.01.09 23:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panzer General Special Edition [2013.01.09 23:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine [2013.01.07 19:06:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doomsday [2013.01.07 18:47:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Doomsday [2013.01.06 20:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Particles [2013.01.06 20:25:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Murder on the Titanic [2013.01.06 20:08:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\NevoSoft Games [2013.01.05 09:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Intenium [2013.01.05 08:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\DEUTSCHLAND SPIELT [2013.01.05 08:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT [2013.01.05 08:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\OXXOGames [2013.01.05 08:50:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DieselPuppet [2013.01.05 08:46:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper [2013.01.05 08:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2013.01.05 08:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse2save [2013.01.05 08:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Browse2save [2013.01.05 08:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper [2013.01.05 08:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Alawar [2013.01.05 08:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013.01.05 08:25:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AlawarEntertainment [2013.01.04 02:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mord im Laufrad [2013.01.04 02:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2013.01.02 13:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.01.02 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment [2013.01.01 20:25:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\onOne Software [2013.01.01 20:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\onOne Software [2012.12.31 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SourceTec [2012.12.31 21:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\LAV Filters [2012.12.31 21:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sothink Video Converter [2012.12.31 21:06:59 | 001,283,584 | ---- | C] (xy-VSFilter Team) -- C:\Windows\System32\VSFilter.dll [2012.12.31 21:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec [2012.12.31 21:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\Sothink Video Converter [2012.12.31 18:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012.12.31 18:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.12.20 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Artifex Mundi [2012.12.20 17:22:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\LeeGT-Games [2012.12.17 04:54:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\InstallShare [2012.12.11 19:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ToyDefense [2012.12.11 19:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toy Defense [8 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.10 15:02:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.10 14:32:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000UA.job [2013.01.10 14:22:45 | 000,014,800 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.10 14:22:45 | 000,014,800 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.10 14:14:57 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.10 14:14:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.10 14:14:26 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys [2013.01.10 12:59:30 | 000,097,440 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS [2013.01.10 12:58:59 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.10 12:22:11 | 000,674,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.10 07:46:12 | 002,239,823 | ---- | M] () -- C:\Users\***\Desktop\WritersWorkshop_E-Zine_2012_12.pdf [2013.01.10 03:13:43 | 000,699,276 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.10 03:13:43 | 000,654,594 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.10 03:13:43 | 000,149,170 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.10 03:13:43 | 000,122,124 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.09 22:32:17 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000Core.job [2013.01.09 08:13:06 | 004,337,449 | ---- | M] () -- C:\Users\***\Desktop\vhs_2013.pdf [2013.01.07 18:47:10 | 000,000,088 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013.01.02 13:36:50 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Edna Bricht Aus - Sammler Edition.lnk [2013.01.02 13:29:39 | 000,000,885 | ---- | M] () -- C:\Users\Public\Desktop\Harveys neue Augen Special Edition.lnk [2012.12.31 21:07:06 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\Sothink Video Converter.lnk [2012.12.31 18:15:35 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012.12.23 10:26:49 | 000,000,394 | ---- | M] () -- C:\Users\***\AppData\Roaming\burnaware.ini [2012.12.21 12:36:07 | 000,010,240 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.13 18:45:22 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000035B3.LCS [8 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.10 12:58:57 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.10 07:46:12 | 002,239,823 | ---- | C] () -- C:\Users\***\Desktop\WritersWorkshop_E-Zine_2012_12.pdf [2013.01.09 23:14:25 | 000,000,814 | ---- | C] () -- C:\Users\Public\Desktop\Play Panzer Corps (Game Menu).lnk [2013.01.09 08:13:02 | 004,337,449 | ---- | C] () -- C:\Users\***\Desktop\vhs_2013.pdf [2013.01.07 18:47:10 | 000,000,088 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013.01.05 08:43:58 | 000,001,867 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games.lnk [2013.01.05 08:42:55 | 000,001,264 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weird Park Broken Tune.lnk [2013.01.02 13:36:50 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Edna Bricht Aus - Sammler Edition.lnk [2013.01.02 13:29:39 | 000,000,885 | ---- | C] () -- C:\Users\Public\Desktop\Harveys neue Augen Special Edition.lnk [2012.12.31 21:07:05 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\Sothink Video Converter.lnk [2012.12.31 18:15:35 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012.12.09 05:46:13 | 000,000,000 | ---- | C] () -- C:\Windows\Hatchery.INI [2012.12.02 22:43:36 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll [2012.12.01 16:09:41 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2012.11.08 22:28:17 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.11.08 22:28:17 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.11.05 23:51:34 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012.11.05 16:32:18 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe [2012.11.05 16:32:18 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2012.11.05 16:32:18 | 000,001,786 | ---- | C] () -- C:\Windows\unins000.dat [2012.10.29 18:54:17 | 000,001,529 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel [2012.10.18 12:33:10 | 000,038,520 | ---- | C] () -- C:\Windows\System32\RGBAcodec.dll [2012.10.06 11:43:10 | 000,000,116 | ---- | C] () -- C:\Users\***\kvirc4.ini [2012.09.15 17:35:35 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2012.09.03 10:19:45 | 003,536,817 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2012.07.13 16:35:13 | 001,853,448 | ---- | C] () -- C:\Users\***\Seite 01.cl2arc [2012.07.13 15:08:38 | 000,001,600 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.07.13 13:59:54 | 000,000,008 | RHS- | C] () -- C:\ProgramData\sysqcl1129067056.dat [2012.06.03 05:36:34 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2012.06.03 05:23:10 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll [2012.04.23 18:46:07 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2012.04.23 18:46:07 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2012.04.23 18:46:07 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2012.04.09 08:10:49 | 000,164,265 | ---- | C] () -- C:\Windows\hpoins19.dat [2012.01.31 01:55:16 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{5F4576A9-1564-43D3-914D-CA58C34077D5} [2012.01.23 16:08:58 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{529152BF-0786-4130-BD32-9A10C3B07BDF} [2012.01.09 14:13:18 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{90EB7169-0EAE-4849-9A15-DA31C63470D7} [2012.01.08 08:34:58 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{7327A8CA-D566-46A6-AE01-DB27B8D95032} [2012.01.07 02:43:03 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{CEB597CB-F0C4-4683-85AF-FAF2E9CE4828} [2012.01.06 09:47:10 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{CFFC551E-FBB3-4D65-AA29-99BE32F85DC9} [2012.01.03 01:52:55 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{84E33C9E-10E7-4E96-9609-9C1108E3B2B4} [2011.12.20 11:39:58 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{A6535F84-3155-4CC0-BD7F-705A6B66E08E} [2011.12.19 14:47:35 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\{FA7DBC69-E9B0-4A50-829A-72FFD7F82AEB} [2011.11.30 07:40:08 | 000,070,656 | ---- | C] () -- C:\Windows\System32\tmbvcm32.dll [2011.10.11 12:35:19 | 000,010,240 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.09.19 08:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll [2011.09.19 08:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll [2011.02.02 18:01:05 | 000,003,095 | ---- | C] () -- C:\Users\***\.ganttproject [2011.01.22 16:34:42 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe [2010.11.11 15:10:38 | 000,001,955 | ---- | C] () -- C:\Users\***\AppData\Roaming\SAS7_000.DAT [2010.11.05 15:11:38 | 000,000,394 | ---- | C] () -- C:\Users\***\AppData\Roaming\burnaware.ini [2010.11.04 21:44:58 | 000,138,056 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys [2010.10.23 15:53:19 | 000,007,605 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2010.09.11 12:30:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.12.03 22:24:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft [2012.09.29 14:29:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.terasology [2012.10.19 07:54:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1-abc [2012.06.25 04:05:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ad-Aware Antivirus [2012.03.30 20:02:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Advanced Combat Tracker [2013.01.09 02:53:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AIMP [2013.01.05 08:25:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AlawarEntertainment [2012.01.07 07:58:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Antares Design [2012.12.09 05:41:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Anvil-Soft [2012.12.20 17:30:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Artifex Mundi [2011.11.11 05:20:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ashampoo [2010.11.02 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Astroburn Lite [2013.01.10 12:30:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity [2012.11.16 02:15:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\avidemux [2012.11.02 19:58:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BANDISOFT [2010.11.14 13:07:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Bioshock2 [2010.10.08 08:46:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\calibre [2010.10.29 16:15:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited [2012.11.20 17:30:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\capy [2012.07.13 13:59:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CocotronLibrary [2012.09.14 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\convert [2012.11.19 18:58:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Crayon Physics Deluxe [2010.10.27 09:36:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\cYo [2012.12.07 23:53:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite [2010.11.05 15:07:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DeepBurner [2012.12.02 22:43:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DesktopIconForAmazon [2013.01.05 08:50:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DieselPuppet [2013.01.07 18:47:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Doomsday [2012.11.20 00:34:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Downloaded Installations [2012.09.26 01:04:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2012.02.23 20:45:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader [2011.02.18 03:00:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeCommander [2012.11.01 09:18:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeFLVConverter [2012.04.02 19:25:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GamesCafe [2012.11.08 22:28:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GeoVid [2010.11.02 12:32:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo [2012.01.04 00:13:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\go [2011.02.02 18:01:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Greyfirst [2012.11.07 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HandBrake [2011.06.25 21:10:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hi-Rez Studios [2012.05.25 00:38:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2012.07.03 05:33:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView [2012.02.06 19:53:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JAM Software [2012.05.04 03:26:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kalypso Media [2012.10.06 11:51:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\KVIrc4 [2012.11.22 00:25:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lazy 8 Studios [2012.12.20 17:22:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LeeGT-Games [2012.03.04 18:23:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Logia [2012.10.01 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Machete Lite [2012.11.06 00:31:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mkvtoolnix [2012.11.04 17:24:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MPEG Streamclip [2010.09.11 16:32:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Need for Speed World [2013.01.06 20:08:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NevoSoft Games [2010.11.11 14:32:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance [2013.01.01 20:25:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\onOne Software [2011.11.28 18:19:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy [2010.11.16 13:39:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.09.22 02:36:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2010.12.16 12:30:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Orbit [2010.11.08 19:20:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PACE Anti-Piracy [2010.10.25 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Papyrus Autor [2012.11.05 19:19:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Pegasys Inc [2011.02.25 18:51:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\phonostar GmbH [2010.12.06 01:39:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Poser Pro [2010.09.11 15:08:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProgSense [2012.09.23 03:17:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDISC [2012.08.06 10:40:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Publish Providers [2012.09.12 03:18:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ReelDealSlotQuest_Alice [2012.06.01 05:54:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RIFT [2012.11.09 07:59:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SkyGoblin [2012.08.06 10:40:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony [2012.12.31 21:07:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SourceTec [2011.02.02 17:54:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spacejock Software [2012.12.07 18:43:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sports Interactive [2011.02.25 17:31:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\streamripper [2011.06.05 19:05:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SYSTEMAX Software Development [2012.06.03 05:56:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\systweak [2011.10.11 13:16:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sytexis Software [2010.11.06 22:11:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2012.09.29 13:58:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\temp [2010.10.09 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tropico 3 [2012.11.08 15:42:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2012.08.25 11:04:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay [2011.02.01 07:54:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Utherverse [2012.11.27 18:17:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ZenBound2 [2011.02.13 22:57:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ZombieDriver [2012.11.01 10:40:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\zombies [2012.04.02 19:22:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zylom ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.09.16 12:20:29 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2013.01.10 15:25:07 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.09.07 13:22:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.11.08 00:20:33 | 000,000,000 | ---D | M] -- C:\Dos Games [2012.11.08 21:55:06 | 000,000,000 | ---D | M] -- C:\Dosspiele [2012.10.30 17:43:26 | 000,000,000 | ---D | M] -- C:\Fraps [2012.05.18 16:43:58 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs [2013.01.10 12:44:41 | 000,000,000 | R--D | M] -- C:\Program Files [2013.01.10 14:18:51 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.09.07 13:22:54 | 000,000,000 | -HSD | M] -- C:\Programme [2010.09.07 13:22:54 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.07.13 15:10:10 | 000,000,000 | R--D | M] -- C:\Sandbox [2013.01.10 15:24:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.09.16 17:57:05 | 000,000,000 | ---D | M] -- C:\temp [2012.09.03 10:19:55 | 000,000,000 | R--D | M] -- C:\Users [2013.01.10 15:18:34 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [2009.07.14 05:53:46 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2011.06.13 05:02:19 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011.06.13 05:02:20 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.09.14 21:19:55 | 000,001,072 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000Core.job [2012.09.14 21:20:00 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000UA.job < MD5 for: AGP440.SYS > [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %USERPROFILE%\*.* > [2011.02.02 18:01:07 | 000,003,095 | ---- | M] () -- C:\Users\***\.ganttproject [2011.02.02 18:01:07 | 000,021,957 | ---- | M] () -- C:\Users\***\.ganttproject.log [2012.10.06 11:43:10 | 000,000,116 | ---- | M] () -- C:\Users\***\kvirc4.ini [2013.01.10 15:32:10 | 005,242,880 | -HS- | M] () -- C:\Users\***\NTUSER.DAT [2013.01.10 15:32:10 | 000,262,144 | -HS- | M] () -- C:\Users\***\ntuser.dat.LOG1 [2010.09.07 13:23:01 | 000,000,000 | -HS- | M] () -- C:\Users\***\ntuser.dat.LOG2 [2010.09.07 13:25:04 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010.09.07 13:25:04 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010.09.07 13:25:04 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010.09.07 13:23:01 | 000,000,020 | -HS- | M] () -- C:\Users\***\ntuser.ini [2012.07.13 16:35:14 | 001,853,448 | ---- | M] () -- C:\Users\***\Seite 01.cl2arc [2012.09.12 19:57:45 | 000,038,400 | -HS- | M] () -- C:\Users\***\Thumbs.db < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:CB0AACC9 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:0FF263E8 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:5F91AB27 < End of report > |
|
10.01.2013, 17:36
| #4 |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? hi dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O33 - MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\Shell\AutoRun\command - "" = G:\PzC-AfrikaKorps-SetupRelease-DE-v112.exe
O33 - MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\Shell\AutoRun\command - "" = Z:\Setup.exe
O33 - MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\Shell\AutoRun\command - "" = Z:\autorun.exe
O33 - MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\Setup.exe
O33 - MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\Setup.exe
O33 - MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = W:\autorun.exe -auto
O33 - MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = W:\Autorun.exe
O33 - MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\Shell\AutoRun\command - "" = V:\AUTOSTARTER.EXE
O33 - MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE
O33 - MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE
O33 - MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\Shell\AutoRun\command - "" = M:\SETUP.EXE
O33 - MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\Shell\AutoRun\command - "" = X:\autorun.exe
O33 - MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\Shell\AutoRun\command - "" = Y:\autorun.exe
O33 - MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe
O33 - MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = H:\autoplay.exe
O33 - MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = K:\SETUP.EXE
O33 - MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = L:\CD_Start.exe
O33 - MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\Shell\AutoRun\command - "" = K:\setup.exe
O33 - MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\Shell\AutoRun\command - "" = J:\DNF.exe
O33 - MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\Shell\AutoRun\command - "" = K:\OriginInstaller.exe
O33 - MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\autoset.exe
O33 - MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\Shell\AutoRun\command - "" = G:\install.exe
O33 - MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = F:\METT-Program-Player.exe
O33 - MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\Shell\AutoRun\command - "" = Y:\autorun.exe
O33 - MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\Shell\AutoRun\command - "" = Z:\autorun.exe
O33 - MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\Shell\AutoRun\command - "" = V:\Autorun.exe
O33 - MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\Shell\AutoRun\command - "" = K:\Autorun.exe
O33 - MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = I:\Setup.exe
O33 - MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\setup.exe
O33 - MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = L:\CD_Start.exe
O33 - MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = V:\FalloutLauncher.exe
O33 - MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = W:\FalloutLauncher.exe
O33 - MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = X:\DE_Fallout_3_DLC.EXE
O33 - MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\Shell\AutoRun\command - "" = X:\AUTOSTARTER.EXE
O33 - MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\directx\command - "" = G:\Support\DirectX\DXSETUP.exe
O33 - MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\Shell\install\command - "" = G:\setup.exe
O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\directx\command - "" = G:\Support\DirectX\DXSETUP.exe
O33 - MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\Shell\install\command - "" = G:\setup.exe
O33 - MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\Shell\AutoRun\command - "" = D:\0data\cbs.exe -- [2012.05.14 14:28:10 | 003,430,400 | R--- |
M] ()
O33 - MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = H:\Setup.exe
O33 - MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = I:\CoDMW2.exe
O33 - MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = 1
O33 - MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\Shell\AutoRun\command - "" = 1
O33 - MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\Shell\AutoRun\command - "" = J:\StartUp.exe
O33 - MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\Shell\AutoRun\command - "" = I:\Setup.exe
O33 - MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\Shell\AutoRun\command - "" = H:\autoplay.exe
O33 - MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\Shell\AutoRun\command - "" = Z:\Setup.exe
O33 - MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\Shell\AutoRun\command - "" = F:\Autostart.exe
O33 - MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\Shell\AutoRun\command - "" = J:\steambackup2.EXE
O33 - MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\Shell\AutoRun\command - "" = J:\CD_Start.exe
O33 - MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\Shell\AutoRun\command - "" = H:\PanzerCorpsWehrmacht-SetupRelease-v103.exe
O33 - MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\Support\AutoRun\AutoRun.exe
O33 - MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\AUTOSTARTER.EXE
O33 - MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\Shell\AutoRun\command - "" = G:\StartHere.exe
O33 - MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\Shell\AutoRun\command - "" = L:\SETUP.EXE
O33 - MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe -auto
O33 - MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = K:\autorun.exe -auto
O33 - MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = L:\autorun.exe -auto
O33 - MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\Shell - "" = AutoRun
O33 - MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\Shell\AutoRun\command - "" = L:\autorun.exe -auto
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O4 - HKCU..\Run: [ASRockIES] File not found
O4 - HKCU..\Run: [zASRockInstantBoot] File not found
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.01.2013, 19:06
| #5 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Ok danke erstmal. Also ich hab das jetzt so gemacht, daraufhin hat er mir alle Symbole vom Desktop gewischt und dann neu gestartet. Ich poste jetzt gleich die Textdatei, aber ich wüßte schon gerne, was es für ein Problem gibt oder gab. - Man möchte ja informiert sein  Voe allem da ja Malware Bytes und die anderen nichts angezeigt haben. Wenn das also was größeres ist oder war dann würde mir das schon zu denen geben, denn das würde heißen, daß ich trotz all der Programme nicht ausreichend geschützt bin. Nun gut hier dann mal die Textdatei: All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01de29bc-b2dc-11e0-a4a1-0025223606c8}\ not found. File J:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04dc5fb6-5e49-11e1-818a-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04dc5fb6-5e49-11e1-818a-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04dc5fb6-5e49-11e1-818a-0025223606c8}\ not found. File G:\PzC-AfrikaKorps-SetupRelease-DE-v112.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff45385-da91-11df-a05d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff45385-da91-11df-a05d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff45385-da91-11df-a05d-0025223606c8}\ not found. File Z:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff45389-da91-11df-a05d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff45389-da91-11df-a05d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff45389-da91-11df-a05d-0025223606c8}\ not found. File Z:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fae8-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fae8-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fae8-d229-11df-a3da-0025223606c8}\ not found. File V:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fbe8-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fbe8-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fbe8-d229-11df-a3da-0025223606c8}\ not found. File V:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fd5d-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fd5d-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fd5d-d229-11df-a3da-0025223606c8}\ not found. File W:\autorun.exe -auto not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fd70-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fd70-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fd70-d229-11df-a3da-0025223606c8}\ not found. File W:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fdd3-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1717fdd3-d229-11df-a3da-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1717fdd3-d229-11df-a3da-0025223606c8}\ not found. File V:\AUTOSTARTER.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec14-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec14-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec14-0bf5-11e1-8526-0025223606c8}\ not found. File M:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec15-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec15-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec15-0bf5-11e1-8526-0025223606c8}\ not found. File M:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec16-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1892ec16-0bf5-11e1-8526-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1892ec16-0bf5-11e1-8526-0025223606c8}\ not found. File M:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b0aa9c3-d67d-11df-a831-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0aa9c3-d67d-11df-a831-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b0aa9c3-d67d-11df-a831-0025223606c8}\ not found. File X:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b0aab0b-d67d-11df-a831-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b0aab0b-d67d-11df-a831-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b0aab0b-d67d-11df-a831-0025223606c8}\ not found. File Y:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26606a75-e73b-11df-a90e-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26606a75-e73b-11df-a90e-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26606a75-e73b-11df-a90e-0025223606c8}\ not found. File G:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ not found. File G:\setup\rsrc\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2ba8e-21ee-11e0-9d20-0025223606c8}\ not found. File G:\Directx\dxsetup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2ba98-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2ba98-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2ba98-21ee-11e0-9d20-0025223606c8}\ not found. File H:\autoplay.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2baa1-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c2baa1-21ee-11e0-9d20-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26c2baa1-21ee-11e0-9d20-0025223606c8}\ not found. File H:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2f631f90-303b-11e0-a288-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f631f90-303b-11e0-a288-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2f631f90-303b-11e0-a288-0025223606c8}\ not found. File G:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fe53a4e-eb60-11df-8d01-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fe53a4e-eb60-11df-8d01-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fe53a4e-eb60-11df-8d01-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343cc8f7-dc30-11df-a4a6-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343cc8f7-dc30-11df-a4a6-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343cc8f7-dc30-11df-a4a6-0025223606c8}\ not found. File F:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343db5d5-f080-11df-a045-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343db5d5-f080-11df-a045-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343db5d5-f080-11df-a045-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34863e66-2cca-11e0-8c80-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34863e66-2cca-11e0-8c80-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34863e66-2cca-11e0-8c80-0025223606c8}\ not found. File J:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34863f2d-2cca-11e0-8c80-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34863f2d-2cca-11e0-8c80-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34863f2d-2cca-11e0-8c80-0025223606c8}\ not found. File K:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35ffec9e-ea78-11df-8853-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35ffec9e-ea78-11df-8853-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35ffec9e-ea78-11df-8853-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18a-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18a-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18a-f344-11e1-b20f-0025223606c8}\ not found. File K:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18b-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18b-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18b-f344-11e1-b20f-0025223606c8}\ not found. File L:\CD_Start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18c-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3710d18c-f344-11e1-b20f-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3710d18c-f344-11e1-b20f-0025223606c8}\ not found. File K:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3aaaf57d-ed41-11df-822d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3aaaf57d-ed41-11df-822d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3aaaf57d-ed41-11df-822d-0025223606c8}\ not found. File G:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43a494a1-a756-11e0-bc47-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43a494a1-a756-11e0-bc47-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43a494a1-a756-11e0-bc47-0025223606c8}\ not found. File J:\DNF.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44582417-0906-11e1-a30b-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44582417-0906-11e1-a30b-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44582417-0906-11e1-a30b-0025223606c8}\ not found. File K:\OriginInstaller.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4aac0b06-fee1-11e0-9fbe-0025223606c8}\ not found. File K:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d796292-a326-11e0-9da0-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d796292-a326-11e0-9da0-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d796292-a326-11e0-9da0-0025223606c8}\ not found. File I:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d796298-a326-11e0-9da0-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d796298-a326-11e0-9da0-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d796298-a326-11e0-9da0-0025223606c8}\ not found. File J:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3de3-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3de3-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3de3-2603-11e0-a8b8-0025223606c8}\ not found. File H:\autoset.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3de7-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3de7-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3de7-2603-11e0-a8b8-0025223606c8}\ not found. File H:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3dfa-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536a3dfa-2603-11e0-a8b8-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{536a3dfa-2603-11e0-a8b8-0025223606c8}\ not found. File H:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53c2b99a-562a-11e0-8504-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53c2b99a-562a-11e0-8504-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53c2b99a-562a-11e0-8504-0025223606c8}\ not found. File I:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5764886d-30f8-11e0-8da0-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5764886d-30f8-11e0-8da0-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5764886d-30f8-11e0-8da0-0025223606c8}\ not found. File G:\install.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0b4b-e4d1-11df-a39d-0025223606c8}\ not found. File F:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0b57-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0b57-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0b57-e4d1-11df-a39d-0025223606c8}\ not found. File F:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0bc4-e4d1-11df-a39d-0025223606c8}\ not found. File F:\METT-Program-Player.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0be2-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5efd0be2-e4d1-11df-a39d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5efd0be2-e4d1-11df-a39d-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f5f12c-d751-11df-9fb8-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f5f12c-d751-11df-9fb8-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f5f12c-d751-11df-9fb8-0025223606c8}\ not found. File Y:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f5f13a-d751-11df-9fb8-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f5f13a-d751-11df-9fb8-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f5f13a-d751-11df-9fb8-0025223606c8}\ not found. File Z:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6daf07c8-d14b-11df-9578-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6daf07c8-d14b-11df-9578-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6daf07c8-d14b-11df-9578-0025223606c8}\ not found. File V:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74763719-ff9c-11e0-8a17-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74763719-ff9c-11e0-8a17-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74763719-ff9c-11e0-8a17-0025223606c8}\ not found. File K:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c994d-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c994d-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c994d-1509-11e1-a9b1-0025223606c8}\ not found. File I:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9954-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9954-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9954-1509-11e1-a9b1-0025223606c8}\ not found. File K:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9957-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9957-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9957-1509-11e1-a9b1-0025223606c8}\ not found. File L:\CD_Start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c995f-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c995f-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c995f-1509-11e1-a9b1-0025223606c8}\ not found. File K:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9961-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{784c9961-1509-11e1-a9b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{784c9961-1509-11e1-a9b1-0025223606c8}\ not found. File K:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a959d-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a959d-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a959d-d496-11df-a13a-0025223606c8}\ not found. File V:\FalloutLauncher.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95a4-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95a4-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95a4-d496-11df-a13a-0025223606c8}\ not found. File W:\FalloutLauncher.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95a8-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95a8-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95a8-d496-11df-a13a-0025223606c8}\ not found. File X:\DE_Fallout_3_DLC.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95c5-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a5a95c5-d496-11df-a13a-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a5a95c5-d496-11df-a13a-0025223606c8}\ not found. File X:\AUTOSTARTER.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80eb2a54-f573-11df-9f0f-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80eb2a54-f573-11df-9f0f-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80eb2a54-f573-11df-9f0f-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. File G:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. File G:\Support\DirectX\DXSETUP.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898305f5-e8cf-11df-ac70-0025223606c8}\ not found. File G:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. File G:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. File G:\Support\DirectX\DXSETUP.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830608-e8cf-11df-ac70-0025223606c8}\ not found. File G:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830643-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89830643-e8cf-11df-ac70-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{89830643-e8cf-11df-ac70-0025223606c8}\ not found. File G:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a22f969-ba79-11df-8b69-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a22f969-ba79-11df-8b69-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a22f969-ba79-11df-8b69-806e6f6e6963}\ not found. File move failed. D:\0data\cbs.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8c6b16c0-31cd-11e0-b923-806e6f6e6963}\ not found. File H:\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868d4-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868d4-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868d4-26d9-11e0-abf3-0025223606c8}\ not found. File H:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868f6-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868f6-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868f6-26d9-11e0-abf3-0025223606c8}\ not found. File I:\CoDMW2.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868f9-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868f9-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868f9-26d9-11e0-abf3-0025223606c8}\ not found. File 1 not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868fd-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{900868fd-26d9-11e0-abf3-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{900868fd-26d9-11e0-abf3-0025223606c8}\ not found. File 1 not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94fbcc79-cbba-11e0-88d9-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94fbcc79-cbba-11e0-88d9-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94fbcc79-cbba-11e0-88d9-0025223606c8}\ not found. File J:\StartUp.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fd86f97-98a2-11e0-b0ae-0025223606c8}\ not found. File I:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2c8e10c-ec46-11df-bf85-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2c8e10c-ec46-11df-bf85-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2c8e10c-ec46-11df-bf85-0025223606c8}\ not found. File G:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7584c5e-22c8-11e0-9eaa-0025223606c8}\ not found. File H:\autoplay.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a752ff-2887-11e0-959e-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a752ff-2887-11e0-959e-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a752ff-2887-11e0-959e-0025223606c8}\ not found. File J:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a75307-2887-11e0-959e-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a75307-2887-11e0-959e-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1a75307-2887-11e0-959e-0025223606c8}\ not found. File J:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b99b43d5-d8e9-11df-b931-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b99b43d5-d8e9-11df-b931-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b99b43d5-d8e9-11df-b931-0025223606c8}\ not found. File Z:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be6aaa49-f5a9-11df-b009-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be6aaa49-f5a9-11df-b009-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be6aaa49-f5a9-11df-b009-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf78c0ff-deb1-11df-a636-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf78c0ff-deb1-11df-a636-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf78c0ff-deb1-11df-a636-0025223606c8}\ not found. File F:\Autostart.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c0a93676-d895-11e0-b6b1-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0a93676-d895-11e0-b6b1-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c0a93676-d895-11e0-b6b1-0025223606c8}\ not found. File J:\steambackup2.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44fbbcb-0c39-11e0-a490-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c44fbbcb-0c39-11e0-a490-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44fbbcb-0c39-11e0-a490-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44fbbcc-0c39-11e0-a490-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c44fbbcc-0c39-11e0-a490-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44fbbcc-0c39-11e0-a490-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c49228af-279e-11e0-b7aa-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c49228af-279e-11e0-b7aa-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c49228af-279e-11e0-b7aa-0025223606c8}\ not found. File J:\CD_Start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cefebe40-080b-11e2-acfe-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cefebe40-080b-11e2-acfe-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cefebe40-080b-11e2-acfe-806e6f6e6963}\ not found. File H:\PanzerCorpsWehrmacht-SetupRelease-v103.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf7431ba-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7431ba-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf7431ba-e3d8-11df-aba6-0025223606c8}\ not found. File F:\Support\AutoRun\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf7431d9-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7431d9-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf7431d9-e3d8-11df-aba6-0025223606c8}\ not found. File F:\AUTOSTARTER.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf743207-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf743207-e3d8-11df-aba6-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf743207-e3d8-11df-aba6-0025223606c8}\ not found. File F:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d62d4c66-e131-11df-9b6d-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d62d4c66-e131-11df-9b6d-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d62d4c66-e131-11df-9b6d-0025223606c8}\ not found. File F:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d990bcfe-1394-11e0-8096-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d990bcfe-1394-11e0-8096-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d990bcfe-1394-11e0-8096-0025223606c8}\ not found. File G:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deea389e-0070-11e0-9d93-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deea389e-0070-11e0-9d93-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{deea389e-0070-11e0-9d93-0025223606c8}\ not found. File G:\StartHere.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1287832-6295-11e1-9141-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1287832-6295-11e1-9141-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1287832-6295-11e1-9141-0025223606c8}\ not found. File L:\SETUP.EXE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351052-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351052-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351052-2954-11e0-8dad-0025223606c8}\ not found. File J:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351053-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351053-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351053-2954-11e0-8dad-0025223606c8}\ not found. File J:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351054-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6351054-2954-11e0-8dad-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6351054-2954-11e0-8dad-0025223606c8}\ not found. File J:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd64aaec-e652-11df-a6a5-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd64aaec-e652-11df-a6a5-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd64aaec-e652-11df-a6a5-0025223606c8}\ not found. File G:\Setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fe1a5ef3-3b09-11e0-add5-0025223606c8}\ not found. File I:\Autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b05e-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b05e-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b05e-2db9-11e0-b238-0025223606c8}\ not found. File K:\autorun.exe -auto not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b060-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b060-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b060-2db9-11e0-b238-0025223606c8}\ not found. File K:\autorun.exe -auto not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b061-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b061-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b061-2db9-11e0-b238-0025223606c8}\ not found. File L:\autorun.exe -auto not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b068-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fff1b068-2db9-11e0-b238-0025223606c8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fff1b068-2db9-11e0-b238-0025223606c8}\ not found. File L:\autorun.exe -auto not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockIES deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 56466 bytes User: Default User ->Flash cache emptied: 0 bytes User: *** ->Flash cache emptied: 81281 bytes User: Public User: Spiele User: UpdatusUser ->Flash cache emptied: 41620 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: *** ->Temp folder emptied: 132934397 bytes ->Temporary Internet Files folder emptied: 4173786 bytes ->Java cache emptied: 30344373 bytes ->FireFox cache emptied: 445438927 bytes ->Google Chrome cache emptied: 6240368 bytes ->Flash cache emptied: 0 bytes User: Public User: Spiele User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1869672 bytes %systemroot%\System32 .tmp files removed: 3238240 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 91081917 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 682,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 01102013_185726 Files\Folders moved on Reboot... File move failed. D:\0data\cbs.exe scheduled to be moved on reboot. File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
10.01.2013, 19:08
| #6 |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hi ist ja auch quatsch, sich viele sicherheitsprogramme zu instalieren, bei ner vernünftigen Konfig reicht 1 aus. bisher siehts nach Adware aus. download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? |
|
10.01.2013, 19:19
| #7 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Ok, also ich habe das jetzt genau so gemacht. Allerdings hieß die Option bei mir " Verify file digital signatures " anstatt Driver. So hier das Log: 19:12:22.0936 1352 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 19:12:23.0186 1352 ============================================================ 19:12:23.0186 1352 Current date / time: 2013/01/10 19:12:23.0186 19:12:23.0186 1352 SystemInfo: 19:12:23.0186 1352 19:12:23.0186 1352 OS Version: 6.1.7601 ServicePack: 1.0 19:12:23.0186 1352 Product type: Workstation 19:12:23.0186 1352 ComputerName: ***-PC 19:12:23.0186 1352 UserName: *** 19:12:23.0186 1352 Windows directory: C:\Windows 19:12:23.0186 1352 System windows directory: C:\Windows 19:12:23.0186 1352 Processor architecture: Intel x86 19:12:23.0186 1352 Number of processors: 4 19:12:23.0186 1352 Page size: 0x1000 19:12:23.0186 1352 Boot type: Normal boot 19:12:23.0186 1352 ============================================================ 19:12:24.0657 1352 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050 19:12:24.0657 1352 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:12:25.0047 1352 ============================================================ 19:12:25.0047 1352 \Device\Harddisk0\DR0: 19:12:25.0141 1352 MBR partitions: 19:12:25.0141 1352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:12:25.0141 1352 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800 19:12:25.0141 1352 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x2E035000 19:12:25.0141 1352 \Device\Harddisk1\DR1: 19:12:25.0141 1352 MBR partitions: 19:12:25.0141 1352 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000 19:12:25.0141 1352 ============================================================ 19:12:25.0219 1352 C: <-> \Device\Harddisk0\DR0\Partition2 19:12:25.0313 1352 E: <-> \Device\Harddisk0\DR0\Partition3 19:12:25.0360 1352 F: <-> \Device\Harddisk1\DR1\Partition1 19:12:25.0360 1352 ============================================================ 19:12:25.0360 1352 Initialize success 19:12:25.0360 1352 ============================================================ 19:13:43.0149 2908 ============================================================ 19:13:43.0149 2908 Scan started 19:13:43.0149 2908 Mode: Manual; SigCheck; TDLFS; 19:13:43.0149 2908 ============================================================ 19:13:44.0104 2908 ================ Scan system memory ======================== 19:13:44.0104 2908 System memory - ok 19:13:44.0104 2908 ================ Scan services ============================= 19:13:44.0229 2908 1394hub - ok 19:13:44.0260 2908 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:13:44.0338 2908 1394ohci - ok 19:13:44.0401 2908 [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys 19:13:44.0416 2908 acedrv11 - ok 19:13:44.0448 2908 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:13:44.0463 2908 ACPI - ok 19:13:44.0495 2908 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:13:44.0510 2908 AcpiPmi - ok 19:13:44.0526 2908 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:13:44.0541 2908 adp94xx - ok 19:13:44.0557 2908 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:13:44.0573 2908 adpahci - ok 19:13:44.0588 2908 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:13:44.0588 2908 adpu320 - ok 19:13:44.0620 2908 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:13:44.0651 2908 AeLookupSvc - ok 19:13:44.0713 2908 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 19:13:44.0729 2908 AFD - ok 19:13:44.0760 2908 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 19:13:44.0760 2908 agp440 - ok 19:13:44.0776 2908 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 19:13:44.0776 2908 aic78xx - ok 19:13:44.0839 2908 [ C3E7AC2EB8B1BAA98BC4E5DBCF934964 ] aksfridge C:\Windows\system32\drivers\aksfridge.sys 19:13:44.0855 2908 aksfridge - ok 19:13:44.0886 2908 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 19:13:44.0902 2908 ALG - ok 19:13:44.0933 2908 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 19:13:44.0933 2908 aliide - ok 19:13:44.0996 2908 ALSysIO - ok 19:13:45.0027 2908 [ 6F7E2797E9E61A8541FAC7C0AE04186A ] AMBFilt C:\Windows\system32\drivers\AMBFilt.sys 19:13:45.0042 2908 Suspicious file (Forged): C:\Windows\system32\drivers\AMBFilt.sys. Real md5: 6F7E2797E9E61A8541FAC7C0AE04186A, Fake md5: 51D8841FB826C4450B36350882EF8F4F 19:13:45.0042 2908 AMBFilt ( ForgedFile.Multi.Generic ) - warning 19:13:45.0042 2908 AMBFilt - detected ForgedFile.Multi.Generic (1) 19:13:45.0074 2908 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 19:13:45.0074 2908 amdagp - ok 19:13:45.0089 2908 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 19:13:45.0105 2908 amdide - ok 19:13:45.0136 2908 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:13:45.0152 2908 AmdK8 - ok 19:13:45.0199 2908 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys 19:13:45.0199 2908 AmdLLD - ok 19:13:45.0230 2908 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:13:45.0246 2908 AmdPPM - ok 19:13:45.0292 2908 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:13:45.0292 2908 amdsata - ok 19:13:45.0308 2908 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:13:45.0324 2908 amdsbs - ok 19:13:45.0339 2908 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:13:45.0355 2908 amdxata - ok 19:13:45.0386 2908 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 19:13:45.0417 2908 AppID - ok 19:13:45.0433 2908 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:13:45.0449 2908 AppIDSvc - ok 19:13:45.0480 2908 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 19:13:45.0496 2908 Appinfo - ok 19:13:45.0574 2908 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:13:45.0589 2908 Apple Mobile Device - ok 19:13:45.0605 2908 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 19:13:45.0621 2908 arc - ok 19:13:45.0636 2908 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:13:45.0636 2908 arcsas - ok 19:13:45.0730 2908 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 19:13:45.0746 2908 aspnet_state - ok 19:13:45.0761 2908 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:13:45.0792 2908 AsyncMac - ok 19:13:45.0825 2908 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 19:13:45.0825 2908 atapi - ok 19:13:45.0856 2908 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 19:13:45.0856 2908 AtiPcie - ok 19:13:45.0887 2908 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys 19:13:45.0903 2908 atksgt - ok 19:13:45.0934 2908 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:13:45.0965 2908 AudioEndpointBuilder - ok 19:13:45.0965 2908 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 19:13:45.0997 2908 Audiosrv - ok 19:13:46.0028 2908 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:13:46.0059 2908 AxInstSV - ok 19:13:46.0075 2908 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 19:13:46.0090 2908 b06bdrv - ok 19:13:46.0106 2908 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 19:13:46.0122 2908 b57nd60x - ok 19:13:46.0122 2908 [ 40D011F2B2E737E51AE8D2172664C095 ] BazisVirtualCDBus C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys 19:13:46.0137 2908 BazisVirtualCDBus - ok 19:13:46.0168 2908 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 19:13:46.0200 2908 BDESVC - ok 19:13:46.0215 2908 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 19:13:46.0247 2908 Beep - ok 19:13:46.0278 2908 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 19:13:46.0325 2908 BFE - ok 19:13:46.0512 2908 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130107.001\BHDrvx86.sys 19:13:46.0528 2908 BHDrvx86 - ok 19:13:46.0575 2908 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 19:13:46.0606 2908 BITS - ok 19:13:46.0606 2908 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:13:46.0622 2908 blbdrive - ok 19:13:46.0653 2908 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:13:46.0653 2908 bowser - ok 19:13:46.0668 2908 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:13:46.0684 2908 BrFiltLo - ok 19:13:46.0700 2908 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:13:46.0731 2908 BrFiltUp - ok 19:13:46.0762 2908 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 19:13:46.0778 2908 Browser - ok 19:13:46.0793 2908 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:13:46.0809 2908 Brserid - ok 19:13:46.0826 2908 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:13:46.0857 2908 BrSerWdm - ok 19:13:46.0857 2908 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:13:46.0873 2908 BrUsbMdm - ok 19:13:46.0888 2908 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:13:46.0888 2908 BrUsbSer - ok 19:13:46.0904 2908 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:13:46.0919 2908 BTHMODEM - ok 19:13:46.0966 2908 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 19:13:46.0982 2908 bthserv - ok 19:13:47.0076 2908 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\Windows\system32\drivers\NIS\1402000.013\ccSetx86.sys 19:13:47.0076 2908 ccSet_NIS - ok 19:13:47.0091 2908 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:13:47.0123 2908 cdfs - ok 19:13:47.0154 2908 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:13:47.0169 2908 cdrom - ok 19:13:47.0201 2908 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 19:13:47.0232 2908 CertPropSvc - ok 19:13:47.0248 2908 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:13:47.0263 2908 circlass - ok 19:13:47.0279 2908 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 19:13:47.0294 2908 CLFS - ok 19:13:47.0341 2908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:13:47.0357 2908 clr_optimization_v2.0.50727_32 - ok 19:13:47.0404 2908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:13:47.0419 2908 clr_optimization_v4.0.30319_32 - ok 19:13:47.0419 2908 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:13:47.0435 2908 CmBatt - ok 19:13:47.0451 2908 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:13:47.0466 2908 cmdide - ok 19:13:47.0498 2908 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 19:13:47.0513 2908 CNG - ok 19:13:47.0529 2908 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:13:47.0529 2908 Compbatt - ok 19:13:47.0576 2908 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 19:13:47.0591 2908 CompositeBus - ok 19:13:47.0607 2908 COMSysApp - ok 19:13:47.0623 2908 cpuz130 - ok 19:13:47.0638 2908 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:13:47.0654 2908 crcdisk - ok 19:13:47.0701 2908 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:13:47.0716 2908 CryptSvc - ok 19:13:47.0748 2908 [ D491F164E6D5EBACBB73E0F85D47E9D9 ] CTL511Plus C:\Windows\system32\DRIVERS\webc3vid.sys 19:13:47.0779 2908 CTL511Plus - ok 19:13:47.0810 2908 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 19:13:47.0842 2908 DcomLaunch - ok 19:13:47.0858 2908 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 19:13:47.0921 2908 defragsvc - ok 19:13:47.0953 2908 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:13:47.0968 2908 DfsC - ok 19:13:48.0015 2908 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 19:13:48.0046 2908 Dhcp - ok 19:13:48.0062 2908 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 19:13:48.0093 2908 discache - ok 19:13:48.0109 2908 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:13:48.0125 2908 Disk - ok 19:13:48.0140 2908 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:13:48.0171 2908 Dnscache - ok 19:13:48.0203 2908 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 19:13:48.0218 2908 dot3svc - ok 19:13:48.0250 2908 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 19:13:48.0281 2908 DPS - ok 19:13:48.0312 2908 [ 5F6B9858815DA69146A0249D4E83C8FD ] DragonSvc C:\Program Files\Common Files\Nuance\dgnsvc.exe 19:13:48.0328 2908 DragonSvc - ok 19:13:48.0359 2908 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:13:48.0375 2908 drmkaud - ok 19:13:48.0406 2908 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:13:48.0421 2908 DXGKrnl - ok 19:13:48.0437 2908 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 19:13:48.0468 2908 EapHost - ok 19:13:48.0515 2908 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 19:13:48.0578 2908 ebdrv - ok 19:13:48.0625 2908 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 19:13:48.0640 2908 eeCtrl - ok 19:13:48.0671 2908 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 19:13:48.0687 2908 EFS - ok 19:13:48.0750 2908 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:13:48.0765 2908 ehRecvr - ok 19:13:48.0781 2908 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 19:13:48.0796 2908 ehSched - ok 19:13:48.0843 2908 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 19:13:48.0843 2908 ElbyCDIO - ok 19:13:48.0875 2908 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:13:48.0891 2908 elxstor - ok 19:13:48.0922 2908 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 19:13:48.0938 2908 EraserUtilRebootDrv - ok 19:13:48.0954 2908 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:13:48.0969 2908 ErrDev - ok 19:13:49.0000 2908 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 19:13:49.0047 2908 EventSystem - ok 19:13:49.0047 2908 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 19:13:49.0079 2908 exfat - ok 19:13:49.0094 2908 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:13:49.0110 2908 fastfat - ok 19:13:49.0157 2908 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 19:13:49.0188 2908 Fax - ok 19:13:49.0188 2908 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:13:49.0204 2908 fdc - ok 19:13:49.0204 2908 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 19:13:49.0235 2908 fdPHost - ok 19:13:49.0250 2908 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 19:13:49.0282 2908 FDResPub - ok 19:13:49.0297 2908 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:13:49.0297 2908 FileInfo - ok 19:13:49.0313 2908 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:13:49.0344 2908 Filetrace - ok 19:13:49.0407 2908 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 19:13:49.0422 2908 FLEXnet Licensing Service - ok 19:13:49.0438 2908 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:13:49.0454 2908 flpydisk - ok 19:13:49.0469 2908 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:13:49.0485 2908 FltMgr - ok 19:13:49.0516 2908 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 19:13:49.0547 2908 FontCache - ok 19:13:49.0594 2908 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 19:13:49.0594 2908 FontCache3.0.0.0 - ok 19:13:49.0610 2908 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:13:49.0625 2908 FsDepends - ok 19:13:49.0657 2908 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:13:49.0657 2908 Fs_Rec - ok 19:13:49.0704 2908 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:13:49.0719 2908 fvevol - ok 19:13:49.0735 2908 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:13:49.0750 2908 gagp30kx - ok 19:13:49.0766 2908 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 19:13:49.0797 2908 gpsvc - ok 19:13:49.0923 2908 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 19:13:49.0923 2908 gupdate - ok 19:13:49.0939 2908 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 19:13:49.0939 2908 gupdatem - ok 19:13:49.0970 2908 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 19:13:49.0986 2908 hamachi - ok 19:13:50.0033 2908 [ 506097D91E96AEE4BAD61800782E8FB6 ] hardlock C:\Windows\system32\drivers\hardlock.sys 19:13:50.0048 2908 hardlock - ok 19:13:50.0048 2908 hasplms - ok 19:13:50.0048 2908 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:13:50.0064 2908 hcw85cir - ok 19:13:50.0095 2908 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:13:50.0126 2908 HdAudAddService - ok 19:13:50.0142 2908 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 19:13:50.0173 2908 HDAudBus - ok 19:13:50.0189 2908 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:13:50.0205 2908 HidBatt - ok 19:13:50.0220 2908 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:13:50.0236 2908 HidBth - ok 19:13:50.0251 2908 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:13:50.0283 2908 HidIr - ok 19:13:50.0298 2908 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 19:13:50.0330 2908 hidserv - ok 19:13:50.0345 2908 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:13:50.0361 2908 HidUsb - ok 19:13:50.0392 2908 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:13:50.0423 2908 hkmsvc - ok 19:13:50.0470 2908 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:13:50.0486 2908 HomeGroupListener - ok 19:13:50.0517 2908 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:13:50.0548 2908 HomeGroupProvider - ok 19:13:50.0642 2908 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 19:13:50.0658 2908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 19:13:50.0658 2908 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 19:13:50.0673 2908 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 19:13:50.0689 2908 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 19:13:50.0689 2908 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 19:13:50.0736 2908 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:13:50.0751 2908 HpSAMD - ok 19:13:50.0783 2908 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:13:50.0814 2908 HTTP - ok 19:13:50.0830 2908 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:13:50.0845 2908 hwpolicy - ok 19:13:50.0876 2908 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:13:50.0909 2908 i8042prt - ok 19:13:50.0940 2908 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:13:50.0956 2908 iaStorV - ok 19:13:50.0987 2908 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:13:51.0018 2908 idsvc - ok 19:13:51.0096 2908 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130109.001\IDSvix86.sys 19:13:51.0112 2908 IDSVix86 - ok 19:13:51.0127 2908 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:13:51.0143 2908 iirsp - ok 19:13:51.0174 2908 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 19:13:51.0206 2908 IKEEXT - ok 19:13:51.0221 2908 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 19:13:51.0237 2908 intelide - ok 19:13:51.0237 2908 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:13:51.0284 2908 intelppm - ok 19:13:51.0299 2908 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:13:51.0315 2908 IPBusEnum - ok 19:13:51.0331 2908 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:13:51.0362 2908 IpFilterDriver - ok 19:13:51.0393 2908 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:13:51.0409 2908 iphlpsvc - ok 19:13:51.0440 2908 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:13:51.0440 2908 IPMIDRV - ok 19:13:51.0456 2908 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:13:51.0487 2908 IPNAT - ok 19:13:51.0502 2908 [ 9F7E491FB0BA0F9E370163834FC1FE31 ] irda C:\Windows\system32\DRIVERS\irda.sys 19:13:51.0518 2908 irda - ok 19:13:51.0534 2908 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:13:51.0549 2908 IRENUM - ok 19:13:51.0549 2908 [ 4220D2F03D5C4226D0A1AA4B84025E45 ] Irmon C:\Windows\System32\irmon.dll 19:13:51.0565 2908 Irmon - ok 19:13:51.0581 2908 [ 5896B5FF6332AB2BE1582523E9656A67 ] irsir C:\Windows\system32\DRIVERS\irsir.sys 19:13:51.0596 2908 irsir - ok 19:13:51.0627 2908 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:13:51.0643 2908 isapnp - ok 19:13:51.0643 2908 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:13:51.0659 2908 iScsiPrt - ok 19:13:51.0690 2908 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:13:51.0690 2908 kbdclass - ok 19:13:51.0721 2908 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:13:51.0737 2908 kbdhid - ok 19:13:51.0752 2908 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 19:13:51.0768 2908 KeyIso - ok 19:13:51.0784 2908 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:13:51.0799 2908 KSecDD - ok 19:13:51.0831 2908 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:13:51.0846 2908 KSecPkg - ok 19:13:51.0862 2908 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 19:13:51.0910 2908 KtmRm - ok 19:13:51.0941 2908 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 19:13:51.0989 2908 LanmanServer - ok 19:13:51.0989 2908 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:13:52.0020 2908 LanmanWorkstation - ok 19:13:52.0036 2908 [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:13:52.0051 2908 LHidFilt - ok 19:13:52.0083 2908 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys 19:13:52.0098 2908 lirsgt - ok 19:13:52.0129 2908 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:13:52.0161 2908 lltdio - ok 19:13:52.0176 2908 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:13:52.0192 2908 lltdsvc - ok 19:13:52.0208 2908 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 19:13:52.0223 2908 lmhosts - ok 19:13:52.0223 2908 [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:13:52.0239 2908 LMouFilt - ok 19:13:52.0254 2908 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:13:52.0270 2908 LSI_FC - ok 19:13:52.0270 2908 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:13:52.0286 2908 LSI_SAS - ok 19:13:52.0301 2908 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:13:52.0301 2908 LSI_SAS2 - ok 19:13:52.0317 2908 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:13:52.0333 2908 LSI_SCSI - ok 19:13:52.0348 2908 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 19:13:52.0379 2908 luafv - ok 19:13:52.0411 2908 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys 19:13:52.0426 2908 MarvinBus ( UnsignedFile.Multi.Generic ) - warning 19:13:52.0426 2908 MarvinBus - detected UnsignedFile.Multi.Generic (1) 19:13:52.0473 2908 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:13:52.0473 2908 Mcx2Svc - ok 19:13:52.0489 2908 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:13:52.0504 2908 megasas - ok 19:13:52.0504 2908 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:13:52.0520 2908 MegaSR - ok 19:13:52.0551 2908 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 19:13:52.0567 2908 MMCSS - ok 19:13:52.0583 2908 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 19:13:52.0614 2908 Modem - ok 19:13:52.0645 2908 [ 23C13A9579D4CC04B41CFA2A22213E77 ] MonFilt C:\Windows\system32\drivers\MonFilt.sys 19:13:52.0645 2908 Suspicious file (Forged): C:\Windows\system32\drivers\MonFilt.sys. Real md5: 23C13A9579D4CC04B41CFA2A22213E77, Fake md5: 27AE46A9E30F50A6BFA6198E51000357 19:13:52.0645 2908 MonFilt ( ForgedFile.Multi.Generic ) - warning 19:13:52.0645 2908 MonFilt - detected ForgedFile.Multi.Generic (1) 19:13:52.0676 2908 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:13:52.0692 2908 monitor - ok 19:13:52.0739 2908 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:13:52.0739 2908 mouclass - ok 19:13:52.0754 2908 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:13:52.0754 2908 mouhid - ok 19:13:52.0786 2908 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:13:52.0801 2908 mountmgr - ok 19:13:52.0848 2908 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 19:13:52.0848 2908 MozillaMaintenance - ok 19:13:52.0879 2908 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 19:13:52.0895 2908 mpio - ok 19:13:52.0911 2908 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:13:52.0943 2908 mpsdrv - ok 19:13:52.0974 2908 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:13:53.0021 2908 MpsSvc - ok 19:13:53.0052 2908 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:13:53.0068 2908 MRxDAV - ok 19:13:53.0115 2908 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:13:53.0130 2908 mrxsmb - ok 19:13:53.0162 2908 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:13:53.0177 2908 mrxsmb10 - ok 19:13:53.0193 2908 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:13:53.0193 2908 mrxsmb20 - ok 19:13:53.0208 2908 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 19:13:53.0224 2908 msahci - ok 19:13:53.0240 2908 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:13:53.0240 2908 msdsm - ok 19:13:53.0271 2908 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 19:13:53.0287 2908 MSDTC - ok 19:13:53.0302 2908 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:13:53.0333 2908 Msfs - ok 19:13:53.0333 2908 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:13:53.0349 2908 mshidkmdf - ok 19:13:53.0380 2908 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:13:53.0396 2908 msisadrv - ok 19:13:53.0412 2908 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:13:53.0443 2908 MSiSCSI - ok 19:13:53.0443 2908 msiserver - ok 19:13:53.0474 2908 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:13:53.0505 2908 MSKSSRV - ok 19:13:53.0521 2908 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:13:53.0552 2908 MSPCLOCK - ok 19:13:53.0568 2908 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:13:53.0583 2908 MSPQM - ok 19:13:53.0615 2908 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:13:53.0630 2908 MsRPC - ok 19:13:53.0646 2908 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 19:13:53.0662 2908 mssmbios - ok 19:13:53.0662 2908 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:13:53.0693 2908 MSTEE - ok 19:13:53.0693 2908 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:13:53.0708 2908 MTConfig - ok 19:13:53.0708 2908 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 19:13:53.0724 2908 Mup - ok 19:13:53.0755 2908 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 19:13:53.0771 2908 napagent - ok 19:13:53.0802 2908 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:13:53.0818 2908 NativeWifiP - ok 19:13:53.0912 2908 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130109.040\NAVENG.SYS 19:13:53.0912 2908 NAVENG - ok 19:13:53.0975 2908 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130109.040\NAVEX15.SYS 19:13:54.0006 2908 NAVEX15 - ok 19:13:54.0038 2908 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:13:54.0069 2908 NDIS - ok 19:13:54.0069 2908 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:13:54.0100 2908 NdisCap - ok 19:13:54.0131 2908 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:13:54.0147 2908 NdisTapi - ok 19:13:54.0194 2908 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:13:54.0209 2908 Ndisuio - ok 19:13:54.0241 2908 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:13:54.0272 2908 NdisWan - ok 19:13:54.0288 2908 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:13:54.0319 2908 NDProxy - ok 19:13:54.0350 2908 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 19:13:54.0366 2908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 19:13:54.0366 2908 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 19:13:54.0381 2908 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:13:54.0397 2908 NetBIOS - ok 19:13:54.0444 2908 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:13:54.0475 2908 NetBT - ok 19:13:54.0491 2908 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 19:13:54.0491 2908 Netlogon - ok 19:13:54.0522 2908 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 19:13:54.0569 2908 Netman - ok 19:13:54.0600 2908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:13:54.0600 2908 NetMsmqActivator - ok 19:13:54.0600 2908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:13:54.0616 2908 NetPipeActivator - ok 19:13:54.0647 2908 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 19:13:54.0678 2908 netprofm - ok 19:13:54.0678 2908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:13:54.0694 2908 NetTcpActivator - ok 19:13:54.0694 2908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 19:13:54.0709 2908 NetTcpPortSharing - ok 19:13:54.0725 2908 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:13:54.0725 2908 nfrd960 - ok 19:13:54.0803 2908 [ 4A9258B9597A31DB68EC9740F3A8A70B ] NIS C:\Program Files\Norton Internet Security CBE\Engine\20.2.0.19\ccSvcHst.exe 19:13:54.0819 2908 NIS - ok 19:13:54.0850 2908 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 19:13:54.0866 2908 NlaSvc - ok 19:13:54.0897 2908 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:13:54.0913 2908 Npfs - ok 19:13:54.0928 2908 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 19:13:54.0944 2908 nsi - ok 19:13:54.0961 2908 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:13:54.0993 2908 nsiproxy - ok 19:13:55.0040 2908 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:13:55.0055 2908 Ntfs - ok 19:13:55.0071 2908 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 19:13:55.0102 2908 Null - ok 19:13:55.0133 2908 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 19:13:55.0149 2908 NVHDA - ok 19:13:55.0305 2908 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:13:55.0430 2908 nvlddmkm - ok 19:13:55.0477 2908 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:13:55.0477 2908 nvraid - ok 19:13:55.0524 2908 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:13:55.0540 2908 nvstor - ok 19:13:55.0586 2908 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe 19:13:55.0618 2908 nvsvc - ok 19:13:55.0665 2908 [ 61FF84F865B4414EFDC11856BF5757AD ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:13:55.0696 2908 nvUpdatusService - ok 19:13:55.0727 2908 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:13:55.0727 2908 nv_agp - ok 19:13:55.0758 2908 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:13:55.0790 2908 ohci1394 - ok 19:13:55.0805 2908 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:13:55.0821 2908 p2pimsvc - ok 19:13:55.0836 2908 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 19:13:55.0852 2908 p2psvc - ok 19:13:55.0868 2908 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:13:55.0899 2908 Parport - ok 19:13:55.0915 2908 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:13:55.0930 2908 partmgr - ok 19:13:55.0946 2908 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 19:13:55.0961 2908 Parvdm - ok 19:13:55.0961 2908 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:13:55.0994 2908 PcaSvc - ok 19:13:56.0026 2908 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 19:13:56.0041 2908 pci - ok 19:13:56.0041 2908 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 19:13:56.0057 2908 pciide - ok 19:13:56.0073 2908 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:13:56.0088 2908 pcmcia - ok 19:13:56.0088 2908 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 19:13:56.0104 2908 pcw - ok 19:13:56.0120 2908 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:13:56.0166 2908 PEAUTH - ok 19:13:56.0213 2908 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 19:13:56.0260 2908 pla - ok 19:13:56.0291 2908 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:13:56.0323 2908 PlugPlay - ok 19:13:56.0354 2908 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 19:13:56.0370 2908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 19:13:56.0370 2908 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 19:13:56.0401 2908 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe 19:13:56.0416 2908 PnkBstrA - ok 19:13:56.0432 2908 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:13:56.0463 2908 PNRPAutoReg - ok 19:13:56.0463 2908 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:13:56.0479 2908 PNRPsvc - ok 19:13:56.0495 2908 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:13:56.0526 2908 PolicyAgent - ok 19:13:56.0557 2908 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 19:13:56.0573 2908 Power - ok 19:13:56.0588 2908 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:13:56.0620 2908 PptpMiniport - ok 19:13:56.0620 2908 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:13:56.0635 2908 Processor - ok 19:13:56.0651 2908 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 19:13:56.0666 2908 ProfSvc - ok 19:13:56.0666 2908 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:13:56.0682 2908 ProtectedStorage - ok 19:13:56.0682 2908 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:13:56.0713 2908 Psched - ok 19:13:56.0745 2908 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:13:56.0776 2908 ql2300 - ok 19:13:56.0791 2908 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:13:56.0807 2908 ql40xx - ok 19:13:56.0807 2908 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 19:13:56.0838 2908 QWAVE - ok 19:13:56.0854 2908 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:13:56.0870 2908 QWAVEdrv - ok 19:13:56.0885 2908 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:13:56.0901 2908 RasAcd - ok 19:13:56.0916 2908 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:13:56.0948 2908 RasAgileVpn - ok 19:13:56.0948 2908 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 19:13:56.0963 2908 RasAuto - ok 19:13:56.0979 2908 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:13:57.0011 2908 Rasl2tp - ok 19:13:57.0042 2908 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 19:13:57.0074 2908 RasMan - ok 19:13:57.0074 2908 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:13:57.0089 2908 RasPppoe - ok 19:13:57.0121 2908 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:13:57.0136 2908 RasSstp - ok 19:13:57.0167 2908 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:13:57.0199 2908 rdbss - ok 19:13:57.0199 2908 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:13:57.0214 2908 rdpbus - ok 19:13:57.0246 2908 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:13:57.0277 2908 RDPCDD - ok 19:13:57.0292 2908 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:13:57.0324 2908 RDPENCDD - ok 19:13:57.0324 2908 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:13:57.0355 2908 RDPREFMP - ok 19:13:57.0371 2908 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:13:57.0402 2908 RDPWD - ok 19:13:57.0433 2908 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:13:57.0449 2908 rdyboost - ok 19:13:57.0464 2908 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 19:13:57.0496 2908 RemoteAccess - ok 19:13:57.0511 2908 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:13:57.0542 2908 RemoteRegistry - ok 19:13:57.0605 2908 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe 19:13:57.0636 2908 RichVideo ( UnsignedFile.Multi.Generic ) - warning 19:13:57.0636 2908 RichVideo - detected UnsignedFile.Multi.Generic (1) 19:13:57.0652 2908 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:13:57.0683 2908 RpcEptMapper - ok 19:13:57.0714 2908 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 19:13:57.0714 2908 RpcLocator - ok 19:13:57.0730 2908 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 19:13:57.0746 2908 RpcSs - ok 19:13:57.0777 2908 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:13:57.0792 2908 rspndr - ok 19:13:57.0824 2908 [ 6465166DD9B2F841DABAD16ABDADBE98 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 19:13:57.0855 2908 RTL8167 - ok 19:13:57.0855 2908 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 19:13:57.0871 2908 SamSs - ok 19:13:57.0902 2908 [ 1FBD21895B768CD40E83B86C18E6454F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys 19:13:57.0917 2908 SbieDrv - ok 19:13:57.0933 2908 [ D5D875D6662F30C7FBF5F6879452B12B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe 19:13:57.0933 2908 SbieSvc - ok 19:13:57.0964 2908 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:13:57.0980 2908 sbp2port - ok 19:13:58.0059 2908 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 19:13:58.0075 2908 SBSDWSCService - ok 19:13:58.0106 2908 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:13:58.0122 2908 SCardSvr - ok 19:13:58.0153 2908 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:13:58.0168 2908 scfilter - ok 19:13:58.0200 2908 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 19:13:58.0231 2908 Schedule - ok 19:13:58.0262 2908 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:13:58.0278 2908 SCPolicySvc - ok 19:13:58.0309 2908 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:13:58.0340 2908 SDRSVC - ok 19:13:58.0356 2908 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:13:58.0387 2908 secdrv - ok 19:13:58.0387 2908 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 19:13:58.0403 2908 seclogon - ok 19:13:58.0418 2908 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 19:13:58.0450 2908 SENS - ok 19:13:58.0465 2908 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:13:58.0481 2908 SensrSvc - ok 19:13:58.0497 2908 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:13:58.0512 2908 Serenum - ok 19:13:58.0528 2908 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:13:58.0543 2908 Serial - ok 19:13:58.0575 2908 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:13:58.0606 2908 sermouse - ok 19:13:58.0622 2908 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 19:13:58.0637 2908 SessionEnv - ok 19:13:58.0653 2908 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:13:58.0668 2908 sffdisk - ok 19:13:58.0668 2908 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:13:58.0700 2908 sffp_mmc - ok 19:13:58.0715 2908 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:13:58.0731 2908 sffp_sd - ok 19:13:58.0731 2908 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:13:58.0762 2908 sfloppy - ok 19:13:58.0793 2908 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:13:58.0825 2908 SharedAccess - ok 19:13:58.0840 2908 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:13:58.0872 2908 ShellHWDetection - ok 19:13:58.0872 2908 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 19:13:58.0887 2908 sisagp - ok 19:13:58.0903 2908 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:13:58.0918 2908 SiSRaid2 - ok 19:13:58.0934 2908 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:13:58.0934 2908 SiSRaid4 - ok 19:13:59.0044 2908 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:13:59.0107 2908 Skype C2C Service - ok 19:13:59.0154 2908 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 19:13:59.0154 2908 SkypeUpdate - ok 19:13:59.0169 2908 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:13:59.0201 2908 Smb - ok 19:13:59.0216 2908 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:13:59.0232 2908 SNMPTRAP - ok 19:13:59.0248 2908 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 19:13:59.0248 2908 spldr - ok 19:13:59.0279 2908 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 19:13:59.0294 2908 Spooler - ok 19:13:59.0357 2908 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 19:13:59.0404 2908 sppsvc - ok 19:13:59.0435 2908 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:13:59.0466 2908 sppuinotify - ok 19:13:59.0513 2908 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys 19:13:59.0529 2908 sptd - ok 19:13:59.0607 2908 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\System32\Drivers\NIS\1402000.013\SRTSP.SYS 19:13:59.0623 2908 SRTSP - ok 19:13:59.0669 2908 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\NIS\1402000.013\SRTSPX.SYS 19:13:59.0685 2908 SRTSPX - ok 19:13:59.0716 2908 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:13:59.0732 2908 srv - ok 19:13:59.0748 2908 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:13:59.0779 2908 srv2 - ok 19:13:59.0779 2908 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:13:59.0794 2908 srvnet - ok 19:13:59.0810 2908 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:13:59.0857 2908 SSDPSRV - ok 19:13:59.0857 2908 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:13:59.0904 2908 SstpSvc - ok 19:13:59.0935 2908 Steam Client Service - ok 19:13:59.0998 2908 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:14:00.0013 2908 Stereo Service - ok 19:14:00.0029 2908 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:14:00.0045 2908 stexstor - ok 19:14:00.0093 2908 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 19:14:00.0125 2908 StiSvc - ok 19:14:00.0156 2908 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 19:14:00.0156 2908 swenum - ok 19:14:00.0171 2908 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 19:14:00.0187 2908 swprv - ok 19:14:00.0234 2908 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\NIS\1402000.013\SYMDS.SYS 19:14:00.0250 2908 SymDS - ok 19:14:00.0281 2908 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\NIS\1402000.013\SYMEFA.SYS 19:14:00.0312 2908 SymEFA - ok 19:14:00.0328 2908 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS 19:14:00.0343 2908 SymEvent - ok 19:14:00.0375 2908 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\NIS\1402000.013\Ironx86.SYS 19:14:00.0390 2908 SymIRON - ok 19:14:00.0406 2908 [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS C:\Windows\System32\Drivers\NIS\1402000.013\SYMNETS.SYS 19:14:00.0406 2908 SymNetS - ok 19:14:00.0468 2908 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 19:14:00.0484 2908 SysMain - ok 19:14:00.0515 2908 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:14:00.0546 2908 TabletInputService - ok 19:14:00.0562 2908 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys 19:14:00.0578 2908 taphss - ok 19:14:00.0609 2908 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 19:14:00.0625 2908 TapiSrv - ok 19:14:00.0656 2908 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 19:14:00.0671 2908 TBS - ok 19:14:00.0718 2908 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:14:00.0750 2908 Tcpip - ok 19:14:00.0796 2908 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:14:00.0812 2908 TCPIP6 - ok 19:14:00.0843 2908 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:14:00.0859 2908 tcpipreg - ok 19:14:00.0875 2908 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:14:00.0890 2908 TDPIPE - ok 19:14:00.0906 2908 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:14:00.0937 2908 TDTCP - ok 19:14:00.0968 2908 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:14:00.0984 2908 tdx - ok 19:14:01.0015 2908 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 19:14:01.0015 2908 TermDD - ok 19:14:01.0046 2908 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 19:14:01.0079 2908 TermService - ok 19:14:01.0094 2908 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 19:14:01.0110 2908 Themes - ok 19:14:01.0125 2908 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 19:14:01.0141 2908 THREADORDER - ok 19:14:01.0172 2908 [ 5815AE5EF8519066F19E575D67F6F191 ] TPkd C:\Windows\system32\drivers\TPkd.sys 19:14:01.0204 2908 TPkd ( UnsignedFile.Multi.Generic ) - warning 19:14:01.0204 2908 TPkd - detected UnsignedFile.Multi.Generic (1) 19:14:01.0219 2908 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 19:14:01.0250 2908 TrkWks - ok 19:14:01.0297 2908 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:14:01.0313 2908 TrustedInstaller - ok 19:14:01.0344 2908 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:14:01.0375 2908 tssecsrv - ok 19:14:01.0422 2908 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:14:01.0438 2908 TsUsbFlt - ok 19:14:01.0469 2908 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:14:01.0500 2908 tunnel - ok 19:14:01.0516 2908 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:14:01.0532 2908 uagp35 - ok 19:14:01.0547 2908 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:14:01.0579 2908 udfs - ok 19:14:01.0594 2908 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:14:01.0625 2908 UI0Detect - ok 19:14:01.0657 2908 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:14:01.0657 2908 uliagpkx - ok 19:14:01.0688 2908 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 19:14:01.0704 2908 umbus - ok 19:14:01.0704 2908 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:14:01.0735 2908 UmPass - ok 19:14:01.0813 2908 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys 19:14:01.0813 2908 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning 19:14:01.0813 2908 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1) 19:14:01.0829 2908 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 19:14:01.0860 2908 upnphost - ok 19:14:01.0907 2908 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:14:01.0922 2908 usbaudio - ok 19:14:01.0938 2908 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:14:01.0954 2908 usbccgp - ok 19:14:01.0969 2908 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:14:01.0985 2908 usbcir - ok 19:14:02.0016 2908 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:14:02.0016 2908 usbehci - ok 19:14:02.0047 2908 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:14:02.0080 2908 usbhub - ok 19:14:02.0095 2908 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 19:14:02.0111 2908 usbohci - ok 19:14:02.0142 2908 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:14:02.0142 2908 usbprint - ok 19:14:02.0173 2908 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:14:02.0205 2908 usbscan - ok 19:14:02.0220 2908 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:14:02.0220 2908 USBSTOR - ok 19:14:02.0236 2908 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:14:02.0251 2908 usbuhci - ok 19:14:02.0267 2908 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 19:14:02.0283 2908 UxSms - ok 19:14:02.0283 2908 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 19:14:02.0298 2908 VaultSvc - ok 19:14:02.0330 2908 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys 19:14:02.0345 2908 VClone - ok 19:14:02.0376 2908 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:14:02.0392 2908 vdrvroot - ok 19:14:02.0423 2908 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 19:14:02.0455 2908 vds - ok 19:14:02.0470 2908 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:14:02.0486 2908 vga - ok 19:14:02.0486 2908 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 19:14:02.0517 2908 VgaSave - ok 19:14:02.0533 2908 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:14:02.0548 2908 vhdmp - ok 19:14:02.0564 2908 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 19:14:02.0564 2908 viaagp - ok 19:14:02.0580 2908 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 19:14:02.0595 2908 ViaC7 - ok 19:14:02.0642 2908 [ F27C1D81ED7DACA5B1A539745A4EF710 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys 19:14:02.0673 2908 VIAHdAudAddService - ok 19:14:02.0705 2908 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 19:14:02.0705 2908 viaide - ok 19:14:02.0736 2908 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:14:02.0751 2908 volmgr - ok 19:14:02.0751 2908 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:14:02.0767 2908 volmgrx - ok 19:14:02.0798 2908 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:14:02.0814 2908 volsnap - ok 19:14:02.0830 2908 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:14:02.0845 2908 vsmraid - ok 19:14:02.0876 2908 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 19:14:02.0908 2908 VSS - ok 19:14:02.0908 2908 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:14:02.0939 2908 vwifibus - ok 19:14:02.0955 2908 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 19:14:02.0986 2908 W32Time - ok 19:14:02.0986 2908 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:14:03.0017 2908 WacomPen - ok 19:14:03.0048 2908 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:14:03.0064 2908 WANARP - ok 19:14:03.0064 2908 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:14:03.0096 2908 Wanarpv6 - ok 19:14:03.0127 2908 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 19:14:03.0159 2908 wbengine - ok 19:14:03.0174 2908 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:14:03.0190 2908 WbioSrvc - ok 19:14:03.0221 2908 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:14:03.0252 2908 wcncsvc - ok 19:14:03.0268 2908 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:14:03.0284 2908 WcsPlugInService - ok 19:14:03.0284 2908 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:14:03.0299 2908 Wd - ok 19:14:03.0346 2908 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:14:03.0362 2908 Wdf01000 - ok 19:14:03.0362 2908 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:14:03.0377 2908 WdiServiceHost - ok 19:14:03.0377 2908 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:14:03.0393 2908 WdiSystemHost - ok 19:14:03.0440 2908 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 19:14:03.0440 2908 WebClient - ok 19:14:03.0456 2908 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:14:03.0471 2908 Wecsvc - ok 19:14:03.0487 2908 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:14:03.0502 2908 wercplsupport - ok 19:14:03.0518 2908 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 19:14:03.0549 2908 WerSvc - ok 19:14:03.0565 2908 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:14:03.0581 2908 WfpLwf - ok 19:14:03.0596 2908 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:14:03.0612 2908 WIMMount - ok 19:14:03.0659 2908 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 19:14:03.0674 2908 WinDefend - ok 19:14:03.0690 2908 WinHttpAutoProxySvc - ok 19:14:03.0737 2908 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:14:03.0768 2908 Winmgmt - ok 19:14:03.0815 2908 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 19:14:03.0846 2908 WinRM - ok 19:14:03.0877 2908 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 19:14:03.0924 2908 Wlansvc - ok 19:14:04.0002 2908 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:14:04.0034 2908 wlidsvc - ok 19:14:04.0065 2908 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 19:14:04.0081 2908 WmiAcpi - ok 19:14:04.0081 2908 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:14:04.0096 2908 wmiApSrv - ok 19:14:04.0145 2908 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 19:14:04.0177 2908 WMPNetworkSvc - ok 19:14:04.0193 2908 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:14:04.0193 2908 WPCSvc - ok 19:14:04.0224 2908 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:14:04.0240 2908 WPDBusEnum - ok 19:14:04.0271 2908 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:14:04.0287 2908 ws2ifsl - ok 19:14:04.0302 2908 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 19:14:04.0318 2908 wscsvc - ok 19:14:04.0333 2908 WSearch - ok 19:14:04.0380 2908 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 19:14:04.0412 2908 wuauserv - ok 19:14:04.0443 2908 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:14:04.0443 2908 WudfPf - ok 19:14:04.0474 2908 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:14:04.0505 2908 WUDFRd - ok 19:14:04.0537 2908 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:14:04.0552 2908 wudfsvc - ok 19:14:04.0568 2908 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 19:14:04.0599 2908 WwanSvc - ok 19:14:04.0615 2908 ================ Scan global =============================== 19:14:04.0646 2908 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 19:14:04.0677 2908 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll 19:14:04.0677 2908 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll 19:14:04.0708 2908 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 19:14:04.0740 2908 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 19:14:04.0740 2908 [Global] - ok 19:14:04.0740 2908 ================ Scan MBR ================================== 19:14:04.0755 2908 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 19:14:05.0052 2908 \Device\Harddisk0\DR0 - ok 19:14:05.0052 2908 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 19:14:05.0647 2908 \Device\Harddisk1\DR1 - ok 19:14:05.0647 2908 ================ Scan VBR ================================== 19:14:05.0663 2908 [ 64133C8D6F7DFDCB25D34AFA6AC38656 ] \Device\Harddisk0\DR0\Partition1 19:14:05.0663 2908 \Device\Harddisk0\DR0\Partition1 - ok 19:14:05.0663 2908 [ EE3B49BED8BD61D8183BD7641F760B55 ] \Device\Harddisk0\DR0\Partition2 19:14:05.0663 2908 \Device\Harddisk0\DR0\Partition2 - ok 19:14:05.0678 2908 [ B9ED8A40D7AFD1CEA8E473FCDCD5F337 ] \Device\Harddisk0\DR0\Partition3 19:14:05.0678 2908 \Device\Harddisk0\DR0\Partition3 - ok 19:14:05.0678 2908 [ B3EA4AB46D4EB995CFA25CAE86580424 ] \Device\Harddisk1\DR1\Partition1 19:14:05.0694 2908 \Device\Harddisk1\DR1\Partition1 - ok 19:14:05.0694 2908 ============================================================ 19:14:05.0694 2908 Scan finished 19:14:05.0694 2908 ============================================================ 19:14:05.0694 3784 Detected object count: 10 19:14:05.0694 3784 Actual detected object count: 10 19:14:18.0506 3784 AMBFilt ( ForgedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 AMBFilt ( ForgedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 MonFilt ( ForgedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 MonFilt ( ForgedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 TPkd ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 TPkd ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:14:18.0506 3784 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user 19:14:18.0506 3784 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
10.01.2013, 19:24
| #8 | |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hi, combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.01.2013, 19:59
| #9 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? So, ich starte jetzt dann erstmal den Rechner neu. In der Zwischenzeit hier mal das neue Log: Combofix Logfile: Code:
ATTFilter ComboFix 13-01-08.01 - *** 10.01.2013 19:33:20.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3327.1812 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Norton Internet Security CBE *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\***\4.0
c:\users\***\AppData\Roaming\convert\convert.exe
c:\users\***\AppData\Roaming\Microsoft\Windows\Templates\install_flash_player_32bit.exe
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\system32\roboot.exe
c:\windows\unin0407.exe
E:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-10 bis 2013-01-10 ))))))))))))))))))))))))))))))
.
.
2013-01-10 18:45 . 2013-01-10 18:45 -------- d-----w- c:\users\***\AppData\Local\temp
2013-01-10 18:45 . 2013-01-10 18:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-10 18:45 . 2013-01-10 18:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-10 17:57 . 2013-01-10 17:57 -------- d-----w- C:\_OTL
2013-01-10 11:58 . 2013-01-10 11:58 -------- d-----w- c:\users\***\AppData\Local\Programs
2013-01-10 11:44 . 2013-01-10 14:18 -------- d-----w- c:\program files\Browse To Save Removal Tool
2013-01-09 22:26 . 1993-08-24 17:32 12800 ----a-w- c:\windows\system32\WING32.DLL
2013-01-09 05:57 . 2012-12-07 12:26 308736 ----a-w- c:\windows\system32\Wpc.dll
2013-01-07 17:47 . 2013-01-07 17:47 -------- d-----w- c:\users\***\AppData\Roaming\Doomsday
2013-01-06 19:25 . 2013-01-06 19:25 -------- d-----w- c:\programdata\Particles
2013-01-06 19:25 . 2013-01-06 19:26 -------- d-----w- c:\users\***\AppData\Local\Murder on the Titanic
2013-01-06 19:08 . 2013-01-06 19:08 -------- d-----w- c:\users\***\AppData\Roaming\NevoSoft Games
2013-01-05 08:00 . 2013-01-05 08:02 -------- d-----w- c:\programdata\Intenium
2013-01-05 07:59 . 2013-01-05 08:01 -------- d-----w- c:\program files\DEUTSCHLAND SPIELT
2013-01-05 07:58 . 2013-01-05 07:58 -------- d-----w- c:\program files\OXXOGames
2013-01-05 07:50 . 2013-01-05 07:50 -------- d-----w- c:\users\***\AppData\Roaming\DieselPuppet
2013-01-05 07:46 . 2013-01-05 07:46 -------- d-----w- c:\programdata\Premium
2013-01-05 07:44 . 2013-01-05 07:44 -------- d-----w- c:\programdata\Browse2save
2013-01-05 07:44 . 2013-01-05 07:50 -------- d-----w- c:\programdata\AlawarWrapper
2013-01-05 07:42 . 2013-01-05 07:51 -------- d-----w- c:\program files\Alawar
2013-01-05 07:27 . 2013-01-05 07:46 -------- d-----w- c:\programdata\InstallMate
2013-01-05 07:25 . 2013-01-05 07:25 -------- d-----w- c:\users\***\AppData\Roaming\AlawarEntertainment
2013-01-02 12:32 . 2013-01-02 12:32 -------- d-----w- c:\program files\Common Files\Java
2013-01-01 19:25 . 2013-01-01 19:25 -------- d-----w- c:\users\***\AppData\Roaming\onOne Software
2013-01-01 19:21 . 2013-01-01 19:25 -------- d-----w- c:\programdata\onOne Software
2012-12-31 20:07 . 2012-12-31 20:07 -------- d-----w- c:\users\***\AppData\Roaming\SourceTec
2012-12-31 20:07 . 2012-12-31 20:07 -------- d-----w- c:\program files\LAV Filters
2012-12-31 20:06 . 2012-12-31 20:07 -------- d-----w- c:\program files\Sothink Video Converter
2012-12-31 20:06 . 2012-12-31 20:06 -------- d-----w- c:\program files\Common Files\SourceTec
2012-12-31 20:06 . 2012-07-26 12:47 1283584 ----a-w- c:\windows\system32\VSFilter.dll
2012-12-22 02:01 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:01 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 16:30 . 2012-12-20 16:30 -------- d-----w- c:\users\***\AppData\Roaming\Artifex Mundi
2012-12-20 16:22 . 2012-12-20 16:22 -------- d-----w- c:\users\***\AppData\Roaming\LeeGT-Games
2012-12-17 03:54 . 2012-12-17 03:54 -------- d-----w- c:\users\***\AppData\Local\InstallShare
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 07:07 . 2010-10-13 10:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-01-02 12:31 . 2012-07-07 06:17 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-02 12:31 . 2011-05-31 16:00 567184 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-17 03:24 . 2012-10-28 09:51 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-17 03:24 . 2012-10-28 09:51 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-14 15:49 . 2012-11-07 23:50 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-05 15:32 . 2012-11-05 15:32 715038 ----a-w- c:\windows\unins000.exe
2012-10-31 09:36 . 2012-10-31 09:36 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-18 11:33 . 2012-10-18 11:33 38520 ----a-w- c:\windows\system32\RGBAcodec.dll
2012-10-17 15:37 . 2010-09-14 21:18 397312 ----a-w- c:\windows\system32\TubeFinder.exe
2012-10-16 07:39 . 2012-11-27 18:19 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-12-05 20:44 . 2012-10-27 08:09 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\System32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\System32\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\System32\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2010-03-17 14:45 2355224 ----a-w- c:\program files\Winload\tbWinl.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF0D7BA7-2A75-9534-3D50-855D8141DBD3}]
2013-01-05 07:45 118272 ----a-w- c:\programdata\Browse2save\50e7da3064f4b.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f0381dbd-e018-4e07-ae40-d96ab15083f0}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\AF-HSS\tbAF-H.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files\Winload\tbWinl.dll" [2010-03-17 2355224]
"{f0381dbd-e018-4e07-ae40-d96ab15083f0}"= "c:\program files\AF-HSS\tbAF-H.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
.
[HKEY_CLASSES_ROOT\clsid\{f0381dbd-e018-4e07-ae40-d96ab15083f0}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\program files\Winload\tbWinl.dll" [2010-03-17 2355224]
"{F0381DBD-E018-4E07-AE40-D96AB15083F0}"= "c:\program files\AF-HSS\tbAF-H.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
.
[HKEY_CLASSES_ROOT\clsid\{f0381dbd-e018-4e07-ae40-d96ab15083f0}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Personal ID"="c:\progra~1\COOLSP~1\PERSON~1\PID.EXE" [2011-02-01 1132984]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Wondershare Helper Compact.exe"="c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-03-27 1686528]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2009-7-21 323584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\25976~1.107\{C16C1~1\mngr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoBrowser Camera Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VideoBrowser Camera Monitor.lnk
backup=c:\windows\pss\VideoBrowser Camera Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DNS7reminder]
2007-04-16 06:33 259624 ----a-w- c:\program files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dradio-RecorderTimer]
2010-11-23 18:26 39936 ----a-w- c:\program files\dradio-Recorder\phonostarTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-07-18 13:35 116648 ----atw- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2009-09-21 10:40 1681408 ----a-r- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2010-07-29 04:37 222496 ----a-w- c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkury Chrome Smartbar]
2011-10-27 19:14 103224 ----a-w- c:\program files\Linkury\Linkury.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware (reboot)]
2012-12-14 15:49 824232 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2012-06-17 07:51 466704 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-12-04 20:24 1354736 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [x]
R3 ALSysIO;ALSysIO;c:\users\***\AppData\Local\Temp\ALSysIO.sys [x]
R3 AMBFilt;AMBFilt;c:\windows\system32\drivers\AMBFilt.sys [x]
R3 cpuz130;cpuz130;c:\users\***\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM);c:\windows\system32\DRIVERS\webc3vid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1402000.013\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1402000.013\SYMEFA.SYS [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130107.001\BHDrvx86.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1402000.013\ccSetx86.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130109.001\IDSvix86.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1402000.013\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1402000.013\SYMNETS.SYS [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 DragonSvc;Dragon Service;c:\program files\Common Files\Nuance\dgnsvc.exe [x]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security CBE\Engine\20.2.0.19\ccSvcHst.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 61072394
*Deregistered* - 61072394
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-13 04:01]
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-13 04:01]
.
2013-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 13:35]
.
2013-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2373844148-831878903-2888449-1000UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 13:35]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mj7a9djq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109727&tt=4812_8&babsrc=KW_ss&mntrId=54a93cd60000000000000025223606c8&q=
FF - ExtSQL: 2012-12-07 02:13; {58bd07eb-0ee0-4df0-8121-dc9b693373df}; c:\programdata\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=54a93cd60000000000000025223606c8&q=
FF - user.js: extensions.BabylonToolbar.id - 54a93cd60000000000000025223606c8
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15676
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.822:43
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-F-Secure Hoster (666) - c:\program files\F-Secure\fshoster32.exe
MSConfigStartUp-Messenger (Yahoo!) - c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
MSConfigStartUp-Skype - c:\users\***\AppData\Roaming\Skype\Phone\Skype.exe
MSConfigStartUp-USBToolTip - c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-WebCam Plus - c:\windows\ctdrvins.exe -uninstall usb\vid_05a9&pid_0511 -plugin webc3pin.dll
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
AddRemove-{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23} - c:\program files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security CBE\Engine\20.2.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security CBE\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2373844148-831878903-2888449-1000\Software\SecuROM\License information*]
"datasecu"=hex:5d,ff,77,62,88,e4,d3,27,0a,48,b6,9f,fb,bd,2e,4a,38,27,f3,3f,67,
b9,25,51,8b,37,c6,c2,e5,fd,a8,9c,96,47,f0,a2,64,11,2c,96,e4,85,02,9a,e7,c6,\
"rkeysecu"=hex:71,86,ed,f7,8d,5d,22,62,65,c6,56,c2,97,75,b5,9a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-10 19:54:58
ComboFix-quarantined-files.txt 2013-01-10 18:54
.
Vor Suchlauf: 13 Verzeichnis(se), 11.087.470.592 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 10.609.504.256 Bytes frei
.
- - End Of File - - B6BD454498AFDBA82A6AC3CD9E7E5C5C
|
|
10.01.2013, 20:47
| #10 |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hi öffne bitte Malwarebytes, Logdateien, poste alle Berichte mit funden.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.01.2013, 20:57
| #11 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? bei Malwwarebytes einen vollen Scan machen ? Beim Starten hatte ich übrigends keine Fehlermeldung. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.10.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 *** :: ***-PC [Administrator] 10.01.2013 14:04:43 mbam-log-2013-01-10 (14-04-43).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 250369 Laufzeit: 3 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Also ich lass jetzt gerade Malware Bytes mal einen Vollständigen Scan der kompletten internen und der externen Festplatte machen. Wobei der Quick Scan heute Mittag ja wie bei den anderen auch nichts ergeben hatte. Nur Spybot Search and Destroy wollte einige Babylon Einträge entfernen. Was hatte mein PC jetzt eigentlich ? Und vor allem wie erkenne ich ab besten wieder ob er sowas wieder hat, wenn die Malware Scanner und der Virenscanner nichts erkennt ? Ach ja und mein Norton Internet Security, sagt mir daß der Browser im Moment nicht so konfiguriert ist, das er betrügerische Websites erkennt und ob ich es beheben möchte. Geändert von Welsper (10.01.2013 um 21:16 Uhr) |
|
11.01.2013, 01:41
| #12 |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? hi steht oben nicht vollständiger scan? dann lass norton die Konfiguration machen. bisher nur adware.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.01.2013, 09:29
| #13 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Ok ich habe jetzt einen vollständigen Scan von allen Festplatten gemacht interne wie externe. Hier das Log: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.11.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 *** :: ***-PC [Administrator] 11.01.2013 05:27:45 mbam-log-2013-01-11 (05-27-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|I:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 944093 Laufzeit: 3 Stunde(n), 52 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Also hatte ich quasi "nur" Adware auf dem PC ? Was mich etwas irritiert hat, ist das Malware Bytes ja beim Scan con der C Platte vor diesen ganzen Maßnahmen auch nichts gefunden hat. |
|
11.01.2013, 16:17
| #14 |
| /// Malware-holic | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? Hi da hattest du aber auch nur einen quick scan, es währe möglich gewesen, dass beim vollständigen noch was gefunden wird. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.01.2013, 23:27
| #15 |
| | Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? So - Junge Junge war das eine Menge - puh Hier die Liste: 1-abc.net Personal Diary (Remove only) 02.10.2012 notwendig 7-Zip 4.65 08.10.2010 notwendig Acoustica MP3 To Wave Converter PLUS Acoustica, Inc. 15.12.2011 2.5 unbekannt Active@ ISO Burner LSoft Technologies 17.09.2010 2.1.0 notwendig Adobe AIR Adobe Systems Incorporated 19.11.2012 3.2.0.2070 unbekannt Adobe Flash Player 11 Plugin Adobe Systems Incorporated 16.12.2012 6,00MB 11.5.502.135 notwendig Adobe Reader 9.5.2 - Deutsch Adobe Systems Incorporated 14.08.2012 118,5MB 9.5.2 notwendig Advanced Combat Tracker (remove only) 10.04.2011 unnötig AF-HSS Toolbar AF-HSS 19.09.2011 6.2.2.4 unbekannt AIMP2 AIMP DevTeam 12.09.2010 notwendig Alamandi INTENIUM GmbH 04.01.2013 0.0.0.0 unnötig Any Video Converter 3.5.8 Any-Video-Converter.com 10.01.2013 106,9MB notwendig Apple Application Support Apple Inc. 30.12.2012 65,0MB 2.3 unbekannt Apple Mobile Device Support Apple Inc. 07.12.2011 24,3MB 4.0.0.97 unbekannt Apple Software Update Apple Inc. 26.07.2011 2,38MB 2.1.3.127 unbekannt Ashampoo Burning Studio 10.0.4 ashampoo GmbH & Co. KG 17.01.2011 187,3MB 10.0.4 notwendig ASRock IES v2.0.13 14.01.2011 vermutlich notwendig wegen Motherboard ASRock InstantBoot v1.23 09.09.2010 vermutlich notwendig wegen Motherboard ASRock OC Tuner v2.2.96 14.01.2011 vermutlich notwendig wegen Motherboard ATI Catalyst Install Manager ATI Technologies, Inc. 09.09.2010 13,8MB 3.0.732.0 notwendig Audacity 1.3.12 (Unicode) Audacity Team 13.11.2010 32,6MB notwendig AudibleManager Audible, Inc. 17.07.2011 2001558240.48.56.9309418 unnötig AutoHotkey 1.0.48.05 Chris Mallett 28.04.2011 1.0.48.05 unnötig Avidemux 2.5 (32-bit) 05.08.2012 2.5.6.7716 unbekannt AviSynth 2.5 30.12.2012 unbekannt Babylon Chrome Toolbar Babylon Ltd 01.12.2012 2,11MB 2.0.0.4 unnötig Babylon toolbar BabylonToolbar 02.12.2012 unnötig Bandicam Bandisoft.com 01.11.2012 notwendig Bandisoft MPEG-1 Decoder 01.11.2012 notwendig Best of C64 Classix Magnussoft 07.12.2012 notwendig Browse2save BrowseToSave 04.01.2012 unnötig (vermutlich ) BurnAware Free 3.1 Burnaware Technologies 30.12.2010 21,8MB notwendig calibre Kovid Goyal 07.10.2010 93,7MB 0.7.19 notwendig Camtasia Studio 7 TechSmith Corporation 10.10.2011 219MB 7.0.1 notwendig CCleaner Piriform 22.05.2012 3.19 notwendig Celtx (2.7) Greyfirst 01.02.2011 2.7 (en-US) notwendig Cluedo Zylom Games 01.04.2012 1.0.0 notwendig Cogs 19.11.2012 notwendig Comic Life 2 plasq LLC 12.07.2012 144,9MB 2.2.3.0 notwendig ComicRack v0.9.133 cYo Soft 26.10.2010 v0.9.133 notwendig Conduit Engine Conduit Ltd. 19.09.2011 unbekannt Convert AVI to MP4 1.3 convertavitomp3.com 26.09.2010 unbekannt Core Temp version 0.99.7 Arthur Liberman 09.09.2010 1,67MB 0.99.7 notwendig CPUID CPU-Z 1.60 09.04.2012 2,95MB notwendig CyberLink MediaEspresso CyberLink Corp. 13.11.2010 174,9MB 6.0.0722_28792 unbekannt D-Fend Reloaded 1.2.1 (deinstallieren) Alexander Herzog 11.12.2011 1.2.1 notwendig DAEMON Tools Lite DT Soft Ltd 25.09.2012 4.45.4.0314 notwendig Der Exorzist INTENIUM GmbH 04.01.2013 1.0.0.0 notwendig Desktop Icon für Amazon 01.12.2012 1.0.1 (de) unbekannt DEUTSCHLAND SPIELT GAME CENTER INTENIUM GmbH 04.01.2013 1.0.0.46 unbekannt DivX-Setup DivX, LLC 11.12.2012 2.6.1.22 notwendig Downloader 29.03.2011 unbekannt dradio-Recorder Version 3.02.0 24.02.2011 notwendig Dragon NaturallySpeaking 11 Nuance Communications Inc. 10.11.2010 2.785MB 11.50.100 notwendig Dual-Core Optimizer AMD 13.10.2010 86,00KB 1.1.4.0169 unbekannt Dxtory version 2.0.119 Dxtory Software 04.11.2012 11,3MB 2.0.119 notwendig Edna Bricht Aus - Sammler Edition Daedalic Entertainment 01.01.2013 1.2 notwendig Ein Yankee unter Rittern INTENIUM GmbH 04.01.2013 1.0.0.0 unnötig Eufloria HD 19.11.2012 notwendig Europa Universalis III 16.01.2011 notwendig Explorer Suite III 17.07.2012 unbekannt F1 Race Stars 08.01.2013 4.290MB notwendig Farm Craft 2 INTENIUM GmbH 04.01.2013 1.0.0.0 notwendig ffdshow v1.2.4422 [2012-04-09] 04.11.2012 13,3MB 1.2.4422.0 unbekannt FireJump FireJump.net 01.12.2012 4,29MB 1.0.2.5 unbekannt FLV Player 2.0 (build 25) Martijn de Visser 16.11.2010 2.0 (build 25) notwendig FormatFactory 2.60 Free Time 28.12.2010 2.60 notwendig Fraps (remove only) 29.10.2012 notwendig Free FLV Converter V 7.5.0 Koyote Soft 31.10.2012 17,7MB 7.5.0.0 notwendig Free Screen Video Recorder version 2.5.17.602 DVDVideoSoft Limited. 04.06.2011 23,7MB unbekannt Free Video Dub version 2.0.14.903 DVDVideoSoft Ltd. 25.09.2012 82,3MB 2.0.14.903 notwendig Free Video to MP3 Converter version 5.0.4.1228 DVDVideoSoft Ltd. 15.01.2012 57,2MB notwendig FreeCommander 2009.02b Marek Jasinski 17.02.2011 2009.02 notwendig Freemake Video Converter Version 3.1.2 Ellora Assets Corporation 02.11.2012 53,8MB 3.1.2 unbekannt FUSSBALL MANAGER 09 Electronic Arts 26.01.2011 notwendig Futuremark SystemInfo Futuremark Corporation 10.09.2010 3.21.2.1 unbekannt Google Chrome Google Inc. 14.09.2012 24.0.1312.52 unnötig Google Earth Google 23.11.2011 92,7MB 6.1.0.5001 notwendig Google Talk Plugin Google 01.11.2012 19,3MB 3.10.2.10212 unbekannt Haali Media Splitter 30.12.2012 unbekannt HandBrake 0.9.8 05.11.2012 0.9.8 unnötig Harveys neue Augen Special Edition Daedalic Entertainment 01.01.2013 1.3 notwendig HijackThis 2.0.2 TrendMicro 14.09.2010 2.0.2 notwendig HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B HP 08.04.2012 8.0 notwendig ICQ7.2 ICQ 31.10.2010 7.2 unnötig Inspector Magnusson: Mord auf der Titanic INTENIUM GmbH 04.01.2013 1.0.0.0 unnötig Interlok driver setup x32 PACE Anti-Piracy 02.11.2010 0,12MB 5.8.10 unbekannt IrfanView (remove only) Irfan Skiljan 02.07.2012 1,50MB 4.32 unbekannt Java(TM) 6 Update 37 Oracle 06.07.2012 95,7MB 6.0.370 unbekannt Java(TM) 7 Update 2 Oracle 01.01.2013 99,1MB 7.0.20 unbekannt JDownloader AppWork UG (haftungsbeschränkt) 07.10.2010 0.89 notwendig Kate's Video Cutter Web Solution Mart 17.01.2012 4.4.0 unnötig Kate's Video Splitter 7.0 Web Solution Mart 17.01.2012 21,3MB 7.0.0 unnötig Kodu Game Lab Microsoft Research 22.11.2012 263MB 1.2.88 unnötig KVIrc Szymon Stefanek and The KVIrc Development Team 05.10.2012 notwendig Lagarith Lossless Codec (1.3.27) 04.11.2012 0,88MB notwendig Landwirtschafts Simulator 2011 GIANTS Software 02.08.2012 768MB 1.0 notwendig LAV Filters 0.51.3 Hendrik Leppkes 30.12.2012 11,7MB 0.51.3 unbekannt Left 4 Dead 2 Valve 04.11.2012 notwendig Lightworks Lightworks 15.11.2012 11.0.3.0 unbekannt Linkury Smartbar Linkury Inc. 27.11.2011 14,9MB 1.4.0.961 unbekannt Logitech SetPoint 5.20 Logitech 09.04.2011 16,1MB 5.20 unbekannt Lost Chronicles of Zerzura dtp 19.12.2012 unnötig Machete Lite 3.8 MacheteSoft 30.09.2012 2,65MB 3.8.33 notwendig Magic The Gathering Wizards of the Coast 14.11.2010 408MB 3.201 notwendig Magic Workstation 0.94f Magic Technology 17.02.2011 notwendig MagicTG 14.11.2010 notwendig Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 09.01.2013 18,4MB 1.70.0.1100 notwendig Mega World Smash INTENIUM GmbH 04.01.2013 1.0.0.0 unbekannt Microsoft .NET Compact Framework 2.0 SP1 Microsoft Corporation 30.01.2011 91,0MB 2.0.6129 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.10.2010 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.10.2010 2,94MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 26.10.2010 52,0MB 4.0.30319 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 26.12.2011 31,3MB 3.5.92.0 Microsoft Games for Windows Marketplace Microsoft Corporation 05.05.2011 6,04MB 3.5.50.0 Microsoft PowerPoint Viewer Microsoft Corporation 11.12.2012 197,0MB 14.0.6029.1000 Microsoft Silverlight Microsoft Corporation 13.05.2012 180,0MB 4.1.10329.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 05.08.2012 1,70MB 3.1.0000 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 14.09.2010 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.12.2011 2,38MB 8.0.59193 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 14.09.2010 0,20MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 06.01.2012 1,42MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 31.12.2012 0,22MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 11.09.2010 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 26.12.2011 0,22MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 0,59MB 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 30.09.2012 13,9MB 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft Corp. 06.10.2010 0,92MB 3.0.5305.0 Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 18.11.2011 7,55MB 3.1.10527.0 " Alles von Microsoft unbekannt " Mindjet MindManager 9 Mindjet 31.12.2010 100,0MB 9.0.246 unnötig Monopoly Deluxe Zylom Games 28.12.2011 1.0.0 notwendig Mord im Laufrad Mord im Laufrad 03.01.2013 11,6MB 1.00.0000 notwendig Mozilla Firefox 18.0 (x86 de) Mozilla 10.01.2013 50,1MB 18.0 notwendig Mozilla Maintenance Service Mozilla 10.01.2013 0,32MB 18.0 unbekannt MSXML 4.0 SP2 (KB954430) Microsoft Corporation 17.09.2010 35,00KB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 17.09.2010 1,33MB 4.20.9876.0 MSXML 4.0 SP3 Parser Microsoft Corporation 10.12.2011 1,48MB 4.30.2100.0 MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 11.07.2012 1,53MB 4.30.2114.0 MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 09.01.2013 1,54MB 4.30.2117.0 MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 12.12.2011 1,53MB 4.30.2107.0 " Alles von MSXML unbekannt " MTG GamePack for Magic Workstation Magic Technology 17.02.2011 notwendig My MP4Box GUI 0.5.6.0 Matt Bodin 15.11.2012 8,10MB 0.5.6.0 unbekannt Nebel der Elfen 2 INTENIUM GmbH 04.01.2013 1.0.0.0 unnötig No23 Recorder No23 24.02.2011 1,22MB 2.1.0.3 notwendig Norton Internet Security CBE Symantec Corporation 30.10.2012 20.2.0.19 notwendig NVIDIA 3D Vision Controller-Treiber 306.23 NVIDIA Corporation 15.09.2012 306.23 NVIDIA 3D Vision Treiber 306.97 NVIDIA Corporation 17.11.2012 306.97 NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 17.11.2012 306.97 NVIDIA HD-Audiotreiber 1.3.18.0 NVIDIA Corporation 15.09.2012 1.3.18.0 NVIDIA PhysX-Systemsoftware 9.12.0604 NVIDIA Corporation 14.09.2012 9.12.0604 NVIDIA Update 1.10.8 NVIDIA Corporation 15.09.2012 1.10.8 " Alles von NVidia notwendig " OCTGN OCTGN 28.12.2011 0.9.3.2 unbekannt OpenAL 08.01.2013 unbekannt OpenOffice.org 3.2 OpenOffice.org 15.11.2010 363MB 3.2.9502 notwendig Panzer Corps Wehrmacht Slitherine 08.01.2013 555MB 1.03 notwendig Panzer General Special Edition 08.01.2013 1.030MB notwendig Papyrus Autor 3.01 24.10.2010 notwendig Patrizier II Gold 08.12.2011 notwendig PDF-XChange 3 Tracker Software 31.12.2010 unbekannt PhotoPad Image Editor NCH Software 06.02.2011 unbekannt PhotoStage Slideshow Producer NCH Software 06.02.2011 unbekannt Pixillion Imagedatei-Konverter NCH Software 06.02.2011 unbekannt PlayClaw Sytexis Software 30.10.2012 2.1.0.1502 notwendig Port Royale 3 Gaming Minds Studios GmbH 03.05.2012 4.666MB 1.0.0.0 notwendig PowerGramo Professional Freebird 05.05.2011 5.3.0.38 notwendig ProtectDisc Driver, Version 11 ProtectDisc Software GmbH 05.10.2010 11.0.0.14 unbekannt PunkBuster Services Even Balance, Inc. 03.11.2010 0.988 notwendig QuickTime Apple Inc. 30.12.2012 73,2MB 7.73.80.64 notwendig Rapture3D 2.5.1 Game Blue Ripple Sound 08.01.2013 28,6MB unbekannt Realtek Ethernet Controller Driver Realtek 09.09.2010 1.00.0008 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 27.11.2011 6.0.1.6482 notwendig Rosetta Stone Version 3 Rosetta Stone Ltd. 10.01.2011 120,4MB 3.4.5.0 notwendig Sandboxie 3.72 (32-bit) SANDBOXIE L.T.D 12.07.2012 3.72 unnötig Skype Click to Call Skype Technologies S.A. 01.11.2012 28,1MB 6.3.11079 notwendig Skype™ 6.0 Skype Technologies S.A. 22.11.2012 20,3MB 6.0.126 notwendig SmartSound Common Data SmartSound Software Inc. 16.12.2011 13,5MB 1.1.0 unbekannt SmartSound Quicktracks 5 SmartSound Software Inc. 16.12.2011 49,2MB 5.1.6 unbekannt SopCast 3.5.0 www.sopcast.com 24.09.2012 3.5.0 notwendig Sothink Video Converter SourceTec Software Co., LTD 30.12.2012 45,9MB 3.6 unbekannt Spybot - Search & Destroy Safer Networking Limited 10.10.2012 1.6.2 notwendig Steam Valve Corporation 15.10.2010 42,3MB 1.0.0.0 notwendig Storybook Intertec 01.02.2011 2.1.15 notwendig Streamripper (Remove only) 24.02.2011 unbekannt StreamTransport version: 1.0.2.2171 17.02.2012 unbekannt SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 eRightSoft 02.06.2012 52,6MB v2012.build.51 notwendig System Requirements Lab CYRI Husdawg, LLC 09.04.2012 0,45MB 4.5.1.0 unbekannt TeamSpeak 3 Client TeamSpeak Systems GmbH 02.11.2012 3.0.9.2 notwendig The Whispered World Deep Silver 03.01.2013 1.01 notwendig Toonstruck Windows Deutsch 1.0 31.01.2011 1.025MB notwendig Toy Defense UIG GmbH 10.12.2012 88,4MB notwendig TreeSize Free V2.6 JAM Software 05.02.2012 3,63MB 2.6 unbekannt Ubisoft Game Launcher UBISOFT 30.11.2011 1.0.0.0 notwendig Uninstall 1.0.0.1 11.11.2010 10,6MB unbekannt Unlocker 1.9.1 Cedrick Collomb 01.03.2012 1.9.1 notwendig Veetle TV 0.9.18 Veetle, Inc 03.02.2011 0.9.18 unnötig Ventrilo Client Flagship Industries, Inc. 17.09.2010 4,43MB 3.0.5 unnötig VIA Plattform-Geräte-Manager VIA Technologies, Inc. 06.09.2010 2,62MB 1.34 unbekannt VideoBrowser PIXELA 15.12.2011 1.01.100 unbekannt VidSplitter GeoVid 07.11.2012 unbekannt VirtualCloneDrive Elaborate Bytes 23.02.2012 notwendig Visual C++ 9.0 Runtime for Dragon NaturallySpeaking Nuance Communications Inc. 10.11.2010 23,1MB 11.0.0 notwendig VLC media player 1.0.1 VideoLAN Team 23.11.2011 1.0.1 notwendig WEB.DE MailCheck für Mozilla Firefox 1&1 Mail & Media GmbH 13.09.2012 2.1.4.1420 unbekannt WinCDEmu Bazis 06.10.2010 3.3 unbekannt Windows Live Essentials Microsoft Corporation 06.08.2012 15.4.3555.0308 notwendig Windows Media Encoder 9-Reihe 16.07.2011 unbekannt Winload Toolbar 12.01.2011 unbekannt WinRAR 23.09.2010 notwendig WinUAE v0.8.8 R7 06.11.2012 notwendig yWriter5 Spacejock Software 01.02.2011 notwendig Zattoo4 4.0.5 Zattoo Inc. 14.09.2012 4.0.5 notwendig Zip Motion Block Video codec (Remove Only) DOSBox Team 11.12.2011 unbekannt |
|
| Themen zu Habe ich nun was, oder habe ich nicht ? Und ist die Lösung vielleicht sogar das Problem ? |
| blöd, browse to save, coupons, dateien, entfernen, eraser, erweiterung, festgestellt, firefox, infiziert, internetseite, löschen, lösung, malware, malware bytes, norton power eraser, popups, problem, probleme, programm, scan, seite, seiten, spyware, system, system 32, system32, variant, verseucht, windows |
Linear-Darstellung
