Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Computer wird bei Verbindung mit dem Internet gesperrt

Computer wird bei Verbindung mit dem Internet gesperrt


Plagegeister aller Art und deren Bekämpfung: Computer wird bei Verbindung mit dem Internet gesperrt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 24.01.2013, 18:45   #1
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Icon17

Computer wird bei Verbindung mit dem Internet gesperrt


Hallo liebe Helfer,
seit heute Mittag habe ich dass Problem, dass mein PC bei bestehender Verbindung mit dem Internet gesperrt wird.

Das Problem ist exakt Deckungsgleich zum dem, welches hier in der Community ebenfalls schon aufgekommen ist:

http://www.trojaner-board.de/129974-...-gesperrt.html

Ich hoffe ihr könnt mir schnell helfen, ich brauche meinen PC eigentlich dringend für die Uni und habe wenig Lust alles neu zu installieren (Die Daten könnte ich ja retten denke ich)

Viele Grüße Manuel

Alt 24.01.2013, 19:20   #2
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


hi
starte neu, drücke f8 wähle abgesicherter Modus mit Netzwerk, melde dich im betroffenen Konto an, inet sollte funktionieren
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 24.01.2013, 19:28   #3
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Hallo markus,
ich bedanke mich für die Antwort und wqerde das gleich mal testen.

Ich hoffe du kannst mir bei meinem Problem helfen.

Gruß Manuel

Ich komme leider garnicht erst in den abgesicherten Modus ...
was soll ich jetzt tun ??

OK nachdem ich meinen PC abgewürgt hatte kam ich doch rein ;-)

So lange der Scan läuft kläre ich dich kurz über mein System auf:

Also ich denke was besonderst wichtig ist:
Ich habe Windows 7

Außerdem habe ich bereits mit Antivir gescannt: ohne Erfolg

Also hier die Ergebnisse des Scans:
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
Code:
ATTFilter
OTL logfile created on: 24.01.2013 19:43:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Manuel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 5,23 Gb Available Physical Memory | 87,38% Memory free
11,96 Gb Paging File | 11,24 Gb Available in Paging File | 93,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,21 Gb Total Space | 305,62 Gb Free Space | 66,85% Space Free | Partition Type: NTFS
Drive D: | 457,21 Gb Total Space | 326,18 Gb Free Space | 71,34% Space Free | Partition Type: NTFS
Drive F: | 992,70 Mb Total Space | 899,61 Mb Free Space | 90,62% Space Free | Partition Type: FAT
Drive M: | 1828,85 Gb Total Space | 1425,08 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
Drive P: | 1828,85 Gb Total Space | 1425,08 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
Drive V: | 1828,85 Gb Total Space | 1425,08 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
Drive X: | 1828,85 Gb Total Space | 1425,08 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
Drive Y: | 1828,85 Gb Total Space | 1425,08 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
 
Computer Name: M-PC2 | User Name: Manuel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.24 19:24:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2013.01.18 18:47:54 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.09 13:31:16 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.29 11:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.13 14:44:31 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012.11.26 19:06:13 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.02 11:33:28 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.05.08 17:35:57 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 17:35:57 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 02:10:36 | 000,339,776 | ---- | M] ( ) [Auto | Stopped] -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe -- (mitsijm2013)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.09.15 05:19:54 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Programme\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe -- (mi-raysat_3dsmax2013_64)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.02.01 06:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 06:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.31 22:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2010.11.06 08:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.05.04 21:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008.06.03 16:18:08 | 000,066,560 | ---- | M] () [Auto | Stopped] -- C:\Windows\jwpen.exe -- (HWSuperPowerTablet)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.13 14:26:36 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.03 20:38:55 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.07.02 11:23:05 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2012.05.08 17:35:57 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 17:35:57 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.12.20 07:59:12 | 002,727,936 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.24 08:32:54 | 000,412,264 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.03.19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.10.19 10:37:56 | 000,543,232 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys -- (Ltn_stk7070P_64)
DRV:64bit: - [2007.10.19 10:37:56 | 000,016,256 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys -- (Ltn_stkrc_64)
DRV:64bit: - [2007.03.26 11:17:00 | 000,008,320 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HWDrawing.sys -- (VHWDrawing)
DRV - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@ptc.com/ProductViewLite: C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VLCVideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.18 18:47:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.11.05 16:55:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions
[2012.09.12 22:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\6zvrdmdc.default\extensions
[2012.09.12 22:01:38 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\firefox\profiles\6zvrdmdc.default\extensions\testpilot@labs.mozilla.com.xpi
[2013.01.18 18:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.18 18:47:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.01.18 18:47:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.01.18 18:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2013.01.18 18:47:55 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.27 21:31:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.27 21:31:27 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.27 21:31:27 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.27 21:31:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.27 21:31:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.27 21:31:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VLCVideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Mail = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [HWTablet KeyPlus] C:\Windows\SysWOW64\HWKeyPlus.exe ()
O4 - HKLM..\Run: [HWTablet Service] C:\Windows\SysWOW64\HWTabTray.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition\TrayServer.exe (MAGIX AG)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Manuel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Software Suite SE] C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDFA9DF7-7226-4B4B-B1B3-F93EDF312F18}: NameServer = 192.168.123.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c00a5ab8-b769-11e0-a2ac-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c00a5ab8-b769-11e0-a2ac-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\cdstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {0AB324FA-DF78-6EFA-4598-91C1D14D0C44} - Themes Setup
ActiveX:64bit: {143D5D37-881A-AF39-0679-1C54239533A1} - Microsoft Windows Media Player
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {370C3286-5717-3F99-D4C7-920316FC9D89} - Themes Setup
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {3F24D6E7-F128-36E6-06CD-331F1CCE1D53} - Internet Explorer
ActiveX:64bit: {400D3158-9F53-5179-8E4E-11B750D7661A} - Internet Explorer
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {8D115047-4358-16B9-443D-94C55A9EEDB2} - Themes Setup
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F04A7E29-C694-639F-6283-C6536C1EF220} - Browser Customizations
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.24 19:42:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2013.01.24 14:33:47 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{636BD44D-8DEB-4A0C-B9A0-BBC77DF03BE2}
[2013.01.23 12:34:24 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{6C507BA3-7D42-4467-9784-16410627D227}
[2013.01.22 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{2C5AAD76-6AB4-4D3C-91AF-623656C726F7}
[2013.01.21 18:52:40 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{D89AA588-5297-423E-97D6-338BC90CAAB0}
[2013.01.20 15:04:30 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{267BB2F6-6879-4EEE-8EDC-E65CDC148855}
[2013.01.19 23:28:36 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{7ED4A46D-8178-414C-A337-2BC897DDDFBF}
[2013.01.19 15:21:47 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{81C893D2-44EF-4404-8E06-8183F401A467}
[2013.01.18 22:29:15 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{9D6B6910-C2D9-49B9-94C2-0AB71CD44BDE}
[2013.01.18 18:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.18 12:34:03 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{64E51A94-3D2B-4BB3-8EDA-2BD0865482B7}
[2013.01.17 15:24:36 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{88318385-008A-44FF-A261-9E1C8DBB2B3D}
[2013.01.16 21:24:31 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{3C43DF0A-AAF8-46C4-B465-436B39E117B2}
[2013.01.16 18:15:05 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{4252B951-033B-4010-8A12-78E8AE11A1AE}
[2013.01.15 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{06A352C3-7011-4D40-8712-0A8ADDB6A396}
[2013.01.14 18:59:01 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{2DCC7127-7B87-40E3-B66B-4613429F76BF}
[2013.01.13 14:42:18 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{50DC0841-C5BF-46BF-9B3E-F30C3A63E1F6}
[2013.01.12 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{7C6B8B93-7D62-471D-BA11-8799E4E7FE57}
[2013.01.11 17:46:03 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{2BC61DE6-0BBF-4B65-A1D3-9C954C4CA535}
[2013.01.10 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{FE843118-63B5-4347-8141-33147D16C7A9}
[2013.01.09 17:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2013.01.09 14:54:59 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{B9A9FBF9-3FF9-4C8A-AC95-6F4679B81D74}
[2013.01.08 22:18:22 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{CE337FD7-B5E2-4167-AB16-A6FDB96F0D4A}
[2013.01.07 21:24:37 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{6B83C634-265C-4326-97A3-F7FF280DBDF1}
[2013.01.06 16:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.01.06 13:09:54 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{B0C3021C-51B5-4D4D-A5A5-26F4A07FD593}
[2013.01.05 17:04:13 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{F956E350-687F-4F28-8F0E-FCDD5743E822}
[2013.01.04 23:18:42 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{F396AF30-B5B9-48BA-8425-4E56E31AD0BC}
[2013.01.03 09:36:20 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{63D832BB-A18B-4E37-A13C-2E05814F4580}
[2013.01.01 23:11:40 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{25D3BAE8-004C-4F0F-89EF-8E8953BBDD57}
[2012.12.31 18:30:54 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{7C7D805D-224A-4F66-89F7-2D88F9807C1D}
[2012.12.31 13:00:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.12.30 23:41:54 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{CF9B229F-B2C2-4421-AEBA-4140FE030D8D}
[2012.12.29 23:33:49 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{12CBA199-ABDE-4124-8D3F-78E5FE0DE9C9}
[2012.12.29 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{509149E7-8B54-4073-BC0D-842064CB92D0}
[2012.12.28 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{2ED54A71-311C-4E49-A0A6-BF001B52FB29}
[2012.12.27 12:42:36 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{B8F557D7-F1FC-4900-A5C9-EF921A5FA6C7}
[2012.12.25 22:53:30 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\{951FDEB3-D114-44D7-B442-AA9A2F4B720B}
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Manuel\*.tmp files -> C:\Users\Manuel\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.24 19:42:24 | 001,614,736 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.24 19:42:24 | 000,697,336 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.24 19:42:24 | 000,652,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.24 19:42:24 | 000,148,632 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.24 19:42:24 | 000,121,586 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.24 19:40:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.24 19:40:15 | 523,104,255 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.24 19:38:56 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.24 19:38:37 | 000,003,116 | ---- | M] () -- C:\Windows\HWTablet.bin
[2013.01.24 19:38:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2013.01.24 19:35:59 | 000,533,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.24 19:24:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2013.01.24 15:32:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\HizKK03.pad
[2013.01.24 15:31:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.24 15:25:17 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.24 15:06:43 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 15:06:43 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 14:41:39 | 000,003,223 | ---- | M] () -- C:\ProgramData\HizKK03.js
[2013.01.24 14:41:39 | 000,001,085 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013.01.24 14:41:39 | 000,000,153 | ---- | M] () -- C:\ProgramData\HizKK03.reg
[2013.01.24 14:41:39 | 000,000,080 | ---- | M] () -- C:\ProgramData\HizKK03.bat
[2013.01.24 14:16:07 | 001,591,518 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.19 21:09:49 | 688,613,278 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.09 15:02:19 | 000,002,853 | ---- | M] () -- C:\Users\Manuel\AppData\Local\recently-used.xbel
[2013.01.05 12:26:03 | 000,000,847 | ---- | M] () -- C:\Users\Manuel\Desktop\TX-NR414 - Verknüpfung.lnk
[2012.12.29 11:34:47 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.12.29 09:40:11 | 002,923,201 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.12.25 23:06:06 | 000,000,036 | ---- | M] () -- C:\Users\Manuel\.org.eclipse.epp.usagedata.recording.userId
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Manuel\*.tmp files -> C:\Users\Manuel\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.24 14:41:39 | 000,003,223 | ---- | C] () -- C:\ProgramData\HizKK03.js
[2013.01.24 14:41:39 | 000,001,085 | ---- | C] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013.01.24 14:41:39 | 000,000,153 | ---- | C] () -- C:\ProgramData\HizKK03.reg
[2013.01.24 14:41:39 | 000,000,080 | ---- | C] () -- C:\ProgramData\HizKK03.bat
[2013.01.24 14:41:38 | 095,023,320 | ---- | C] () -- C:\ProgramData\HizKK03.pad
[2013.01.09 15:02:19 | 000,002,853 | ---- | C] () -- C:\Users\Manuel\AppData\Local\recently-used.xbel
[2013.01.05 12:26:03 | 000,000,847 | ---- | C] () -- C:\Users\Manuel\Desktop\TX-NR414 - Verknüpfung.lnk
[2012.12.25 23:06:06 | 000,000,036 | ---- | C] () -- C:\Users\Manuel\.org.eclipse.epp.usagedata.recording.userId
[2012.11.30 18:51:56 | 000,007,605 | ---- | C] () -- C:\Users\Manuel\AppData\Local\Resmon.ResmonCfg
[2012.11.26 18:49:36 | 001,591,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.06 21:16:22 | 000,000,032 | ---- | C] () -- C:\Windows\DVD_Start.INI
[2012.11.01 10:57:44 | 000,000,049 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2012.11.01 10:57:42 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2012.11.01 10:57:30 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2012.11.01 10:56:58 | 000,044,950 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.11.01 10:56:12 | 000,000,872 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.11.01 10:56:01 | 000,005,066 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2012.09.26 14:12:26 | 000,000,072 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.09 14:03:21 | 000,000,028 | ---- | C] () -- C:\Users\Manuel\.gtk-bookmarks
[2012.03.28 21:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.28 21:11:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.03.28 21:11:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.03.28 21:11:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.03.28 21:11:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.02.16 15:12:48 | 000,004,608 | ---- | C] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.11.24 11:46:10 | 000,000,594 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2011.11.22 19:08:50 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.11.06 14:45:23 | 000,066,560 | ---- | C] () -- C:\Windows\jwpen.exe
[2011.11.06 14:45:23 | 000,028,672 | ---- | C] () -- C:\Windows\HWCkPenT.dll
[2011.11.06 14:45:23 | 000,013,824 | ---- | C] () -- C:\Windows\DevInst.exe
[2011.11.06 14:45:23 | 000,011,264 | ---- | C] () -- C:\Windows\HWDevInst.exe
[2011.11.06 14:45:23 | 000,003,116 | ---- | C] () -- C:\Windows\HWTablet.bin
[2011.11.06 14:45:22 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\HWTabTray.exe
[2011.11.06 14:45:22 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\WinTab32.dll
[2011.11.06 14:45:22 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\jwusbchk32.dll
[2011.11.06 14:45:22 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\JWKey.dll
[2011.11.06 14:45:22 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\HWKeyPlus.exe
[2011.11.06 14:45:22 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\JWPen.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.01 11:02:16 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\ASUS
[2012.12.01 20:33:31 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Autodesk
[2011.11.19 11:04:41 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Foxit Software
[2012.06.23 14:53:42 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FreeCommander
[2012.05.16 19:02:55 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\gtk-2.0
[2011.11.06 16:54:14 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\IrfanView
[2011.11.05 16:12:18 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Leadertech
[2011.11.12 15:48:50 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\MAGIX
[2011.11.05 15:36:54 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\OEM
[2012.11.30 13:53:54 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Origin
[2011.11.12 16:07:50 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\proDAD
[2011.12.20 18:08:40 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\ProtectDISC
[2012.01.31 15:45:57 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\PTC
[2012.11.15 16:45:51 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Samsung
[2012.07.12 18:03:16 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\TeamViewer
[2012.04.24 18:36:57 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Temp
[2011.11.05 21:23:08 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Windows Live Writer
[2011.11.06 19:22:40 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\XnView
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.11.05 15:36:43 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.07.26 10:36:56 | 000,000,000 | ---D | M] -- C:\book
[2013.01.24 14:16:11 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.11.05 15:32:49 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.03.11 10:11:28 | 000,000,000 | ---D | M] -- C:\Intel
[2011.11.05 15:53:55 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.09.28 07:31:04 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2012.10.21 16:09:27 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 04:20:08 | 000,000,000 | -H-D | M] -- C:\PerfLogs
[2011.11.05 21:34:58 | 000,000,000 | ---D | M] -- C:\prgs
[2012.11.30 18:45:59 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.01.18 21:58:55 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.01.24 14:41:39 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.11.05 15:32:49 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.11.05 15:32:49 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.01.24 15:28:02 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.21 22:03:03 | 000,000,000 | ---D | M] -- C:\Temp
[2012.09.28 07:32:59 | 000,000,000 | R--D | M] -- C:\Users
[2013.01.24 14:42:46 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.11.06 17:17:08 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.11.06 17:17:08 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.03 10:29:13 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2010.09.24 02:48:00 | 000,222,288 | ---- | M] (Advanced Micro Devices, Inc) MD5=A3F4FEE7E8C40242FD6CD77DAE51370F -- C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Packages\Drivers\SBDrv\SB8xx\RAID\W7\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2010.11.06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.11.06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.05.09 14:03:21 | 000,000,028 | ---- | M] () -- C:\Users\Manuel\.gtk-bookmarks
[2012.12.25 23:06:06 | 000,000,036 | ---- | M] () -- C:\Users\Manuel\.org.eclipse.epp.usagedata.recording.userId
[2013.01.24 19:54:42 | 006,029,312 | -HS- | M] () -- C:\Users\Manuel\NTUSER.DAT
[2013.01.24 19:54:42 | 000,262,144 | -HS- | M] () -- C:\Users\Manuel\ntuser.dat.LOG1
[2011.11.05 15:33:07 | 000,000,000 | -HS- | M] () -- C:\Users\Manuel\ntuser.dat.LOG2
[2011.11.05 15:45:00 | 000,065,536 | -HS- | M] () -- C:\Users\Manuel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.11.05 15:45:00 | 000,524,288 | -HS- | M] () -- C:\Users\Manuel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.11.05 15:45:00 | 000,524,288 | -HS- | M] () -- C:\Users\Manuel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.11.21 03:50:53 | 000,000,020 | -HS- | M] () -- C:\Users\Manuel\ntuser.ini
[2012.10.27 16:27:01 | 000,000,326 | ---- | M] () -- C:\Users\Manuel\stools_.log
[2012.10.27 17:04:36 | 000,005,516 | ---- | M] () -- C:\Users\Manuel\stools_proe.log
[1 C:\Users\Manuel\*.tmp files -> C:\Users\Manuel\*.tmp -> ]
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
__________________
Alt 24.01.2013, 20:55   #4
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
[2013.01.24 15:32:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\HizKK03.pad
[2013.01.24 14:41:39 | 000,003,223 | ---- | M] () -- C:\ProgramData\HizKK03.js
[2013.01.24 14:41:39 | 000,001,085 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013.01.24 14:41:39 | 000,000,153 | ---- | M] () -- C:\ProgramData\HizKK03.reg
[2013.01.24 14:41:39 | 000,000,080 | ---- | M] () -- C:\ProgramData\HizKK03.bat
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.01.2013, 21:20   #5
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Code:
ATTFilter
All processes killed
Error: Unable to interpret <%:OTL> in the current context!
Error: Unable to interpret <[2013.01.24 15:32:19 | 095,023,320 | ---- | M] () -- C:\ProgramData\HizKK03.pad> in the current context!
Error: Unable to interpret <[2013.01.24 14:41:39 | 000,003,223 | ---- | M] () -- C:\ProgramData\HizKK03.js> in the current context!
Error: Unable to interpret <[2013.01.24 14:41:39 | 000,001,085 | ---- | M] () -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk> in the current context!
Error: Unable to interpret <[2013.01.24 14:41:39 | 000,000,153 | ---- | M] () -- C:\ProgramData\HizKK03.reg> in the current context!
Error: Unable to interpret <[2013.01.24 14:41:39 | 000,000,080 | ---- | M] () -- C:\ProgramData\HizKK03.bat> in the current context!
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 42016 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Manuel
->Flash cache emptied: 42148 bytes
 
User: Public
 
User: UpdatusUser
->Flash cache emptied: 42016 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Manuel
->Temp folder emptied: 1243166758 bytes
->Temporary Internet Files folder emptied: 491266648 bytes
->Java cache emptied: 7153767 bytes
->FireFox cache emptied: 325477772 bytes
->Google Chrome cache emptied: 32072876 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 1564672 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8136530440 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 279610 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 763 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 6308995229 bytes
 
Total Files Cleaned = 15.780,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 01242013_210404

Files\Folders moved on Reboot...
C:\Users\Manuel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 24.01.2013, 21:22   #6
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


hi
du hast da beim kopieren n fehler gemacht, füre das Script noch mal aus bitte
__________________
--> Computer wird bei Verbindung mit dem Internet gesperrt

Alt 24.01.2013, 21:26   #7
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Kann ich die exe auch im normalen modus ausfuehren ???

Es wurde aber trotzdem gemeldet dass dateien fehlen ;-)

habs jetzt nochmal probiert:

Es ging dieses mal sehr schnell und demzufolge denke ich dass es schon beim ersten mal erfolgreich gewesen sein muss ...
die zweite log folgt gleich

Code:
ATTFilter
All processes killed
========== OTL ==========
C:\ProgramData\HizKK03.pad moved successfully.
C:\ProgramData\HizKK03.js moved successfully.
C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk moved successfully.
C:\ProgramData\HizKK03.reg moved successfully.
C:\ProgramData\HizKK03.bat moved successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Manuel
->Flash cache emptied: 492 bytes
 
User: Public
 
User: UpdatusUser
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Manuel
->Temp folder emptied: 66292 bytes
->Temporary Internet Files folder emptied: 1087916 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 840 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 01242013_214203

Files\Folders moved on Reboot...
C:\Users\Manuel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
was muss ich nun machen ?? ;-)

Alt 25.01.2013, 12:30   #8
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


jetzt hatts geklappt.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.01.2013, 14:28   #9
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Code:
ATTFilter
14:21:58.0396 5312  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:21:58.0656 5312  ============================================================
14:21:58.0656 5312  Current date / time: 2013/01/25 14:21:58.0656
14:21:58.0656 5312  SystemInfo:
14:21:58.0656 5312  
14:21:58.0656 5312  OS Version: 6.1.7601 ServicePack: 1.0
14:21:58.0656 5312  Product type: Workstation
14:21:58.0656 5312  ComputerName: M-PC2
14:21:58.0656 5312  UserName: Manuel
14:21:58.0656 5312  Windows directory: C:\Windows
14:21:58.0656 5312  System windows directory: C:\Windows
14:21:58.0656 5312  Running under WOW64
14:21:58.0656 5312  Processor architecture: Intel x64
14:21:58.0656 5312  Number of processors: 8
14:21:58.0656 5312  Page size: 0x1000
14:21:58.0656 5312  Boot type: Normal boot
14:21:58.0656 5312  ============================================================
14:21:59.0115 5312  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:59.0155 5312  Drive \Device\Harddisk6\DR6 - Size: 0x3E100000 (0.97 Gb), SectorSize: 0x200, Cylinders: 0x7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:21:59.0157 5312  ============================================================
14:21:59.0157 5312  \Device\Harddisk0\DR0:
14:21:59.0157 5312  MBR partitions:
14:21:59.0157 5312  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000
14:21:59.0157 5312  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x39269800
14:21:59.0157 5312  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B49C015, BlocksNum 0x392699AC
14:21:59.0157 5312  \Device\Harddisk6\DR6:
14:21:59.0159 5312  MBR partitions:
14:21:59.0159 5312  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F07DF
14:21:59.0159 5312  ============================================================
14:21:59.0186 5312  C: <-> \Device\Harddisk0\DR0\Partition2
14:21:59.0207 5312  D: <-> \Device\Harddisk0\DR0\Partition3
14:21:59.0207 5312  ============================================================
14:21:59.0209 5312  Initialize success
14:21:59.0209 5312  ============================================================
14:22:37.0045 4820  ============================================================
14:22:37.0045 4820  Scan started
14:22:37.0045 4820  Mode: Manual; SigCheck; TDLFS; 
14:22:37.0045 4820  ============================================================
14:22:37.0242 4820  ================ Scan system memory ========================
14:22:37.0242 4820  System memory - ok
14:22:37.0242 4820  ================ Scan services =============================
14:22:37.0500 4820  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:22:37.0582 4820  1394ohci - ok
14:22:37.0604 4820  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:22:37.0614 4820  ACPI - ok
14:22:37.0628 4820  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:22:37.0693 4820  AcpiPmi - ok
14:22:37.0747 4820  [ 5AE65DCD983077278A6173C2872BCA99 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
14:22:37.0769 4820  acsock - ok
14:22:37.0835 4820  [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
14:22:37.0849 4820  AdobeActiveFileMonitor9.0 - ok
14:22:37.0928 4820  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:22:37.0940 4820  AdobeARMservice - ok
14:22:38.0058 4820  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:22:38.0074 4820  AdobeFlashPlayerUpdateSvc - ok
14:22:38.0084 4820  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:22:38.0104 4820  adp94xx - ok
14:22:38.0110 4820  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:22:38.0125 4820  adpahci - ok
14:22:38.0144 4820  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:22:38.0155 4820  adpu320 - ok
14:22:38.0173 4820  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:22:38.0304 4820  AeLookupSvc - ok
14:22:38.0357 4820  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:22:38.0388 4820  AFD - ok
14:22:38.0403 4820  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:22:38.0415 4820  agp440 - ok
14:22:38.0439 4820  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:22:38.0487 4820  ALG - ok
14:22:38.0504 4820  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:22:38.0519 4820  aliide - ok
14:22:38.0524 4820  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:22:38.0539 4820  amdide - ok
14:22:38.0564 4820  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:22:38.0583 4820  AmdK8 - ok
14:22:38.0602 4820  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:22:38.0638 4820  AmdPPM - ok
14:22:38.0659 4820  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:22:38.0679 4820  amdsata - ok
14:22:38.0687 4820  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:22:38.0704 4820  amdsbs - ok
14:22:38.0739 4820  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:22:38.0750 4820  amdxata - ok
14:22:38.0799 4820  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:22:38.0812 4820  AntiVirSchedulerService - ok
14:22:38.0848 4820  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:22:38.0859 4820  AntiVirService - ok
14:22:38.0870 4820  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:22:38.0930 4820  AppID - ok
14:22:38.0952 4820  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:22:38.0995 4820  AppIDSvc - ok
14:22:39.0014 4820  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:22:39.0034 4820  Appinfo - ok
14:22:39.0048 4820  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:22:39.0058 4820  arc - ok
14:22:39.0075 4820  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:22:39.0087 4820  arcsas - ok
14:22:39.0214 4820  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:22:39.0225 4820  aspnet_state - ok
14:22:39.0242 4820  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:39.0295 4820  AsyncMac - ok
14:22:39.0397 4820  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:22:39.0412 4820  atapi - ok
14:22:39.0429 4820  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:22:39.0490 4820  AudioEndpointBuilder - ok
14:22:39.0499 4820  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:22:39.0523 4820  AudioSrv - ok
14:22:39.0534 4820  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:22:39.0543 4820  avgntflt - ok
14:22:39.0554 4820  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:22:39.0563 4820  avipbb - ok
14:22:39.0575 4820  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:22:39.0583 4820  avkmgr - ok
14:22:39.0614 4820  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:22:39.0659 4820  AxInstSV - ok
14:22:39.0680 4820  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:22:39.0723 4820  b06bdrv - ok
14:22:39.0762 4820  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:39.0803 4820  b57nd60a - ok
14:22:39.0822 4820  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:22:39.0868 4820  BDESVC - ok
14:22:39.0884 4820  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:22:39.0928 4820  Beep - ok
14:22:39.0970 4820  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:22:40.0018 4820  BFE - ok
14:22:40.0053 4820  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:22:40.0095 4820  BITS - ok
14:22:40.0104 4820  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:22:40.0114 4820  blbdrive - ok
14:22:40.0144 4820  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:22:40.0169 4820  bowser - ok
14:22:40.0185 4820  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:22:40.0200 4820  BrFiltLo - ok
14:22:40.0213 4820  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:22:40.0225 4820  BrFiltUp - ok
14:22:40.0255 4820  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:22:40.0280 4820  Browser - ok
14:22:40.0297 4820  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:22:40.0333 4820  Brserid - ok
14:22:40.0343 4820  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:40.0359 4820  BrSerWdm - ok
14:22:40.0362 4820  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:40.0375 4820  BrUsbMdm - ok
14:22:40.0378 4820  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:40.0388 4820  BrUsbSer - ok
14:22:40.0406 4820  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:22:40.0427 4820  BTHMODEM - ok
14:22:40.0462 4820  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:22:40.0501 4820  bthserv - ok
14:22:40.0516 4820  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:22:40.0553 4820  cdfs - ok
14:22:40.0692 4820  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:22:40.0719 4820  cdrom - ok
14:22:40.0741 4820  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:22:40.0796 4820  CertPropSvc - ok
14:22:40.0813 4820  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:22:40.0826 4820  circlass - ok
14:22:40.0849 4820  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:22:40.0859 4820  CLFS - ok
14:22:40.0893 4820  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:40.0903 4820  clr_optimization_v2.0.50727_32 - ok
14:22:40.0928 4820  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:40.0938 4820  clr_optimization_v2.0.50727_64 - ok
14:22:41.0026 4820  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:41.0038 4820  clr_optimization_v4.0.30319_32 - ok
14:22:41.0054 4820  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:41.0067 4820  clr_optimization_v4.0.30319_64 - ok
14:22:41.0079 4820  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:22:41.0104 4820  CmBatt - ok
14:22:41.0109 4820  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:22:41.0123 4820  cmdide - ok
14:22:41.0243 4820  [ 6B56A1437913C1DEA2EE1F8B5DB1ED74 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
14:22:41.0358 4820  cmudaxp - ok
14:22:41.0401 4820  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:22:41.0439 4820  CNG - ok
14:22:41.0451 4820  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:22:41.0462 4820  Compbatt - ok
14:22:41.0481 4820  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:22:41.0507 4820  CompositeBus - ok
14:22:41.0518 4820  COMSysApp - ok
14:22:41.0527 4820  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:22:41.0538 4820  crcdisk - ok
14:22:41.0572 4820  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:22:41.0613 4820  CryptSvc - ok
14:22:41.0654 4820  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:22:41.0709 4820  DcomLaunch - ok
14:22:41.0727 4820  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:22:41.0786 4820  defragsvc - ok
14:22:41.0799 4820  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:22:41.0833 4820  DfsC - ok
14:22:41.0863 4820  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
14:22:41.0874 4820  dg_ssudbus - ok
14:22:42.0021 4820  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:22:42.0049 4820  Dhcp - ok
14:22:42.0057 4820  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:22:42.0092 4820  discache - ok
14:22:42.0106 4820  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:22:42.0117 4820  Disk - ok
14:22:42.0146 4820  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:22:42.0186 4820  Dnscache - ok
14:22:42.0203 4820  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:22:42.0253 4820  dot3svc - ok
14:22:42.0262 4820  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:22:42.0292 4820  DPS - ok
14:22:42.0297 4820  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:22:42.0319 4820  drmkaud - ok
14:22:42.0348 4820  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:22:42.0382 4820  DXGKrnl - ok
14:22:42.0402 4820  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:22:42.0443 4820  EapHost - ok
14:22:42.0527 4820  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:22:42.0656 4820  ebdrv - ok
14:22:42.0687 4820  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:22:42.0726 4820  EFS - ok
14:22:42.0779 4820  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:22:42.0819 4820  ehRecvr - ok
14:22:42.0833 4820  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:22:42.0849 4820  ehSched - ok
14:22:42.0868 4820  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:22:42.0898 4820  elxstor - ok
14:22:42.0906 4820  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:22:42.0931 4820  ErrDev - ok
14:22:42.0951 4820  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:22:42.0989 4820  EventSystem - ok
14:22:43.0016 4820  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:22:43.0041 4820  exfat - ok
14:22:43.0123 4820  Fabs - ok
14:22:43.0138 4820  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:22:43.0188 4820  fastfat - ok
14:22:43.0236 4820  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:22:43.0282 4820  Fax - ok
14:22:43.0299 4820  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:22:43.0324 4820  fdc - ok
14:22:43.0341 4820  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:22:43.0377 4820  fdPHost - ok
14:22:43.0392 4820  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:22:43.0416 4820  FDResPub - ok
14:22:43.0431 4820  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:22:43.0439 4820  FileInfo - ok
14:22:43.0451 4820  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:22:43.0486 4820  Filetrace - ok
14:22:43.0573 4820  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:22:43.0712 4820  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:22:43.0712 4820  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:22:43.0794 4820  [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:22:43.0852 4820  FLEXnet Licensing Service 64 - ok
14:22:43.0869 4820  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:22:43.0879 4820  flpydisk - ok
14:22:43.0896 4820  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:22:43.0911 4820  FltMgr - ok
14:22:43.0967 4820  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:22:44.0036 4820  FontCache - ok
14:22:44.0079 4820  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:44.0092 4820  FontCache3.0.0.0 - ok
14:22:44.0112 4820  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:22:44.0127 4820  FsDepends - ok
14:22:44.0136 4820  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:22:44.0149 4820  Fs_Rec - ok
14:22:44.0154 4820  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:22:44.0168 4820  fvevol - ok
14:22:44.0184 4820  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:22:44.0193 4820  gagp30kx - ok
14:22:44.0248 4820  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:22:44.0274 4820  GamesAppService - ok
14:22:44.0296 4820  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:22:44.0343 4820  gpsvc - ok
14:22:44.0404 4820  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
14:22:44.0414 4820  GREGService - ok
14:22:44.0482 4820  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:44.0494 4820  gupdate - ok
14:22:44.0519 4820  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:44.0531 4820  gupdatem - ok
14:22:44.0548 4820  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:22:44.0584 4820  hcw85cir - ok
14:22:44.0599 4820  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:22:44.0644 4820  HdAudAddService - ok
14:22:44.0673 4820  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:22:44.0699 4820  HDAudBus - ok
14:22:44.0703 4820  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:22:44.0727 4820  HidBatt - ok
14:22:44.0748 4820  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:22:44.0786 4820  HidBth - ok
14:22:44.0817 4820  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:22:44.0841 4820  HidIr - ok
14:22:44.0844 4820  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:22:44.0883 4820  hidserv - ok
14:22:44.0897 4820  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:22:44.0908 4820  HidUsb - ok
14:22:44.0937 4820  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:22:44.0973 4820  hkmsvc - ok
14:22:44.0983 4820  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:22:45.0013 4820  HomeGroupListener - ok
14:22:45.0027 4820  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:22:45.0049 4820  HomeGroupProvider - ok
14:22:45.0061 4820  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:22:45.0081 4820  HpSAMD - ok
14:22:45.0093 4820  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:22:45.0148 4820  HTTP - ok
14:22:45.0164 4820  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:22:45.0172 4820  hwpolicy - ok
14:22:45.0203 4820  [ 2A0E04F22F47DC548430E06EA6BED882 ] HWSuperPowerTablet C:\Windows\jwpen.exe
14:22:45.0218 4820  HWSuperPowerTablet ( UnsignedFile.Multi.Generic ) - warning
14:22:45.0218 4820  HWSuperPowerTablet - detected UnsignedFile.Multi.Generic (1)
14:22:45.0222 4820  HYRDBios - ok
14:22:45.0241 4820  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:22:45.0263 4820  i8042prt - ok
14:22:45.0283 4820  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
14:22:45.0299 4820  iaStor - ok
14:22:45.0356 4820  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:22:45.0366 4820  IAStorDataMgrSvc - ok
14:22:45.0394 4820  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:22:45.0422 4820  iaStorV - ok
14:22:45.0487 4820  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:22:45.0504 4820  IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:22:45.0504 4820  IDriverT - detected UnsignedFile.Multi.Generic (1)
14:22:45.0546 4820  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:45.0617 4820  idsvc - ok
14:22:45.0637 4820  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:22:45.0646 4820  iirsp - ok
14:22:45.0668 4820  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:22:45.0702 4820  IKEEXT - ok
14:22:45.0786 4820  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:22:45.0833 4820  IntcAzAudAddService - ok
14:22:45.0842 4820  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:22:45.0849 4820  intelide - ok
14:22:45.0864 4820  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:22:45.0872 4820  intelppm - ok
14:22:45.0899 4820  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:22:45.0943 4820  IPBusEnum - ok
14:22:45.0946 4820  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:45.0971 4820  IpFilterDriver - ok
14:22:46.0017 4820  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:22:46.0054 4820  iphlpsvc - ok
14:22:46.0067 4820  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:22:46.0094 4820  IPMIDRV - ok
14:22:46.0098 4820  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:22:46.0139 4820  IPNAT - ok
14:22:46.0171 4820  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:22:46.0202 4820  IRENUM - ok
14:22:46.0221 4820  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:22:46.0237 4820  isapnp - ok
14:22:46.0257 4820  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:22:46.0283 4820  iScsiPrt - ok
14:22:46.0301 4820  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:22:46.0318 4820  kbdclass - ok
14:22:46.0333 4820  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:22:46.0352 4820  kbdhid - ok
14:22:46.0376 4820  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:22:46.0391 4820  KeyIso - ok
14:22:46.0418 4820  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:22:46.0438 4820  KSecDD - ok
14:22:46.0453 4820  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:22:46.0474 4820  KSecPkg - ok
14:22:46.0488 4820  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:22:46.0542 4820  ksthunk - ok
14:22:46.0569 4820  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:22:46.0636 4820  KtmRm - ok
14:22:46.0661 4820  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:22:46.0686 4820  LanmanServer - ok
14:22:46.0709 4820  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:22:46.0734 4820  LanmanWorkstation - ok
14:22:46.0778 4820  [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
14:22:46.0791 4820  Live Updater Service - ok
14:22:46.0804 4820  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:22:46.0841 4820  lltdio - ok
14:22:46.0868 4820  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:22:46.0896 4820  lltdsvc - ok
14:22:46.0904 4820  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:22:46.0942 4820  lmhosts - ok
14:22:46.0992 4820  [ 50C7CE53EF461870410355F1F2E7D515 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:22:47.0007 4820  LMS - ok
14:22:47.0024 4820  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:22:47.0038 4820  LSI_FC - ok
14:22:47.0042 4820  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:22:47.0054 4820  LSI_SAS - ok
14:22:47.0068 4820  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:22:47.0081 4820  LSI_SAS2 - ok
14:22:47.0089 4820  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:22:47.0103 4820  LSI_SCSI - ok
14:22:47.0141 4820  [ 639D24E769BDBEC6145E4C1921669B73 ] Ltn_stk7070P_64 C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys
14:22:47.0169 4820  Ltn_stk7070P_64 - ok
14:22:47.0192 4820  [ E028DF5A96827A87898D4D7EB768E3AB ] Ltn_stkrc_64    C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys
14:22:47.0229 4820  Ltn_stkrc_64 - ok
14:22:47.0241 4820  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:22:47.0303 4820  luafv - ok
14:22:47.0348 4820  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:22:47.0368 4820  LVRS64 - ok
14:22:47.0486 4820  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:22:47.0547 4820  LVUVC64 - ok
14:22:47.0561 4820  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:22:47.0573 4820  Mcx2Svc - ok
14:22:47.0584 4820  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:22:47.0593 4820  megasas - ok
14:22:47.0624 4820  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:22:47.0647 4820  MegaSR - ok
14:22:47.0661 4820  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:22:47.0669 4820  MEIx64 - ok
14:22:47.0801 4820  [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2013_64 C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
14:22:47.0807 4820  mi-raysat_3dsmax2013_64 ( UnsignedFile.Multi.Generic ) - warning
14:22:47.0807 4820  mi-raysat_3dsmax2013_64 - detected UnsignedFile.Multi.Generic (1)
14:22:47.0883 4820  [ 551A5E070F5DF69A64463852E93009DD ] mitsijm2013     C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
14:22:47.0902 4820  mitsijm2013 - ok
14:22:47.0916 4820  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:22:47.0952 4820  MMCSS - ok
14:22:47.0969 4820  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:22:47.0993 4820  Modem - ok
14:22:47.0999 4820  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:22:48.0021 4820  monitor - ok
14:22:48.0041 4820  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:22:48.0049 4820  mouclass - ok
14:22:48.0064 4820  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:22:48.0081 4820  mouhid - ok
14:22:48.0098 4820  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:22:48.0104 4820  mountmgr - ok
14:22:48.0183 4820  [ C8619D099F8149149045772B60DB09AC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:22:48.0203 4820  MozillaMaintenance - ok
14:22:48.0221 4820  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:22:48.0236 4820  mpio - ok
14:22:48.0244 4820  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:22:48.0277 4820  mpsdrv - ok
14:22:48.0296 4820  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:22:48.0329 4820  MpsSvc - ok
14:22:48.0343 4820  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:22:48.0363 4820  MRxDAV - ok
14:22:48.0379 4820  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:48.0402 4820  mrxsmb - ok
14:22:48.0417 4820  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:48.0432 4820  mrxsmb10 - ok
14:22:48.0438 4820  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:48.0449 4820  mrxsmb20 - ok
14:22:48.0458 4820  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:22:48.0467 4820  msahci - ok
14:22:48.0481 4820  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:22:48.0492 4820  msdsm - ok
14:22:48.0511 4820  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:22:48.0523 4820  MSDTC - ok
14:22:48.0538 4820  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:22:48.0561 4820  Msfs - ok
14:22:48.0574 4820  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:22:48.0597 4820  mshidkmdf - ok
14:22:48.0607 4820  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:22:48.0614 4820  msisadrv - ok
14:22:48.0629 4820  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:22:48.0662 4820  MSiSCSI - ok
14:22:48.0663 4820  msiserver - ok
14:22:48.0684 4820  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:22:48.0721 4820  MSKSSRV - ok
14:22:48.0723 4820  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:48.0754 4820  MSPCLOCK - ok
14:22:48.0762 4820  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:22:48.0784 4820  MSPQM - ok
14:22:48.0802 4820  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:22:48.0817 4820  MsRPC - ok
14:22:48.0821 4820  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:22:48.0827 4820  mssmbios - ok
14:22:48.0836 4820  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:22:48.0858 4820  MSTEE - ok
14:22:48.0869 4820  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:22:48.0879 4820  MTConfig - ok
14:22:48.0891 4820  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:22:48.0899 4820  Mup - ok
14:22:48.0921 4820  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:22:48.0953 4820  napagent - ok
14:22:48.0984 4820  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:22:49.0033 4820  NativeWifiP - ok
14:22:49.0094 4820  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:22:49.0111 4820  NAUpdate - ok
14:22:49.0161 4820  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:22:49.0192 4820  NDIS - ok
14:22:49.0206 4820  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:49.0229 4820  NdisCap - ok
14:22:49.0246 4820  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:49.0269 4820  NdisTapi - ok
14:22:49.0287 4820  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:49.0314 4820  Ndisuio - ok
14:22:49.0331 4820  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:49.0372 4820  NdisWan - ok
14:22:49.0386 4820  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:22:49.0437 4820  NDProxy - ok
14:22:49.0451 4820  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:22:49.0473 4820  NetBIOS - ok
14:22:49.0482 4820  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:22:49.0503 4820  NetBT - ok
14:22:49.0509 4820  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:22:49.0516 4820  Netlogon - ok
14:22:49.0537 4820  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:22:49.0582 4820  Netman - ok
14:22:49.0632 4820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0643 4820  NetMsmqActivator - ok
14:22:49.0661 4820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0669 4820  NetPipeActivator - ok
14:22:49.0687 4820  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:22:49.0726 4820  netprofm - ok
14:22:49.0734 4820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0741 4820  NetTcpActivator - ok
14:22:49.0743 4820  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:49.0748 4820  NetTcpPortSharing - ok
14:22:49.0764 4820  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:22:49.0773 4820  nfrd960 - ok
14:22:49.0808 4820  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:22:49.0822 4820  NlaSvc - ok
14:22:49.0837 4820  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:22:49.0862 4820  Npfs - ok
14:22:49.0864 4820  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:22:49.0889 4820  nsi - ok
14:22:49.0902 4820  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:22:49.0938 4820  nsiproxy - ok
14:22:49.0997 4820  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:22:50.0093 4820  Ntfs - ok
14:22:50.0099 4820  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:22:50.0121 4820  Null - ok
14:22:50.0144 4820  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:22:50.0154 4820  NVHDA - ok
14:22:50.0368 4820  [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:22:50.0482 4820  nvlddmkm - ok
14:22:50.0509 4820  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:22:50.0521 4820  nvraid - ok
14:22:50.0549 4820  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:22:50.0561 4820  nvstor - ok
14:22:50.0614 4820  [ A83AC04D672567CAF8BE7A4D73C0B850 ] NVSvc           C:\Windows\system32\nvvsvc.exe
14:22:50.0638 4820  NVSvc - ok
14:22:50.0721 4820  [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:22:50.0747 4820  nvUpdatusService - ok
14:22:50.0773 4820  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:22:50.0789 4820  nv_agp - ok
14:22:50.0801 4820  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:22:50.0821 4820  ohci1394 - ok
14:22:50.0892 4820  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:22:50.0909 4820  ose - ok
14:22:51.0021 4820  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:22:51.0143 4820  osppsvc - ok
14:22:51.0192 4820  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:22:51.0226 4820  p2pimsvc - ok
14:22:51.0256 4820  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:22:51.0283 4820  p2psvc - ok
14:22:51.0307 4820  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
14:22:51.0321 4820  Parport - ok
14:22:51.0357 4820  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:22:51.0377 4820  partmgr - ok
14:22:51.0386 4820  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:22:51.0431 4820  PcaSvc - ok
14:22:51.0443 4820  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:22:51.0464 4820  pci - ok
14:22:51.0484 4820  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:22:51.0499 4820  pciide - ok
14:22:51.0518 4820  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:22:51.0541 4820  pcmcia - ok
14:22:51.0559 4820  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:22:51.0576 4820  pcw - ok
14:22:51.0596 4820  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:22:51.0661 4820  PEAUTH - ok
14:22:51.0734 4820  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:22:51.0766 4820  PerfHost - ok
14:22:51.0803 4820  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:22:51.0881 4820  pla - ok
14:22:51.0923 4820  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:22:51.0973 4820  PlugPlay - ok
14:22:51.0988 4820  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:22:52.0023 4820  PNRPAutoReg - ok
14:22:52.0031 4820  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:22:52.0046 4820  PNRPsvc - ok
14:22:52.0091 4820  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
14:22:52.0101 4820  Point64 - ok
14:22:52.0126 4820  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:22:52.0189 4820  PolicyAgent - ok
14:22:52.0207 4820  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:22:52.0256 4820  Power - ok
14:22:52.0281 4820  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:22:52.0304 4820  PptpMiniport - ok
14:22:52.0322 4820  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:22:52.0348 4820  Processor - ok
14:22:52.0381 4820  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:22:52.0416 4820  ProfSvc - ok
14:22:52.0419 4820  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:22:52.0433 4820  ProtectedStorage - ok
14:22:52.0439 4820  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:22:52.0476 4820  Psched - ok
14:22:52.0506 4820  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:22:52.0516 4820  PxHlpa64 - ok
14:22:52.0554 4820  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:22:52.0616 4820  ql2300 - ok
14:22:52.0626 4820  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:22:52.0637 4820  ql40xx - ok
14:22:52.0647 4820  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:22:52.0664 4820  QWAVE - ok
14:22:52.0679 4820  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:22:52.0692 4820  QWAVEdrv - ok
14:22:52.0704 4820  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:22:52.0727 4820  RasAcd - ok
14:22:52.0741 4820  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:52.0764 4820  RasAgileVpn - ok
14:22:52.0772 4820  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:22:52.0812 4820  RasAuto - ok
14:22:52.0822 4820  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:52.0846 4820  Rasl2tp - ok
14:22:52.0872 4820  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:22:52.0918 4820  RasMan - ok
14:22:52.0933 4820  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:52.0958 4820  RasPppoe - ok
14:22:52.0971 4820  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:22:52.0996 4820  RasSstp - ok
14:22:53.0012 4820  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:22:53.0041 4820  rdbss - ok
14:22:53.0049 4820  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:22:53.0069 4820  rdpbus - ok
14:22:53.0086 4820  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:53.0106 4820  RDPCDD - ok
14:22:53.0111 4820  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:22:53.0138 4820  RDPENCDD - ok
14:22:53.0151 4820  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:22:53.0171 4820  RDPREFMP - ok
14:22:53.0203 4820  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:22:53.0239 4820  RDPWD - ok
14:22:53.0259 4820  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:22:53.0283 4820  rdyboost - ok
14:22:53.0293 4820  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:22:53.0328 4820  RemoteAccess - ok
14:22:53.0336 4820  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:22:53.0371 4820  RemoteRegistry - ok
14:22:53.0374 4820  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:22:53.0398 4820  RpcEptMapper - ok
14:22:53.0424 4820  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:22:53.0443 4820  RpcLocator - ok
14:22:53.0463 4820  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:22:53.0487 4820  RpcSs - ok
14:22:53.0501 4820  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:22:53.0526 4820  rspndr - ok
14:22:53.0559 4820  [ 712944C0A377E9B8743F95BD83E882D4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:22:53.0571 4820  RTL8167 - ok
14:22:53.0576 4820  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:22:53.0583 4820  SamSs - ok
14:22:53.0592 4820  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:22:53.0602 4820  sbp2port - ok
14:22:53.0616 4820  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:22:53.0642 4820  SCardSvr - ok
14:22:53.0652 4820  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:22:53.0689 4820  scfilter - ok
14:22:53.0712 4820  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:22:53.0766 4820  Schedule - ok
14:22:53.0783 4820  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:22:53.0804 4820  SCPolicySvc - ok
14:22:53.0817 4820  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:22:53.0839 4820  SDRSVC - ok
14:22:53.0854 4820  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:22:53.0883 4820  secdrv - ok
14:22:53.0899 4820  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:22:53.0922 4820  seclogon - ok
14:22:53.0954 4820  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:22:53.0997 4820  SENS - ok
14:22:53.0999 4820  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:22:54.0031 4820  SensrSvc - ok
14:22:54.0052 4820  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:22:54.0061 4820  Serenum - ok
14:22:54.0087 4820  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
14:22:54.0099 4820  Serial - ok
14:22:54.0137 4820  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:22:54.0153 4820  sermouse - ok
14:22:54.0176 4820  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:22:54.0236 4820  SessionEnv - ok
14:22:54.0248 4820  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:22:54.0258 4820  sffdisk - ok
14:22:54.0261 4820  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:22:54.0277 4820  sffp_mmc - ok
14:22:54.0279 4820  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:22:54.0289 4820  sffp_sd - ok
14:22:54.0292 4820  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:22:54.0301 4820  sfloppy - ok
14:22:54.0318 4820  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:22:54.0348 4820  SharedAccess - ok
14:22:54.0368 4820  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:22:54.0396 4820  ShellHWDetection - ok
14:22:54.0404 4820  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:22:54.0413 4820  SiSRaid2 - ok
14:22:54.0423 4820  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:22:54.0433 4820  SiSRaid4 - ok
14:22:54.0497 4820  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:54.0543 4820  SkypeUpdate - ok
14:22:54.0563 4820  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:22:54.0588 4820  Smb - ok
14:22:54.0604 4820  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:22:54.0622 4820  SNMPTRAP - ok
14:22:54.0631 4820  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:22:54.0638 4820  spldr - ok
14:22:54.0677 4820  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:22:54.0711 4820  Spooler - ok
14:22:54.0777 4820  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:22:54.0856 4820  sppsvc - ok
14:22:54.0866 4820  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:22:54.0889 4820  sppuinotify - ok
14:22:54.0916 4820  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:22:54.0949 4820  srv - ok
14:22:54.0966 4820  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:22:54.0998 4820  srv2 - ok
14:22:55.0016 4820  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:22:55.0039 4820  srvnet - ok
14:22:55.0052 4820  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:22:55.0089 4820  SSDPSRV - ok
14:22:55.0107 4820  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:22:55.0128 4820  SstpSvc - ok
14:22:55.0207 4820  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
14:22:55.0227 4820  ssudmdm - ok
14:22:55.0269 4820  [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:22:55.0283 4820  Stereo Service - ok
14:22:55.0301 4820  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:22:55.0314 4820  stexstor - ok
14:22:55.0353 4820  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:22:55.0406 4820  stisvc - ok
14:22:55.0409 4820  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:22:55.0422 4820  swenum - ok
14:22:55.0444 4820  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:22:55.0481 4820  swprv - ok
14:22:55.0521 4820  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:22:55.0564 4820  SysMain - ok
14:22:55.0572 4820  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:22:55.0587 4820  TabletInputService - ok
14:22:55.0598 4820  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:22:55.0629 4820  TapiSrv - ok
14:22:55.0639 4820  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:22:55.0664 4820  TBS - ok
14:22:55.0728 4820  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:22:55.0827 4820  Tcpip - ok
14:22:55.0871 4820  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:22:55.0893 4820  TCPIP6 - ok
14:22:55.0922 4820  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:22:55.0932 4820  tcpipreg - ok
14:22:55.0949 4820  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:22:55.0979 4820  TDPIPE - ok
14:22:56.0004 4820  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:22:56.0022 4820  TDTCP - ok
14:22:56.0036 4820  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:22:56.0093 4820  tdx - ok
14:22:56.0228 4820  [ 4A84526076717F87F3E1AD24AB28FB5A ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:22:56.0263 4820  TeamViewer7 - ok
14:22:56.0306 4820  [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
14:22:56.0312 4820  teamviewervpn - ok
14:22:56.0337 4820  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:22:56.0346 4820  TermDD - ok
14:22:56.0368 4820  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:22:56.0451 4820  TermService - ok
14:22:56.0521 4820  [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
14:22:56.0534 4820  TFsExDisk - ok
14:22:56.0547 4820  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:22:56.0572 4820  Themes - ok
14:22:56.0611 4820  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:22:56.0651 4820  THREADORDER - ok
14:22:56.0666 4820  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:22:56.0691 4820  TrkWks - ok
14:22:56.0732 4820  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:22:56.0770 4820  TrustedInstaller - ok
14:22:56.0783 4820  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:56.0813 4820  tssecsrv - ok
14:22:56.0825 4820  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:22:56.0845 4820  TsUsbFlt - ok
14:22:56.0858 4820  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:22:56.0868 4820  TsUsbGD - ok
14:22:56.0880 4820  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:22:56.0916 4820  tunnel - ok
14:22:56.0923 4820  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:22:56.0933 4820  uagp35 - ok
14:22:56.0951 4820  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:22:56.0978 4820  udfs - ok
14:22:56.0998 4820  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:22:57.0010 4820  UI0Detect - ok
14:22:57.0027 4820  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:22:57.0036 4820  uliagpkx - ok
14:22:57.0047 4820  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:22:57.0067 4820  umbus - ok
14:22:57.0091 4820  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:22:57.0112 4820  UmPass - ok
14:22:57.0175 4820  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:22:57.0195 4820  UMVPFSrv - ok
14:22:57.0292 4820  [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:22:57.0363 4820  UNS - ok
14:22:57.0380 4820  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:22:57.0413 4820  upnphost - ok
14:22:57.0438 4820  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:22:57.0470 4820  usbaudio - ok
14:22:57.0506 4820  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:57.0538 4820  usbccgp - ok
14:22:57.0555 4820  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:22:57.0576 4820  usbcir - ok
14:22:57.0593 4820  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:22:57.0620 4820  usbehci - ok
14:22:57.0652 4820  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:22:57.0695 4820  usbhub - ok
14:22:57.0706 4820  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:22:57.0721 4820  usbohci - ok
14:22:57.0735 4820  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:22:57.0766 4820  usbprint - ok
14:22:57.0797 4820  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:57.0832 4820  USBSTOR - ok
14:22:57.0842 4820  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:22:57.0863 4820  usbuhci - ok
14:22:57.0881 4820  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:22:57.0936 4820  UxSms - ok
14:22:57.0953 4820  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:22:57.0961 4820  VaultSvc - ok
14:22:57.0963 4820  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:22:57.0972 4820  vdrvroot - ok
14:22:57.0988 4820  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:22:58.0023 4820  vds - ok
14:22:58.0026 4820  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:58.0037 4820  vga - ok
14:22:58.0052 4820  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:22:58.0076 4820  VgaSave - ok
14:22:58.0093 4820  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:22:58.0106 4820  vhdmp - ok
14:22:58.0142 4820  [ 30F14186C6CB1A0A80FBF5F4FCB83301 ] VHWDrawing      C:\Windows\system32\DRIVERS\HWDrawing.sys
14:22:58.0163 4820  VHWDrawing - ok
14:22:58.0180 4820  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:22:58.0196 4820  viaide - ok
14:22:58.0210 4820  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:22:58.0228 4820  volmgr - ok
14:22:58.0240 4820  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:22:58.0255 4820  volmgrx - ok
14:22:58.0261 4820  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:22:58.0287 4820  volsnap - ok
14:22:58.0350 4820  [ 19AFBA7191A78EDCA6D235456D65E002 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:22:58.0370 4820  vpnagent - ok
14:22:58.0410 4820  [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
14:22:58.0426 4820  vpnva - ok
14:22:58.0442 4820  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:22:58.0460 4820  vsmraid - ok
14:22:58.0502 4820  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:22:58.0591 4820  VSS - ok
14:22:58.0600 4820  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:22:58.0623 4820  vwifibus - ok
14:22:58.0645 4820  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:22:58.0685 4820  W32Time - ok
14:22:58.0703 4820  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:22:58.0725 4820  WacomPen - ok
14:22:58.0738 4820  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0793 4820  WANARP - ok
14:22:58.0796 4820  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:22:58.0816 4820  Wanarpv6 - ok
14:22:58.0843 4820  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:22:58.0918 4820  wbengine - ok
14:22:58.0932 4820  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:22:58.0955 4820  WbioSrvc - ok
14:22:58.0966 4820  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:22:58.0996 4820  wcncsvc - ok
14:22:59.0008 4820  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:22:59.0036 4820  WcsPlugInService - ok
14:22:59.0046 4820  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:22:59.0062 4820  Wd - ok
14:22:59.0100 4820  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:22:59.0166 4820  Wdf01000 - ok
14:22:59.0198 4820  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:22:59.0285 4820  WdiServiceHost - ok
14:22:59.0288 4820  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:22:59.0305 4820  WdiSystemHost - ok
14:22:59.0322 4820  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:22:59.0341 4820  WebClient - ok
14:22:59.0358 4820  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:22:59.0395 4820  Wecsvc - ok
14:22:59.0411 4820  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:22:59.0433 4820  wercplsupport - ok
14:22:59.0455 4820  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:22:59.0478 4820  WerSvc - ok
14:22:59.0488 4820  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:59.0510 4820  WfpLwf - ok
14:22:59.0521 4820  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:22:59.0530 4820  WIMMount - ok
14:22:59.0545 4820  WinDefend - ok
14:22:59.0551 4820  WinHttpAutoProxySvc - ok
14:22:59.0603 4820  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:22:59.0642 4820  Winmgmt - ok
14:22:59.0673 4820  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:22:59.0742 4820  WinRM - ok
14:22:59.0766 4820  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:22:59.0777 4820  WinUsb - ok
14:22:59.0800 4820  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:22:59.0846 4820  Wlansvc - ok
14:22:59.0870 4820  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:22:59.0878 4820  wlcrasvc - ok
14:22:59.0970 4820  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:23:00.0031 4820  wlidsvc - ok
14:23:00.0040 4820  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:23:00.0046 4820  WmiAcpi - ok
14:23:00.0063 4820  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:23:00.0087 4820  wmiApSrv - ok
14:23:00.0116 4820  WMPNetworkSvc - ok
14:23:00.0130 4820  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:23:00.0148 4820  WPCSvc - ok
14:23:00.0167 4820  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:23:00.0193 4820  WPDBusEnum - ok
14:23:00.0201 4820  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:23:00.0237 4820  ws2ifsl - ok
14:23:00.0252 4820  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:23:00.0266 4820  wscsvc - ok
14:23:00.0278 4820  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:23:00.0288 4820  WSDPrintDevice - ok
14:23:00.0318 4820  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
14:23:00.0337 4820  WSDScan - ok
14:23:00.0341 4820  WSearch - ok
14:23:00.0423 4820  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:23:00.0475 4820  wuauserv - ok
14:23:00.0506 4820  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:23:00.0541 4820  WudfPf - ok
14:23:00.0573 4820  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:23:00.0610 4820  WUDFRd - ok
14:23:00.0640 4820  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:23:00.0667 4820  wudfsvc - ok
14:23:00.0681 4820  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:23:00.0712 4820  WwanSvc - ok
14:23:00.0756 4820  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:23:00.0783 4820  xusb21 - ok
14:23:00.0795 4820  ================ Scan global ===============================
14:23:00.0811 4820  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:23:00.0846 4820  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:23:00.0860 4820  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:23:00.0865 4820  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:23:00.0882 4820  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:23:00.0891 4820  [Global] - ok
14:23:00.0891 4820  ================ Scan MBR ==================================
14:23:00.0902 4820  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:23:01.0190 4820  \Device\Harddisk0\DR0 - ok
14:23:01.0195 4820  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk6\DR6
14:23:02.0505 4820  \Device\Harddisk6\DR6 - ok
14:23:02.0506 4820  ================ Scan VBR ==================================
14:23:02.0507 4820  [ 1FBDFAF5600EC3CE049C369C0CC62350 ] \Device\Harddisk0\DR0\Partition1
14:23:02.0510 4820  \Device\Harddisk0\DR0\Partition1 - ok
14:23:02.0526 4820  [ 895275351BFB46153D2FE7B18B6D3F61 ] \Device\Harddisk0\DR0\Partition2
14:23:02.0528 4820  \Device\Harddisk0\DR0\Partition2 - ok
14:23:02.0551 4820  [ D708CDA5B8E7825FE4E989FB078636FE ] \Device\Harddisk0\DR0\Partition3
14:23:02.0553 4820  \Device\Harddisk0\DR0\Partition3 - ok
14:23:02.0557 4820  [ 60D7EFC648A7D38560F1447C3F76F87E ] \Device\Harddisk6\DR6\Partition1
14:23:02.0558 4820  \Device\Harddisk6\DR6\Partition1 - ok
14:23:02.0560 4820  ============================================================
14:23:02.0560 4820  Scan finished
14:23:02.0560 4820  ============================================================
14:23:02.0568 3676  Detected object count: 4
14:23:02.0568 3676  Actual detected object count: 4
14:23:17.0971 3676  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:17.0971 3676  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:23:17.0971 3676  HWSuperPowerTablet ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:17.0971 3676  HWSuperPowerTablet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:23:17.0974 3676  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:17.0974 3676  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:23:17.0975 3676  mi-raysat_3dsmax2013_64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:17.0975 3676  mi-raysat_3dsmax2013_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:24:46.0128 3204  Deinitialize success
hat dann doch soweit funktioniert danke ;-) ... bin schon gespannt wie es weiter geht :-)

Alt 25.01.2013, 14:38   #10
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.01.2013, 15:14   #11
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Code:
ATTFilter
ComboFix 13-01-24.02 - Manuel 25.01.2013  15:04:16.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6126.4160 [GMT 1:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Manuel\~app.tmp
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\IsUn0407.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-25 bis 2013-01-25  ))))))))))))))))))))))))))))))
.
.
2013-01-25 14:09 . 2013-01-25 14:09	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-01-25 14:09 . 2013-01-25 14:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-25 13:49 . 2013-01-25 13:49	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{82AACAF2-271D-4F0A-95D7-03160217CFFF}\offreg.dll
2013-01-25 13:12 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{82AACAF2-271D-4F0A-95D7-03160217CFFF}\mpengine.dll
2013-01-24 20:11 . 2013-01-24 20:11	--------	d-----w-	C:\found.000
2013-01-24 20:04 . 2013-01-24 20:04	--------	d-----w-	C:\_OTL
2013-01-10 13:16 . 2012-11-30 05:45	362496	----a-w-	c:\windows\system32\wow64win.dll
2013-01-06 15:44 . 2013-01-06 15:44	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2012-12-29 01:54 . 2012-12-29 01:54	550328	----a-w-	c:\windows\SysWow64\nvStreaming.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 22:22 . 2011-11-05 16:22	67599240	----a-w-	c:\windows\system32\MRT.exe
2013-01-09 12:31 . 2012-04-03 09:29	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 12:31 . 2011-11-05 17:04	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-29 10:34 . 2012-10-10 20:23	2824656	----a-w-	c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-10 20:23	1107592	----a-w-	c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-10-10 20:23	15052368	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2012-10-10 20:23	12641120	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-12-29 10:34 . 2012-10-10 20:22	2504248	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-12-29 10:34 . 2012-10-10 20:22	15129064	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2012-09-28 06:31	1813432	----a-w-	c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-09-28 06:31	1504696	----a-w-	c:\windows\system32\nvdispgenco64.dll
2012-12-29 08:40 . 2011-03-23 22:53	6382008	----a-w-	c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2011-03-23 22:52	3455416	----a-w-	c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-09-28 06:32	2923201	----a-w-	c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2011-03-23 22:53	884152	----a-w-	c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2011-03-23 22:53	63928	----a-w-	c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2011-03-23 22:53	2558392	----a-w-	c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2011-03-23 22:53	118712	----a-w-	c:\windows\system32\nvmctray.dll
2012-12-18 22:06 . 2012-12-18 22:06	289768	----a-w-	c:\windows\system32\javaws.exe
2012-12-18 22:06 . 2012-12-18 22:06	189416	----a-w-	c:\windows\system32\javaw.exe
2012-12-18 22:06 . 2012-12-18 22:06	188904	----a-w-	c:\windows\system32\java.exe
2012-12-18 22:06 . 2012-12-18 22:06	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-18 22:06 . 2012-04-27 16:02	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-12-18 22:06 . 2012-04-27 16:02	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-12-16 17:11 . 2012-12-21 22:16	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 22:16	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 22:16	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 22:16	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-13 13:44 . 2012-12-13 13:44	11336	----a-w-	c:\windows\SysWow64\vpncategories.dll
2012-12-13 13:44 . 2012-12-13 13:44	34376	----a-w-	c:\windows\SysWow64\vpnevents.dll
2012-12-13 13:26 . 2011-09-09 15:59	112080	----a-r-	c:\windows\system32\drivers\acsock64.sys
2012-11-30 04:45 . 2013-01-10 13:16	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-13 22:19	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 22:19	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 22:19	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 22:19	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 22:19	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 22:19	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 22:19	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 22:19	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 22:19	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 22:19	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 22:19	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 22:19	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 22:19	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 22:19	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 22:19	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 22:19	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 22:19	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 22:19	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 22:19	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 22:19	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 22:19	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 22:19	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 19:09	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 19:09	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-13 19:08	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 19:08	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-11-01 10:02 . 2011-12-23 12:12	419840	----a-w-	c:\windows\system32\wrap_oal.dll
2012-11-01 10:02 . 2011-12-23 12:12	413696	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2012-11-01 10:02 . 2011-12-23 12:12	111616	----a-w-	c:\windows\system32\OpenAL32.dll
2012-11-01 10:02 . 2011-12-23 12:12	102400	----a-w-	c:\windows\SysWow64\OpenAL32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Software Suite SE"="c:\program files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" [2009-09-29 2275360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"Akamai NetSession Interface"="c:\users\Manuel\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"Hotkey Utility"="c:\program files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 620136]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"HWTablet KeyPlus"="c:\windows\SysWOW64\HWKeyPlus.exe" [2008-06-03 53248]
"HWTablet Service"="c:\windows\SysWOW64\HWTabTray.exe" [2009-03-05 184320]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition\TrayServer.exe" [2008-08-07 90112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2012-07-23 1632216]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-12-13 702024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Photo Frame.lnk - c:\program files (x86)\Northstar\Photo Frame\Photo Frame.exe [2011-7-26 516688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HWSuperPowerTablet;HWSuperPowerTablet;c:\windows\jwpen.exe [2008-06-03 66560]
R2 HYRDBios;HYRDBios;c:\windows\system32\DRIVERS\HYRDBios.sys [x]
R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;c:\program files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-09-15 86016]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2012-12-13 112080]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-26 1432400]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-01-31 244624]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-01-31 339776]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-02 2673064]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-13 544840]
S3 cmudaxp;ASUS Xonar DGX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-12-20 2727936]
S3 Ltn_stk7070P_64;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P_64.sys [2007-10-19 543232]
S3 Ltn_stkrc_64;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc_64.sys [2007-10-19 16256]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-07-02 35112]
S3 VHWDrawing;HanWang Drawing Tablet;c:\windows\system32\DRIVERS\HWDrawing.sys [2007-03-26 8320]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 62758286
*Deregistered* - 62758286
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 20:54	1607120	----a-w-	c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 12:31]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 16:17]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 16:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-26 2184520]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: Interfaces\{DDFA9DF7-7226-4B4B-B1B3-F93EDF312F18}: NameServer = 192.168.123.1
FF - ProfilePath - c:\users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\6zvrdmdc.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-25  15:10:47
ComboFix-quarantined-files.txt  2013-01-25 14:10
.
Vor Suchlauf: 11 Verzeichnis(se), 338.914.459.648 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 338.757.087.232 Bytes frei
.
- - End Of File - - 6BED520448483E08583C0B1CB215F418
Hat soweit eig gut funktioniert :-)

Wie gehts weiter ??

Alt 25.01.2013, 16:51   #12
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


sieht doch schon mal gut aus.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.01.2013, 20:09   #13
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.25.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Manuel :: M-PC2 [Administrator]

Schutz: Aktiviert

25.01.2013 17:42:42
mbam-log-2013-01-25 (17-42-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 706685
Laufzeit: 2 Stunde(n), 10 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\Downloads\vdownloader112\vdownloader_setup.exe (Adware.ADON) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Also das kam raus ...
Es wurde allerdings nur eine Datein gefunden ...
Symptome sind aber schon seit ner weile weg ...

Also mittlerweile geht so ziemlich alles ... aber ich habe so das gefühl das hochfahren dauert länger als vorher ....

Alt 28.01.2013, 16:33   #14
markusg
/// Malware-holic
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.01.2013, 21:00   #15
Mk91
 
Computer wird bei Verbindung mit dem Internet gesperrt - Standard

Computer wird bei Verbindung mit dem Internet gesperrt


Code:
ATTFilter
7-Zip 9.23 (x64 edition)	Igor Pavlov	06.11.2011	4,21MB	9.23.01.0							Notwendig
Acrobat.com	Adobe Systems Incorporated	11.03.2011	1,60MB	1.6.65								Notwendig
ActiveX контрола на Windows Live Mesh за отдалечени връзки	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2		Unbekannt
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Adobe AIR	Adobe Systems Inc.	26.07.2011		1.5.3.9130								Unbekannt
Adobe Community Help	Adobe Systems Incorporated	26.07.2011		3.2.1.650						Unbekannt
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	08.01.2013	6,00MB	11.5.502.146					Unbekannt
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	09.01.2013	6,00MB	11.5.502.146					Unbekannt
Adobe Photoshop Elements 9	Adobe Systems Incorporated	11.02.2012	2,60GB	9.0.3.0						Notwendig
Adobe Premiere Elements 9	Adobe Systems Incorporated	26.07.2011	1,23GB	9.0						Unbekannt
Adobe Reader X (10.1.5) - Deutsch	Adobe Systems Incorporated	10.01.2013	122MB	10.1.5					Notwendig
Akamai NetSession Interface	Akamai Technologies, Inc	26.11.2012								Unbekannt	
Apple Application Support	Apple Inc.	08.11.2012	65,0MB	2.3								Unbekannt
Apple Software Update	Apple Inc.	10.11.2011	2,38MB	2.1.3.127								Unbekannt
ASUS Xonar DG Audio Driver		01.11.2012											Notwendig
Audacity 1.2.6		06.11.2011													Notwendig	
Autodesk 3ds Max 2013 64-bit	Autodesk	01.12.2012		15.0.0.347							Notwendig
Autodesk Backburner 2013.0.0	Autodesk, Inc.	29.11.2012	12,8MB	2013.0.0							Notwendig
Autodesk Design Review 2013	Autodesk, Inc.	26.11.2012		13.0.0.82							Notwendig
Autodesk DirectConnect 2013 64-bit	Autodesk	29.11.2012	1,06GB	7.0.28.0						Notwendig
Autodesk Download Manager	Autodesk, Inc.	26.11.2012	15,0MB	2.0.2.0								Notwendig
Autodesk Essential Skills Movies for 3ds Max 2013 64-bit	Autodesk	01.12.2012	337MB	1.0.0.1				Notwendig
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit	Autodesk	01.12.2012							Notwendig	
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit	Autodesk	29.11.2012								Notwendig	
Autodesk Inventor Content Center Libraries 2013 (Desktop Content)	Autodesk	26.11.2012	1,31MB	17.0.13800.0000		Notwendig
Autodesk Inventor Fusion 2013	Autodesk, Inc.	26.11.2012	585MB	2.0.0.206							Notwendig
Autodesk Inventor Fusion for Inventor 2013 Add-in	Autodesk	26.11.2012	12,9MB	1.0.0.111				Notwendig
Autodesk Inventor Professional 2013 Deutsch (German)	Autodesk	26.11.2012	3,48GB	17.0.13800.0000				Notwendig
Autodesk Inventor Server Engine for 3ds Max 2013 64-bit	Autodesk	01.12.2012	332MB	15.0					Notwendig
Autodesk MatchMover 2013 64-bit	Autodesk	29.11.2012	361MB	14.00.0000							Notwendig
Autodesk Material Library 2013	Autodesk	26.11.2012	94,9MB	3.0.13								Notwendig
Autodesk Material Library Base Resolution Image Library 2013	Autodesk	26.11.2012	71,4MB	3.0.13				Notwendig
Autodesk Material Library Low Resolution Image Library 2013	Autodesk	26.11.2012	245MB	3.0.13				Notwendig
Autodesk Material Library Medium Resolution Image Library 2013	Autodesk	01.12.2012	739MB	3.0.13				Notwendig
Autodesk Maya 2013 64-bit	Autodesk	29.11.2012		15.0.0.0							Notwendig
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit	Autodesk	01.12.2012	589MB	1.0.0.1		Notwendig
Autodesk Sync	Autodesk, Inc.	26.11.2012	45,3MB	3.5.24.0									Notwendig
Autodesk Vault Basic 2013 (Client)	Autodesk	26.11.2012		17.0.61.0						Notwendig						
Avira Free Antivirus	Avira	14.11.2012	104MB	12.1.9.1236									Notwendig
Bridge Building Game		16.02.2012												Unnötig		
Canon MP640 series Benutzerregistrierung		16.05.2012									Notwendig		
Canon MP640 series MP Drivers		16.05.2012											Notwendig		
Canon Utilities My Printer		16.05.2012											Notwendig		
CCleaner	Piriform	23.01.2013		3.27										-------------------
CD-LabelPrint		16.05.2012													Notwendig		
Cisco AnyConnect Secure Mobility Client	Cisco Systems, Inc.	09.01.2013		3.1.02026					Notwendig
Composite 2013 64-bit	Autodesk	29.11.2012	621MB	8.0.0									Notwendig
Control ActiveX de Windows Live Mesh para conexiones remotas	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Control ActiveX del Windows Live Mesh per a connexions remotes	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Control ActiveX Windows Live Mesh pentru conexiuni la distanță	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Controle ActiveX do Windows Live Mesh para Conexões Remotas	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Controlo ActiveX do Windows Live Mesh para Ligações Remotas	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2		Unbekannt
Contrôle ActiveX Windows Live Mesh pour connexions à distance	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
CyberLink MediaEspresso	CyberLink Corp.	26.07.2011	164MB	6.5.1615_36053b								Notwendig
DWG TrueView 2013	Autodesk	26.11.2012		19.0.55.0								Notwendig
Eco Materials Adviser for Autodesk Inventor 2013	Granta Design Limited	26.11.2012	50,0MB	3.9.12.0			Notwendig
Emergency 2012 Deluxe	Quadriga Games GmbH	20.12.2011										Unnötig	
Emergency4		25.11.2011		1.03.001										Unnötig
EVEREST Home Edition v2.20	Lavalys Inc	21.10.2012		2.20								Notwendig
FIFA 13	Electronic Arts	26.09.2012	5,26GB	1.0.0.0											Notwendig
Firebird SQL Server - MAGIX Edition	MAGIX AG	09.11.2011	10,1MB	2.1.27.0						Notwendig
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2				Unbekannt
Franzis 3D-Eisenbahnplaner 11	Franzis	04.01.2012											Notwendig	
FreeCommander 2009.02b	Marek Jasinski	23.06.2012		2009.02									Notwendig
GIMP 2.8.0	The GIMP Team	10.05.2012	241MB	2.8.0										Notwendig
Google Chrome	Google Inc.	06.11.2011		24.0.1312.56									Notwendig
Google Earth	Google	06.11.2011	92,7MB	6.1.0.5001										Notwendig
Hotkey Utility	Packard Bell	26.07.2011		2.05.3014									Unbekannt
Identity Card	Packard Bell	26.07.2011		1.00.3006									Unbekannt
Intel(R) Management Engine Components	Intel Corporation	26.07.2011		7.0.0.1144					Unbekannt
Intel(R) Rapid Storage Technology	Intel Corporation	26.07.2011		10.1.0.1008					Unbekannt
Internet-TV für Windows Media Center	Microsoft Corporation	06.11.2011	13,6MB	4.2.2.0						Notwendig
IrfanView (remove only)	Irfan Skiljan	06.11.2011	1,50MB	4.30									Notwendig
Java 7 Update 9 (64-bit)	Oracle	18.12.2012	127MB	7.0.90									Notwendig
Java SE Development Kit 7 Update 4 (64-bit)	Oracle	27.04.2012	143MB	1.7.0.40						Notwendig
Java SE Development Kit 7 Update 9 (64-bit)	Oracle	18.12.2012	188MB	1.7.0.90						Notwendig
Java(TM) 6 Update 37	Oracle	05.09.2012	95,7MB	6.0.370										Notwendig
JavaFX 2.1.0 (64-bit)	Oracle Corporation	27.04.2012	23,7MB	2.1.0								Notwendig
JavaFX 2.1.0 SDK (64-bit)	Oracle Corporation	27.04.2012	79,6MB	2.1.0							Notwendig
Kontrola Windows Live Mesh ActiveX za daljinske veze	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2			Unbekannt
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Landwirtschafts Simulator 2013	GIANTS Software	03.11.2012	282MB	1.0								Notwendig
Logitech Webcam-Software	Logitech Inc.	05.11.2011		2.30								Notwendig
MAGIX Screenshare	MAGIX AG	12.11.2011	1,42MB	4.3.6.1987								Notwendig
MAGIX Speed burnR (MSI)	MAGIX AG	12.11.2011	51,1MB	7.0.2.6									Notwendig
MAGIX Video deluxe 17 Premium Sonderedition	MAGIX AG	12.11.2011		10.0.12.2					Notwendig
Malwarebytes Anti-Malware Version 1.70.0.1100	Malwarebytes Corporation	25.01.2013	18,4MB	1.70.0.1100			------------------
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.07.2012	38,8MB	4.0.30320				Unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.07.2012	2,93MB	4.0.30320		Unbekannt
Microsoft .NET Framework 4 Extended	Microsoft Corporation	26.11.2012	51,9MB	4.0.30319					Unbekannt
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	26.11.2012	10,6MB	4.0.30319			Unbekannt
Microsoft Image Composite Editor	Microsoft Corporation	30.11.2012	5,16MB	1.4.4						Unbekannt
Microsoft IntelliPoint 8.2	Microsoft Corporation	16.05.2012		8.20.468.0						Unbekannt
Microsoft Office Home and Student 2010	Microsoft Corporation	05.11.2011		14.0.6029.1000					Unbekannt
Microsoft Silverlight	Microsoft Corporation	11.05.2012	80,3MB	4.1.10329.0							Unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	26.07.2011	1,69MB	3.1.0000				Unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	24.01.2012	250KB	8.0.50727.4053	Notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	05.11.2011	300KB	8.0.59193				Notwendig
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	26.11.2012	620KB	8.0.61000				Notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	11.03.2011	784KB	9.0.30729.4148		Notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	05.11.2011	788KB	9.0.30729.6161		Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	10.12.2011	234KB	9.0.30729		Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	11.03.2011	240KB	9.0.30729		Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	11.03.2011	596KB	9.0.30729.4148		Notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	05.11.2011	600KB	9.0.30729.6161		Notwendig
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	28.09.2012	13,8MB	10.0.40219		Notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	05.11.2011	16,5MB	10.0.40219		Notwendig
Microsoft WSE 3.0 Runtime	Microsoft Corp.	26.11.2012	942KB	3.0.5305.0							Unbekannt
Mozilla Firefox 19.0 (x86 de)	Mozilla	26.01.2013	44,3MB	19.0									Notwendig
Mozilla Maintenance Service	Mozilla	11.01.2013	330KB	19.0									Unbekannt
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	05.11.2011	1,27MB	4.20.9870.0						Unbekannt
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	05.11.2011	1,33MB	4.20.9876.0						Unbekannt
MyFreeCodec		24.04.2012													Unbekannt		
Nero DiscSpeed 10	Nero AG	11.03.2011	7,21MB	6.2.10500.2.100									Notwendig
Nero Express 10	Nero AG	11.03.2011	165MB	10.2.12000.21.100									Notwendig
Nero Multimedia Suite 10 Essentials	Nero AG	11.03.2011	372MB	10.5.10300							Notwendig
Nero StartSmart 10	Nero AG	11.03.2011	143MB	10.2.11600.14.100								Notwendig
Nero Update	Nero AG	11.03.2011	1,43MB	1.0.0018										Notwendig
NewBlue Light Rays for Magix	NewBlue	12.11.2011		1.4									Notwendig
NewBlue Lightning for Magix	NewBlue	12.11.2011		1.4									Notwendig
NewBlueFX Premium Effects	NewBlue	12.11.2011		1.4									Notwendig
NVIDIA 3D Vision Controller-Treiber 310.90	NVIDIA Corporation	06.01.2013		310.90					Notwendig
NVIDIA 3D Vision Treiber 310.90	NVIDIA Corporation	06.01.2013		310.90							Notwendig
NVIDIA Grafiktreiber 310.90	NVIDIA Corporation	06.01.2013		310.90							Notwendig
NVIDIA HD-Audiotreiber 1.3.18.0	NVIDIA Corporation	06.01.2013		1.3.18.0						Notwendig
NVIDIA PhysX-Systemsoftware 9.12.1031	NVIDIA Corporation	06.01.2013		9.12.1031					Notwendig
NVIDIA Update 1.11.3	NVIDIA Corporation	06.01.2013		1.11.3								Notwendig
OpenAL		01.11.2012														Unbekannt	
Origin	Electronic Arts, Inc.	26.09.2012		9.0.10.69									Notwendig
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2			Unbekannt
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2			Unbekannt
Packard Bell Games	WildTangent	11.03.2011		1.0.2.4									Unbekannt
Packard Bell Recovery Management	Packard Bell	11.03.2011		5.00.3002						Unbekannt
Packard Bell Registration	Packard Bell	26.07.2011		1.03.3003							Unbekannt
Packard Bell ScreenSaver	Packard Bell 	26.07.2011		1.1.0225.2011							Unbekannt
Packard Bell Software Suite SE	Packard Bell	26.07.2011		2.01.3003							Unbekannt
Packard Bell Updater	Packard Bell	11.03.2011		1.02.3005								Unbekannt
PCTV Package - Windows Media Center	PCTV Systems	05.11.2011	16,1MB	4.1.0.148						Notwendig
Photo Frame	Northstar Systems Corp.	26.07.2011	17,8MB	5.0.0.10								Notwendig
PlayReady PC Runtime amd64	Microsoft Corporation	05.11.2011	2,05MB	1.3.0							Notwendig
Pro/ENGINEER Release Wildfire 5.0 Datecode M060	PTC	09.11.2012		Wildfire 5.0						Notwendig
Pro/ENGINEER Thumbnail Viewer 1.0	PTC	09.11.2012	15,6MB	28.10.280							Notwendig
proDAD Adorage 3.0	proDAD GmbH	12.11.2011		3.0.61									Notwendig
proDAD Heroglyph 2.5	proDAD GmbH	12.11.2011		2.6.32									Notwendig
proDAD Mercalli 2.0	proDAD GmbH	12.11.2011		2.0.61									Notwendig
ProductView Express 9.1	PTC	31.01.2012	269MB	9.1.50.19									Notwendig
QuickTime	Apple Inc.	08.11.2012	73,1MB	7.73.80.64									Notwendig
Realtek Ethernet Controller Driver	Realtek	11.03.2011		7.36.1224.2010							Notwendig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	26.07.2011		6.0.1.6257				Notwendig
Samsung Kies	Samsung Electronics Co., Ltd.	24.04.2012	207MB	2.3.0.12035_16							Notwendig
SAMSUNG USB Driver for Mobile Phones	SAMSUNG Electronics Co., Ltd.	06.11.2012	42,9MB	1.5.15.0				Notwendig
Schnell-Deinstallations-Tool für Autodesk Inventor 2013	Autodesk	26.11.2012	1,78MB	17.0.13800.0000				Notwendig
SDFormatter	SD Association	03.10.2012	3,57MB	3.1.0										Notwendig
Skype™ 5.10	Skype Technologies S.A.	20.09.2012	19,4MB	5.10.116								Notwendig
Tabellenbuch Metall 7.0	Verlag Europa-Lehrmittel	22.11.2011		7.0							Notwendig
Tablet Driver	Hanwang technolgy	06.11.2011		2.05.0000								Notwendig
TeamViewer 7	TeamViewer	07.07.2012		7.0.13852									Notwendig
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2		Unbekannt
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Vasco da Gama 4 HDPro	MotionStudios	12.11.2011	891MB	4.00.0000								Notwendig
VLC media player 1.1.11	VideoLAN	06.11.2011		1.1.11									Notwendig
Welcome Center	Packard Bell	26.07.2011		1.02.3102									Unbekannt
Windows Live Essentials	Microsoft Corporation	03.05.2012		15.4.3555.0308							Unbekannt
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2	Unbekannt
Windows Live Mesh ActiveX Control for Remote Connections	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2		Unbekannt
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2		Unbekannt
Windows Live Mesh ActiveX-objekt til fjernforbindelser	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2			Unbekannt
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz	Microsoft Corporation	20.11.2011	5,38MB	15.4.5722.2			Unbekannt
Windows Live Meshin etäyhteyksien ActiveX-komponentti	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2			Unbekannt
XnView 1.98.2	Gougelet Pierre-e	06.11.2011	36,7MB	1.98.2									Notwendig
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2		Unbekannt
Элемент управления Windows Live Mesh ActiveX для удаленных подключений	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2			Unbekannt
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2						Unbekannt
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة	Microsoft Corporation	20.11.2011	5,57MB	15.4.5722.2						Unbekannt
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2						Unbekannt
適用遠端連線的 Windows Live Mesh ActiveX 控制項	Microsoft Corporation	20.11.2011	5,37MB	15.4.5722.2							Unbekannt

Antwort
Seite 1 von 3 1 23

Themen zu Computer wird bei Verbindung mit dem Internet gesperrt
.html, brauche, community, compu, computer, computer gesperrt, daten, dringend, ebenfalls, gesperrt, helfer, heute, hoffe, installiere, installieren, inter, interne, internet, liebe, manuel, neu, problem, retten, schnell, verbindung, wenig


« Infiziert? Avast meldete Blockieren bösartiger Website, Rechner startete neu | Trojaner FAKEAV-EKA in vsmon.exe im Arbeitsspeicher »


Ähnliche Themen: Computer wird bei Verbindung mit dem Internet gesperrt


  1. Polizei Trojaner, PC gesperrt, sobald Verbindung zum Internet besteht
    Log-Analyse und Auswertung - 21.01.2013 (7)
  2. Virus, es wird immer angezeigt: Ihr Computer ist Gesperrt!
    Log-Analyse und Auswertung - 27.12.2012 (1)
  3. 100€ bezahlen sonst wird der Computer gesperrt,etc
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (15)
  4. Weisser Bildschirm - Warten sie während die Verbindung mit dem Internet hergestellt wird - Win Xp
    Log-Analyse und Auswertung - 25.03.2012 (3)
  5. Warten sie während die Verbindung mit dem Internet hergestellt wird - Trojaner eingefangen - Win7
    Log-Analyse und Auswertung - 21.03.2012 (1)
  6. 50 Euro-Trojaner - PC gesperrt bei Verbindung mit dem Internet
    Log-Analyse und Auswertung - 19.03.2012 (30)
  7. Weißer Bildschirm mit Bitte warten sie während die Verbindung mit dem Internet hergestellt wird.
    Plagegeister aller Art und deren Bekämpfung - 25.02.2012 (1)
  8. Weißer Bildschirm: Bitte Warten sie während die Verbindung mit dem Internet hergestellt wird
    Log-Analyse und Auswertung - 22.02.2012 (6)
  9. Windows Security System - Computer wird gesperrt - 100€ zahlen
    Log-Analyse und Auswertung - 15.02.2012 (1)
  10. Verbindung zum Internet wird getrennt
    Log-Analyse und Auswertung - 20.01.2012 (14)
  11. Fritz Box Lan Verbindung wird erkannt aber kein Internet
    Netzwerk und Hardware - 27.10.2010 (1)
  12. Internet Verbindung wird nach kurzer Zeit getrennt
    Antiviren-, Firewall- und andere Schutzprogramme - 26.12.2009 (2)
  13. rechner wird langsamer wen verbindung mit dem internet hergestellt wird
    Log-Analyse und Auswertung - 24.08.2008 (9)
  14. Internet Verbindung wird getrennt!
    Log-Analyse und Auswertung - 13.07.2008 (2)
  15. Internet verbindung wird getrennt - logfile - bitte um hilfe
    Log-Analyse und Auswertung - 02.01.2008 (7)
  16. Internet- wird unterbrochen/ WLAN-Verbindung bleibt
    Alles rund um Windows - 19.07.2006 (15)
  17. Internet-verbindung wird andauernd getrennt!
    Log-Analyse und Auswertung - 06.02.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer wird bei Verbindung mit dem Internet gesperrt - Hallo liebe Helfer, seit heute Mittag habe ich dass Problem, dass mein PC bei bestehender Verbindung mit dem Internet gesperrt wird. Das Problem ist exakt Deckungsgleich zum dem, welches hier - Computer wird bei Verbindung mit dem Internet gesperrt...
Archiv
Du betrachtest: Computer wird bei Verbindung mit dem Internet gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130