Bildschirm nach Hochfahrennur noch weiss

Praziquantel · 27.02.2013, 21:41

Hallo,

als ich j[ngst im Internet rumsurfte, st[ryte das System auf einmal apprupt ab und es war nur noch ein weisser Bildschirm yu bestaunen.

Nach erneutem Starten des Sytems f'hrt zwar alles hoch, jedoch wird der Bildschirm wenige sekunden danach wieder weiss, es l'sst sich nichts mehr machen, ausf[hren, anklicken.

Auch der abgesicherte Modus funktioniert nicht.

Habe nun reatogo von einem anderen rechner auf dvd gebrannt, installiert und mittels OTLPE Scan diese Informationen erhalten

Zitat:

OTL logfile created on: 2/27/2013 9:00:16 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.74 Gb Total Space | 65.76 Gb Free Space | 14.49% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 398.52 Gb Free Space | 85.56% Space Free | Partition Type: NTFS
Drive E: | 7.61 Gb Total Space | 7.28 Gb Free Space | 95.68% Space Free | Partition Type: FAT32
Drive F: | 12.02 Gb Total Space | 1.93 Gb Free Space | 16.06% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/25 08:50:06 | 000,114,688 | ---- | M] () [Auto] -- C:\Windows\System32\GFilterSvc.exe -- (GFilterSvc)
SRV:64bit: - [2012/07/25 08:50:02 | 000,106,496 | ---- | M] () [Auto] -- C:\Windows\System32\KBDUSA64.exe -- (cscriptd)
SRV:64bit: - [2012/06/03 11:22:47 | 000,354,816 | ---- | M] (Parental Solutions Inc.) [Auto] -- C:\Windows\System32\poua2v77j.dll -- (Dnscache)
SRV:64bit: - [2008/11/17 23:09:46 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2008/10/26 15:49:46 | 000,279,040 | ---- | M] (IDT, Inc.) [Auto] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/06/27 10:53:06 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/05 10:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/01/25 03:47:09 | 002,620,016 | ---- | M] (Iminent) [Auto] -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2013/01/08 06:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/10 11:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/12/15 17:49:23 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2011/11/22 03:59:30 | 000,018,432 | ---- | M] () [Auto] -- C:\Users\user\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe -- (StumbleUponUpdater)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/29 01:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) @C:\Program Files (x86)
SRV - [2009/07/25 23:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- D:\Spiele\Rollenspiele\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/17 10:11:40 | 000,365,952 | ---- | M] () [Auto] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 10:13:08 | 000,296,320 | ---- | M] () [Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2008/11/26 10:13:08 | 000,116,096 | ---- | M] () [Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/11/17 23:09:42 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2008/10/16 12:31:12 | 000,906,752 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/02/03 06:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/11 08:12:29 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 20:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\NISx64\1207020.003\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/02/03 08:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/12/25 04:09:46 | 000,314,016 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/12/25 04:09:45 | 000,043,680 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/09/27 19:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009/08/24 02:14:30 | 000,054,784 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\azvusb.sys -- (azvusb)
DRV:64bit: - [2008/12/31 09:01:20 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/10/26 15:50:58 | 000,469,504 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/10/23 04:42:06 | 000,128,352 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/09/04 12:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2008/08/28 18:57:24 | 004,745,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/08/06 11:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/06/26 06:23:12 | 000,698,376 | ---- | M] (DiBcom SA) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2008/03/27 05:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 05:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/01/20 21:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v64.sys -- (NETw3v64) Intel(R)
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 10:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 20:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV - [2011/11/14 14:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/09 08:43:23 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/09 08:43:22 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/11/01 15:34:59 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111128.036\EX64.SYS -- (NAVEX15)
DRV - [2011/11/01 15:34:58 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111128.036\ENG64.SYS -- (NAVENG)
DRV - [2011/10/07 08:04:12 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111128.030\IDSviA64.sys -- (IDSVia64)
DRV - [2008/11/28 11:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/07/20 03:42:46] [Kernel | Auto] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.iminent.com/?appId=E55BCDD2-B6A4-432F-B13D-4E82F1569FE9
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 E3 99 12 A5 CE CA 01 [binary data]
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\user_ON_C\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll (McAfee, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009/10/18 23:43:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011/10/09 23:53:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/10 12:35:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2013/02/27 13:03:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com [2012/11/08 14:35:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/07 17:58:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/08 11:58:33 | 000,000,000 | ---D | M]

[2012/11/07 17:58:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/01 01:56:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/24 12:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/24 17:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/07/25 08:49:52 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/10/24 17:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2007/07/26 07:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2012/10/24 17:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/08 12:37:04 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/04/04 14:50:16 | 000,001,237 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\flvtube.xml
[2012/10/24 17:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/30 02:39:32 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012/10/24 17:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/24 17:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (no name) - {64182481-4F71-486b-A045-B233BD0DA8FC} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\user\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found.
O3:64bit: - HKU\user_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] File not found
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKU\user_ON_C..\Run: [PeerGuardian] C:\Program Files (x86)\PeerGuardian2\pg2.exe (Methlabs)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - .DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15:64bit: - user_ON_C\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\user_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\user_ON_C Winlogon: Shell - (C:\Users\user\AppData\Roaming\skype.dat) - C:\Users\user\AppData\Roaming\skype.dat ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/02/19 09:36:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Macromedia
[2013/02/17 18:44:28 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Kollegah und Farid Bang - Jung, Brutal, Gutaussehend 2 (2013) (Limited Deluxe Edition)
[2013/02/17 12:21:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2013/02/17 12:21:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/02/17 12:21:32 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/17 12:21:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/02/17 12:21:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/17 12:21:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/02/17 12:21:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/17 12:21:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/02/17 12:21:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/02/17 12:21:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/17 12:21:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/17 12:21:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/17 12:21:27 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2013/02/17 12:21:25 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/02/17 12:21:25 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/02/17 12:21:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/02/17 12:21:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/02/14 10:05:05 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/02/14 10:05:04 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/02/14 10:04:25 | 004,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/12 02:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/02/05 06:57:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/05 06:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/01/30 10:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/01/30 10:40:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/01/30 10:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/01/30 10:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/01/30 09:38:50 | 1025,493,776 | ---- | C] (Microsoft Corporation) -- C:\Users\user\Desktop\X17-75062.exe
[2013/01/30 09:32:45 | 384,824,304 | ---- | C] (Microsoft Corporation) -- C:\Users\user\Desktop\officesuite2010sp1-kb2460049-x86-fullfile-de-de.exe
[2013/01/30 09:26:07 | 1169,711,680 | ---- | C] (Microsoft Corporation) -- C:\Users\user\Desktop\X17-75168.exe.partial
[2013/01/30 09:02:36 | 002,525,032 | ---- | C] (Solid State Networks) -- C:\Users\user\Desktop\22ea0d99856f4739b8f1455afb80b3f8dr99999dr548342952_Pod12_de-DE.exe
[2011/04/20 14:44:39 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2098/06/11 20:39:52 | 001,244,812 | ---- | M] () -- C:\Users\user\Desktop\PICT0293.JPG
[2098/06/11 20:38:32 | 001,247,593 | ---- | M] () -- C:\Users\user\Desktop\PICT0292.JPG
[2013/02/27 14:44:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/27 14:44:25 | 000,000,000 | ---- | M] () -- C:\Users\user\AppData\Roaming\skype.ini
[2013/02/27 14:44:15 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/27 14:44:15 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/02/27 14:44:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 14:44:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/27 14:44:00 | 4260,564,992 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/27 10:34:24 | 000,000,680 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2013/02/26 17:20:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/26 17:08:45 | 000,198,144 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/26 16:34:19 | 003,766,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/02/26 16:34:19 | 001,162,848 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/02/26 16:34:19 | 000,987,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/26 16:34:19 | 000,946,298 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/26 14:34:52 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013/02/24 12:22:47 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/02/19 12:41:24 | 008,103,290 | ---- | M] () -- C:\Users\user\Desktop\diss.pdf
[2013/02/18 02:48:02 | 000,432,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/17 15:54:09 | 025,624,575 | ---- | M] () -- C:\Users\user\Desktop\Weltspiegel - Auslandskorrespondenten berichten.ts
[2013/02/17 15:54:09 | 000,000,215 | ---- | M] () -- C:\Users\user\Desktop\Weltspiegel - Auslandskorrespondenten berichten.pmf
[2013/02/14 10:18:57 | 000,002,641 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Word 2010.lnk
[2013/02/12 02:29:25 | 000,001,955 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/02/12 02:29:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/02/12 02:29:22 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/02/12 02:29:11 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/05 16:50:00 | 001,498,013 | ---- | M] () -- C:\Users\user\Desktop\NARKOSEGERAETE.pdf
[2013/02/05 06:57:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/05 06:57:41 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/03 15:47:48 | 2840,763,532 | ---- | M] () -- C:\Users\user\Desktop\Tatort Die schöne Mona ist tot.ts
[2013/02/03 15:47:48 | 000,000,198 | ---- | M] () -- C:\Users\user\Desktop\Tatort Die schöne Mona ist tot.pmf
[2013/01/30 11:12:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/01/30 10:12:36 | 1025,493,776 | ---- | M] (Microsoft Corporation) -- C:\Users\user\Desktop\X17-75062.exe
[2013/01/30 09:46:17 | 384,824,304 | ---- | M] (Microsoft Corporation) -- C:\Users\user\Desktop\officesuite2010sp1-kb2460049-x86-fullfile-de-de.exe
[2013/01/30 09:26:19 | 1169,711,680 | ---- | M] (Microsoft Corporation) -- C:\Users\user\Desktop\X17-75168.exe.partial
[2013/01/30 09:02:36 | 002,525,032 | ---- | M] (Solid State Networks) -- C:\Users\user\Desktop\22ea0d99856f4739b8f1455afb80b3f8dr99999dr548342952_Pod12_de-DE.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/27 01:27:42 | 4260,564,992 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/26 17:34:37 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\skype.ini
[2013/02/19 12:41:22 | 008,103,290 | ---- | C] () -- C:\Users\user\Desktop\diss.pdf
[2013/02/18 18:59:27 | 001,247,593 | ---- | C] () -- C:\Users\user\Desktop\PICT0292.JPG
[2013/02/18 18:59:25 | 001,244,812 | ---- | C] () -- C:\Users\user\Desktop\PICT0293.JPG
[2013/02/17 15:54:09 | 000,000,215 | ---- | C] () -- C:\Users\user\Desktop\Weltspiegel - Auslandskorrespondenten berichten.pmf
[2013/02/17 13:49:22 | 025,624,575 | ---- | C] () -- C:\Users\user\Desktop\Weltspiegel - Auslandskorrespondenten berichten.ts
[2013/02/12 02:29:22 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/02/05 16:49:58 | 001,498,013 | ---- | C] () -- C:\Users\user\Desktop\NARKOSEGERAETE.pdf
[2013/02/03 15:47:48 | 000,000,198 | ---- | C] () -- C:\Users\user\Desktop\Tatort Die schöne Mona ist tot.pmf
[2013/02/03 14:15:57 | 2840,763,532 | ---- | C] () -- C:\Users\user\Desktop\Tatort Die schöne Mona ist tot.ts
[2013/01/30 10:41:56 | 000,002,641 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Word 2010.lnk
[2012/11/28 17:27:43 | 000,000,680 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2012/02/15 14:10:39 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2012/01/11 13:22:04 | 000,083,968 | ---- | C] () -- C:\Users\user\AppData\Roaming\skype.dat
[2011/04/20 14:56:17 | 000,001,057 | ---- | C] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2011/04/20 14:44:39 | 000,099,384 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2011/04/20 14:44:39 | 000,007,859 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2011/04/20 14:44:39 | 000,001,167 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2010/10/26 23:46:55 | 000,000,006 | ---- | C] () -- C:\Users\user\AppData\Roaming\start
[2010/10/26 23:45:13 | 000,000,006 | ---- | C] () -- C:\Users\user\AppData\Roaming\completescan
[2010/10/26 08:50:43 | 000,000,010 | ---- | C] () -- C:\Users\user\AppData\Roaming\install
[2010/10/24 22:51:27 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/03/28 23:35:41 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/18 06:42:06 | 000,034,666 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/01/10 12:35:14 | 000,023,715 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/03 12:11:46 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 12:11:17 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 12:10:52 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/19 12:20:14 | 000,078,239 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/10/03 02:10:34 | 000,214,764 | ---- | C] () -- C:\Windows\hpwins23.dat
[2009/09/28 11:45:37 | 000,198,144 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/19 09:04:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2009/07/19 20:38:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/01/22 00:05:52 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/01/21 17:36:44 | 000,000,428 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2008/12/31 06:55:34 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/10/25 04:30:45 | 000,001,847 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/11/14 08:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CogentBioSDK.dll
[2007/08/23 11:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 10:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2013/01/24 08:09:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\.minecraft
[2012/02/15 14:10:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Babylon
[2009/08/12 06:08:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DigitalPersona
[2013/02/21 08:49:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dropbox
[2012/11/08 14:38:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DVDVideoSoft
[2012/06/13 12:16:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GlarySoft
[2012/11/08 14:37:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Iminent
[2013/01/13 16:46:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LibreOffice
[2012/06/05 03:33:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Finder
[2009/10/08 13:38:15 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2011/04/18 09:37:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera
[2010/02/14 11:50:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SPORE Creature Creator
[2009/08/19 09:04:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2012/04/23 11:18:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TS3Client
[2011/04/20 14:58:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Vso
[2009/08/22 09:31:15 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WildTangent
[2009/08/11 23:58:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/02/15 14:10:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/08/11 23:58:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/10/18 23:40:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2009/08/11 23:58:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/11/08 14:36:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Iminent
[2012/05/20 14:45:25 | 000,000,000 | ---D | M] -- C:\ProgramData\OfficeRecovery
[2010/06/11 09:26:53 | 000,000,000 | ---D | M] -- C:\ProgramData\PCTV Systems
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/08/11 23:58:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012/06/04 14:02:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2009/07/19 20:57:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 10:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/08/11 23:58:12 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2010/03/13 04:36:00 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2012/02/16 17:09:00 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2009/01/21 17:23:48 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/08/10 00:56:10 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013/02/27 14:44:15 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2013/02/26 17:49:46 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Ich nutze Vista auf einem HP Laptop.

Hoffe, jemand kann helfen

markusg · 27.02.2013, 21:47

hi,
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

ATTFilter

:OTL
O20 - HKU\user_ON_C Winlogon: Shell - (C:\Users\user\AppData\Roaming\skype.dat) - C:\Users\user\AppData\Roaming\skype.dat ()
[2013/02/27 14:44:25 | 000,000,000 | ---- | M] () -- C:\Users\user\AppData\Roaming\skype.ini
:Files
C:\Users\user\AppData\Roaming\skype.dat
:Commands
[EMPTYFLASH] 
[emptytemp]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Praziquantel · 27.02.2013, 21:54

Vielen Dank f[r die schnelle Antwort!

Ich werds versuchen, muss nur erstmal yu nem anderen Rechner wandern, bin grad von dem reatogo aktiv.
Melde mich dann nochmal

markusg · 27.02.2013, 21:56

lass bitte solche zwischenposts weg, sonst muss ich hier unnötigerweise reingucken

Praziquantel · 03.03.2013, 19:24

So, hat alles super geklappt, vielen lieben Dank

Hab versucht, den Log nach Behebung im Up Channel zu posten, da kommt das:

Zitat:

Datei: Log nach Fehlerbehebung.txt empfangen

Fehler: Die Dateien konnten nicht empfangen werden. Bitte melden Sie sich im Forum.

Bin mir nich ganz sicher, obs nu geklappt hat oder nich ;-)

markusg · 03.03.2013, 19:37

ok lassen wir das.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Praziquantel · 03.03.2013, 20:11

So, das is bei rausgekommen:

Zitat:

20:01:43.0278 6440 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:01:43.0485 6440 ============================================================
20:01:43.0485 6440 Current date / time: 2013/03/03 20:01:43.0485
20:01:43.0485 6440 SystemInfo:
20:01:43.0485 6440
20:01:43.0486 6440 OS Version: 6.0.6002 ServicePack: 2.0
20:01:43.0486 6440 Product type: Workstation
20:01:43.0486 6440 ComputerName: USER-PC
20:01:43.0486 6440 UserName: user
20:01:43.0486 6440 Windows directory: C:\Windows
20:01:43.0486 6440 System windows directory: C:\Windows
20:01:43.0486 6440 Running under WOW64
20:01:43.0486 6440 Processor architecture: Intel x64
20:01:43.0486 6440 Number of processors: 4
20:01:43.0486 6440 Page size: 0x1000
20:01:43.0486 6440 Boot type: Normal boot
20:01:43.0486 6440 ============================================================
20:01:45.0248 6440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:01:45.0484 6440 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:01:45.0570 6440 ============================================================
20:01:45.0570 6440 \Device\Harddisk0\DR0:
20:01:45.0579 6440 MBR partitions:
20:01:45.0579 6440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
20:01:45.0579 6440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
20:01:45.0579 6440 \Device\Harddisk1\DR1:
20:01:45.0579 6440 MBR partitions:
20:01:45.0579 6440 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
20:01:45.0579 6440 ============================================================
20:01:45.0606 6440 C: <-> \Device\Harddisk0\DR0\Partition1
20:01:45.0644 6440 D: <-> \Device\Harddisk1\DR1\Partition1
20:01:45.0803 6440 E: <-> \Device\Harddisk0\DR0\Partition2
20:01:45.0803 6440 ============================================================
20:01:45.0803 6440 Initialize success
20:01:45.0803 6440 ============================================================
20:03:00.0302 6980 ============================================================
20:03:00.0302 6980 Scan started
20:03:00.0302 6980 Mode: Manual; SigCheck; TDLFS;
20:03:00.0302 6980 ============================================================
20:03:01.0216 6980 ================ Scan system memory ========================
20:03:01.0216 6980 System memory - ok
20:03:01.0217 6980 ================ Scan services =============================
20:03:01.0426 6980 [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:03:01.0596 6980 Accelerometer - ok
20:03:01.0659 6980 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:03:01.0718 6980 ACPI - ok
20:03:01.0780 6980 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:03:01.0840 6980 adp94xx - ok
20:03:01.0850 6980 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:03:01.0881 6980 adpahci - ok
20:03:01.0906 6980 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:03:01.0936 6980 adpu160m - ok
20:03:01.0965 6980 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:03:01.0988 6980 adpu320 - ok
20:03:02.0018 6980 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:03:02.0198 6980 AeLookupSvc - ok
20:03:02.0310 6980 [ 7F66523A27754AFCFECAE2F5EB643A4A ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe
20:03:02.0371 6980 AESTFilters - ok
20:03:02.0429 6980 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
20:03:02.0505 6980 AFD - ok
20:03:02.0605 6980 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:03:02.0627 6980 agp440 - ok
20:03:02.0661 6980 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:03:02.0683 6980 aic78xx - ok
20:03:02.0698 6980 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
20:03:02.0884 6980 ALG - ok
20:03:02.0926 6980 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
20:03:02.0945 6980 aliide - ok
20:03:02.0948 6980 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
20:03:02.0966 6980 amdide - ok
20:03:03.0005 6980 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:03:03.0071 6980 AmdK8 - ok
20:03:03.0111 6980 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
20:03:03.0166 6980 Appinfo - ok
20:03:03.0202 6980 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
20:03:03.0228 6980 arc - ok
20:03:03.0259 6980 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:03:03.0280 6980 arcsas - ok
20:03:03.0299 6980 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:03:03.0355 6980 AsyncMac - ok
20:03:03.0377 6980 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
20:03:03.0396 6980 atapi - ok
20:03:03.0444 6980 [ 54CA8AAC988B441A692311E3B584D944 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:03:03.0583 6980 Ati External Event Utility - ok
20:03:03.0863 6980 [ 4B42547AE95A31D0E1E200B68A6C7647 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:03:04.0125 6980 atikmdag - ok
20:03:04.0171 6980 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:03:04.0201 6980 atksgt - ok
20:03:04.0242 6980 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:03:04.0314 6980 AudioEndpointBuilder - ok
20:03:04.0322 6980 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:03:04.0364 6980 AudioSrv - ok
20:03:04.0410 6980 [ 9F4320BA8E7CE2342517B182A2F2C0E6 ] azvusb C:\Windows\system32\DRIVERS\azvusb.sys
20:03:04.0449 6980 azvusb - ok
20:03:04.0497 6980 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
20:03:04.0561 6980 BFE - ok
20:03:04.0793 6980 [ 82C695630676079F7AD68C85A5E662E5 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx64.sys
20:03:04.0865 6980 BHDrvx64 - ok
20:03:04.0931 6980 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
20:03:05.0075 6980 BITS - ok
20:03:05.0124 6980 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:03:05.0183 6980 blbdrive - ok
20:03:05.0265 6980 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:03:05.0294 6980 Bonjour Service - ok
20:03:05.0342 6980 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:03:05.0378 6980 bowser - ok
20:03:05.0423 6980 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:03:05.0490 6980 BrFiltLo - ok
20:03:05.0494 6980 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:03:05.0536 6980 BrFiltUp - ok
20:03:05.0579 6980 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
20:03:05.0638 6980 Browser - ok
20:03:05.0673 6980 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
20:03:05.0887 6980 Brserid - ok
20:03:05.0893 6980 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:03:05.0997 6980 BrSerWdm - ok
20:03:06.0013 6980 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:03:06.0103 6980 BrUsbMdm - ok
20:03:06.0116 6980 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:03:06.0201 6980 BrUsbSer - ok
20:03:06.0239 6980 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:03:06.0325 6980 BTHMODEM - ok
20:03:06.0377 6980 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:03:06.0439 6980 cdfs - ok
20:03:06.0479 6980 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:03:06.0537 6980 cdrom - ok
20:03:06.0594 6980 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
20:03:06.0646 6980 CertPropSvc - ok
20:03:06.0686 6980 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:03:06.0760 6980 circlass - ok
20:03:06.0800 6980 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
20:03:06.0832 6980 CLFS - ok
20:03:06.0960 6980 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:03:06.0979 6980 clr_optimization_v2.0.50727_32 - ok
20:03:07.0018 6980 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:03:07.0037 6980 clr_optimization_v2.0.50727_64 - ok
20:03:07.0093 6980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:03:07.0149 6980 clr_optimization_v4.0.30319_32 - ok
20:03:07.0182 6980 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:03:07.0214 6980 clr_optimization_v4.0.30319_64 - ok
20:03:07.0242 6980 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:03:07.0304 6980 CmBatt - ok
20:03:07.0317 6980 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:03:07.0340 6980 cmdide - ok
20:03:07.0410 6980 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
20:03:07.0428 6980 Com4QLBEx - ok
20:03:07.0455 6980 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:03:07.0474 6980 Compbatt - ok
20:03:07.0478 6980 COMSysApp - ok
20:03:07.0494 6980 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:03:07.0512 6980 crcdisk - ok
20:03:07.0535 6980 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:03:07.0590 6980 CryptSvc - ok
20:03:07.0653 6980 [ 71CBC019933437DD2AEB60CC4DDA0F0C ] cscriptd C:\Windows\system32\KBDUSA64.exe
20:03:07.0687 6980 cscriptd ( UnsignedFile.Multi.Generic ) - warning
20:03:07.0687 6980 cscriptd - detected UnsignedFile.Multi.Generic (1)
20:03:08.0141 6980 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc D:\Spiele\Rollenspiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:03:08.0157 6980 DAUpdaterSvc - ok
20:03:08.0241 6980 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:03:08.0326 6980 DcomLaunch - ok
20:03:08.0371 6980 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:03:08.0417 6980 DfsC - ok
20:03:08.0571 6980 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
20:03:08.0764 6980 DFSR - ok
20:03:08.0806 6980 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:03:08.0846 6980 Dhcp - ok
20:03:08.0877 6980 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
20:03:08.0898 6980 disk - ok
20:03:08.0939 6980 [ 5ED1B11D0FD324DBDDDF38A15A6A15C6 ] Dnscache C:\Windows\System32\poua2v77j.dll
20:03:08.0956 6980 Dnscache ( UnsignedFile.Multi.Generic ) - warning
20:03:08.0956 6980 Dnscache - detected UnsignedFile.Multi.Generic (1)
20:03:08.0979 6980 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
20:03:09.0020 6980 dot3svc - ok
20:03:09.0096 6980 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:03:09.0166 6980 Dot4 - ok
20:03:09.0216 6980 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:03:09.0276 6980 Dot4Print - ok
20:03:09.0292 6980 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:03:09.0359 6980 dot4usb - ok
20:03:09.0442 6980 [ 5BC1D876DFD53C31C5FC65D2E9614015 ] DpHost C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
20:03:09.0475 6980 DpHost ( UnsignedFile.Multi.Generic ) - warning
20:03:09.0475 6980 DpHost - detected UnsignedFile.Multi.Generic (1)
20:03:09.0512 6980 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
20:03:09.0579 6980 DPS - ok
20:03:09.0621 6980 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:03:09.0667 6980 drmkaud - ok
20:03:09.0717 6980 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:03:09.0773 6980 DXGKrnl - ok
20:03:09.0828 6980 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
20:03:09.0888 6980 E1G60 - ok
20:03:09.0938 6980 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
20:03:09.0992 6980 EapHost - ok
20:03:10.0028 6980 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
20:03:10.0052 6980 Ecache - ok
20:03:10.0134 6980 [ 5CCF1BE80930AEB1CDEBF561666325E8 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:03:10.0199 6980 eeCtrl - ok
20:03:10.0289 6980 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:03:10.0365 6980 ehRecvr - ok
20:03:10.0382 6980 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
20:03:10.0437 6980 ehSched - ok
20:03:10.0458 6980 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
20:03:10.0495 6980 ehstart - ok
20:03:10.0540 6980 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:03:10.0573 6980 elxstor - ok
20:03:10.0634 6980 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:03:10.0716 6980 EMDMgmt - ok
20:03:10.0748 6980 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
20:03:10.0800 6980 enecir - ok
20:03:10.0923 6980 [ 7A898E4A744621711BE7E7B796C69876 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:03:10.0940 6980 EraserUtilRebootDrv - ok
20:03:10.0988 6980 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:03:11.0035 6980 ErrDev - ok
20:03:11.0074 6980 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
20:03:11.0138 6980 EventSystem - ok
20:03:11.0233 6980 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
20:03:11.0307 6980 exfat - ok
20:03:11.0319 6980 ezSharedSvc - ok
20:03:11.0354 6980 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:03:11.0404 6980 fastfat - ok
20:03:11.0437 6980 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:03:11.0524 6980 fdc - ok
20:03:11.0555 6980 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
20:03:11.0631 6980 fdPHost - ok
20:03:11.0651 6980 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
20:03:11.0736 6980 FDResPub - ok
20:03:11.0756 6980 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:03:11.0777 6980 FileInfo - ok
20:03:11.0791 6980 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:03:11.0860 6980 Filetrace - ok
20:03:11.0865 6980 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:03:11.0931 6980 flpydisk - ok
20:03:11.0959 6980 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:03:11.0987 6980 FltMgr - ok
20:03:12.0040 6980 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
20:03:12.0144 6980 FontCache - ok
20:03:12.0188 6980 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:03:12.0203 6980 FontCache3.0.0.0 - ok
20:03:12.0221 6980 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:03:12.0265 6980 Fs_Rec - ok
20:03:12.0301 6980 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:03:12.0322 6980 gagp30kx - ok
20:03:12.0378 6980 [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
20:03:12.0397 6980 GameConsoleService - ok
20:03:12.0474 6980 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:03:12.0495 6980 GEARAspiWDM - ok
20:03:12.0532 6980 [ 0D0B3788E376EB16FA6F3A06719DA789 ] GFilterSvc C:\Windows\System32\GFilterSvc.exe
20:03:12.0540 6980 GFilterSvc ( UnsignedFile.Multi.Generic ) - warning
20:03:12.0540 6980 GFilterSvc - detected UnsignedFile.Multi.Generic (1)
20:03:12.0767 6980 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
20:03:12.0875 6980 gpsvc - ok
20:03:12.0969 6980 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:03:12.0988 6980 gupdate - ok
20:03:13.0003 6980 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:03:13.0018 6980 gupdatem - ok
20:03:13.0057 6980 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:03:13.0077 6980 gusvc - ok
20:03:13.0101 6980 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:03:13.0117 6980 hamachi - ok
20:03:13.0353 6980 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:03:13.0475 6980 Hamachi2Svc - ok
20:03:13.0532 6980 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:03:13.0578 6980 HdAudAddService - ok
20:03:13.0621 6980 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:03:13.0744 6980 HDAudBus - ok
20:03:13.0782 6980 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:03:13.0867 6980 HidBth - ok
20:03:13.0886 6980 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:03:13.0948 6980 HidIr - ok
20:03:13.0977 6980 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
20:03:14.0036 6980 hidserv - ok
20:03:14.0058 6980 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:03:14.0112 6980 HidUsb - ok
20:03:14.0141 6980 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
20:03:14.0192 6980 hkmsvc - ok
20:03:14.0253 6980 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
20:03:14.0281 6980 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0281 6980 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
20:03:14.0337 6980 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:03:14.0356 6980 HpCISSs - ok
20:03:14.0391 6980 [ 4A435CA815A54639CA09DDF75D751EBC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:03:14.0404 6980 hpdskflt - ok
20:03:14.0603 6980 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:03:14.0633 6980 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0633 6980 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:03:14.0670 6980 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:03:14.0689 6980 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0689 6980 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:03:14.0720 6980 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:03:14.0778 6980 HpqKbFiltr - ok
20:03:14.0810 6980 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:03:14.0820 6980 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0820 6980 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
20:03:14.0866 6980 [ 298A6890A7AC415DABB35047D168F13B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:03:14.0931 6980 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:03:14.0931 6980 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:03:14.0950 6980 [ 6BF024EA61D7894BF4AF0B10A90B546E ] hpsrv C:\Windows\system32\Hpservice.exe
20:03:14.0975 6980 hpsrv - ok
20:03:15.0064 6980 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:03:15.0247 6980 HTTP - ok
20:03:15.0264 6980 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:03:15.0283 6980 i2omp - ok
20:03:15.0314 6980 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:03:15.0367 6980 i8042prt - ok
20:03:15.0462 6980 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:03:15.0504 6980 iaStorV - ok
20:03:15.0574 6980 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:03:15.0631 6980 idsvc - ok
20:03:15.0753 6980 [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111128.030\IDSvia64.sys
20:03:15.0827 6980 IDSVia64 - ok
20:03:15.0848 6980 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:03:15.0868 6980 iirsp - ok
20:03:15.0892 6980 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
20:03:15.0958 6980 IKEEXT - ok
20:03:15.0994 6980 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
20:03:16.0013 6980 intelide - ok
20:03:16.0042 6980 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:03:16.0108 6980 intelppm - ok
20:03:16.0146 6980 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:03:16.0194 6980 IPBusEnum - ok
20:03:16.0313 6980 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:03:16.0361 6980 IpFilterDriver - ok
20:03:16.0391 6980 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:03:16.0443 6980 iphlpsvc - ok
20:03:16.0446 6980 IpInIp - ok
20:03:16.0471 6980 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:03:16.0541 6980 IPMIDRV - ok
20:03:16.0546 6980 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:03:16.0615 6980 IPNAT - ok
20:03:16.0678 6980 [ FDF57F795098AB29AF780824315C9859 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:03:16.0735 6980 iPod Service - ok
20:03:16.0782 6980 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:03:16.0829 6980 IRENUM - ok
20:03:16.0857 6980 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:03:16.0876 6980 isapnp - ok
20:03:16.0905 6980 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:03:16.0930 6980 iScsiPrt - ok
20:03:16.0946 6980 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:03:16.0964 6980 iteatapi - ok
20:03:16.0987 6980 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:03:17.0004 6980 iteraid - ok
20:03:17.0025 6980 [ 54DF9EAFB54A98E1A2AC3DB69C16CF05 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:03:17.0081 6980 JMCR - ok
20:03:17.0101 6980 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:03:17.0122 6980 kbdclass - ok
20:03:17.0171 6980 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:03:17.0226 6980 kbdhid - ok
20:03:17.0260 6980 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
20:03:17.0297 6980 KeyIso - ok
20:03:17.0332 6980 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:03:17.0372 6980 KSecDD - ok
20:03:17.0397 6980 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:03:17.0494 6980 ksthunk - ok
20:03:17.0545 6980 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
20:03:17.0737 6980 KtmRm - ok
20:03:17.0876 6980 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:03:17.0928 6980 LanmanServer - ok
20:03:17.0989 6980 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:03:18.0044 6980 LanmanWorkstation - ok
20:03:18.0099 6980 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:03:18.0107 6980 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:03:18.0107 6980 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:03:18.0145 6980 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:03:18.0162 6980 lirsgt - ok
20:03:18.0171 6980 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:03:18.0237 6980 lltdio - ok
20:03:18.0510 6980 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:03:18.0681 6980 lltdsvc - ok
20:03:18.0785 6980 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:03:18.0847 6980 lmhosts - ok
20:03:18.0875 6980 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:03:18.0897 6980 LSI_FC - ok
20:03:18.0910 6980 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:03:18.0936 6980 LSI_SAS - ok
20:03:18.0942 6980 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:03:18.0964 6980 LSI_SCSI - ok
20:03:18.0969 6980 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
20:03:19.0058 6980 luafv - ok
20:03:19.0160 6980 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
20:03:19.0184 6980 McComponentHostService - ok
20:03:19.0207 6980 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:03:19.0229 6980 Mcx2Svc - ok
20:03:19.0255 6980 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
20:03:19.0273 6980 megasas - ok
20:03:19.0288 6980 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:03:19.0357 6980 MegaSR - ok
20:03:19.0388 6980 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
20:03:19.0435 6980 MMCSS - ok
20:03:19.0521 6980 [ 7AB7E3009B17E13C5BAFC57EC5724CCF ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys
20:03:19.0569 6980 mod7700 - ok
20:03:19.0591 6980 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
20:03:19.0657 6980 Modem - ok
20:03:19.0676 6980 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:03:19.0755 6980 monitor - ok
20:03:19.0787 6980 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:03:19.0811 6980 mouclass - ok
20:03:19.0852 6980 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:03:19.0910 6980 mouhid - ok
20:03:19.0927 6980 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:03:19.0947 6980 MountMgr - ok
20:03:19.0973 6980 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
20:03:19.0994 6980 mpio - ok
20:03:20.0007 6980 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:03:20.0052 6980 mpsdrv - ok
20:03:20.0219 6980 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
20:03:20.0336 6980 MpsSvc - ok
20:03:20.0354 6980 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:03:20.0372 6980 Mraid35x - ok
20:03:20.0390 6980 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:03:20.0414 6980 MRxDAV - ok
20:03:20.0457 6980 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:03:20.0513 6980 mrxsmb - ok
20:03:20.0539 6980 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:03:20.0575 6980 mrxsmb10 - ok
20:03:20.0599 6980 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:03:20.0655 6980 mrxsmb20 - ok
20:03:20.0697 6980 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
20:03:20.0716 6980 msahci - ok
20:03:20.0758 6980 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:03:20.0781 6980 msdsm - ok
20:03:20.0801 6980 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
20:03:20.0851 6980 MSDTC - ok
20:03:20.0882 6980 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:03:20.0946 6980 Msfs - ok
20:03:20.0973 6980 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:03:20.0993 6980 msisadrv - ok
20:03:21.0025 6980 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:03:21.0098 6980 MSiSCSI - ok
20:03:21.0102 6980 msiserver - ok
20:03:21.0129 6980 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:03:21.0184 6980 MSKSSRV - ok
20:03:21.0207 6980 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:03:21.0274 6980 MSPCLOCK - ok
20:03:21.0295 6980 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:03:21.0358 6980 MSPQM - ok
20:03:21.0502 6980 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:03:21.0567 6980 MsRPC - ok
20:03:21.0589 6980 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:03:21.0610 6980 mssmbios - ok
20:03:21.0642 6980 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:03:21.0708 6980 MSTEE - ok
20:03:21.0785 6980 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
20:03:21.0807 6980 Mup - ok
20:03:21.0847 6980 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
20:03:21.0895 6980 napagent - ok
20:03:21.0931 6980 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:03:21.0956 6980 NativeWifiP - ok
20:03:22.0066 6980 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111128.036\ENG64.SYS
20:03:22.0091 6980 NAVENG - ok
20:03:22.0210 6980 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111128.036\EX64.SYS
20:03:22.0397 6980 NAVEX15 - ok
20:03:22.0477 6980 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:03:22.0531 6980 NDIS - ok
20:03:22.0569 6980 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:03:22.0616 6980 NdisTapi - ok
20:03:22.0652 6980 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:03:22.0710 6980 Ndisuio - ok
20:03:22.0745 6980 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:03:22.0785 6980 NdisWan - ok
20:03:22.0790 6980 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:03:22.0873 6980 NDProxy - ok
20:03:22.0896 6980 [ BD94210175C488F18ADD3E189EE9304C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:03:22.0906 6980 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:03:22.0906 6980 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:03:22.0937 6980 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:03:23.0003 6980 NetBIOS - ok
20:03:23.0033 6980 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:03:23.0073 6980 netbt - ok
20:03:23.0082 6980 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
20:03:23.0102 6980 Netlogon - ok
20:03:23.0132 6980 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
20:03:23.0196 6980 Netman - ok
20:03:23.0219 6980 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
20:03:23.0292 6980 netprofm - ok
20:03:23.0320 6980 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:03:23.0339 6980 NetTcpPortSharing - ok
20:03:23.0434 6980 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
20:03:23.0918 6980 NETw3v64 - ok
20:03:24.0333 6980 [ BFBD278F8C9BCEC693345759AC278E14 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
20:03:24.0729 6980 NETw5v64 - ok
20:03:24.0743 6980 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:03:24.0762 6980 nfrd960 - ok
20:03:24.0974 6980 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
20:03:24.0992 6980 NIS - ok
20:03:25.0038 6980 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
20:03:25.0101 6980 NlaSvc - ok
20:03:25.0129 6980 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:03:25.0165 6980 Npfs - ok
20:03:25.0175 6980 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
20:03:25.0237 6980 nsi - ok
20:03:25.0258 6980 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:03:25.0321 6980 nsiproxy - ok
20:03:25.0697 6980 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:03:25.0777 6980 Ntfs - ok
20:03:25.0867 6980 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
20:03:25.0948 6980 Null - ok
20:03:25.0980 6980 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:03:26.0002 6980 nvraid - ok
20:03:26.0015 6980 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:03:26.0034 6980 nvstor - ok
20:03:26.0054 6980 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:03:26.0077 6980 nv_agp - ok
20:03:26.0084 6980 NwlnkFlt - ok
20:03:26.0091 6980 NwlnkFwd - ok
20:03:26.0130 6980 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:03:26.0165 6980 ohci1394 - ok
20:03:26.0219 6980 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:03:26.0238 6980 ose - ok
20:03:26.0687 6980 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:03:26.0920 6980 osppsvc - ok
20:03:26.0969 6980 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:03:27.0059 6980 p2pimsvc - ok
20:03:27.0090 6980 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
20:03:27.0125 6980 p2psvc - ok
20:03:27.0164 6980 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
20:03:27.0269 6980 Parport - ok
20:03:27.0312 6980 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:03:27.0339 6980 partmgr - ok
20:03:27.0385 6980 [ 55223EEFABFDB84A926515FEBAB50D9A ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
20:03:27.0405 6980 pbfilter - ok
20:03:27.0431 6980 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
20:03:27.0572 6980 PcaSvc - ok
20:03:27.0626 6980 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
20:03:27.0650 6980 pci - ok
20:03:27.0678 6980 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
20:03:27.0697 6980 pciide - ok
20:03:27.0720 6980 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:03:27.0743 6980 pcmcia - ok
20:03:27.0786 6980 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
20:03:27.0840 6980 pcouffin - ok
20:03:27.0864 6980 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:03:27.0982 6980 PEAUTH - ok
20:03:28.0063 6980 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:03:28.0111 6980 PerfHost - ok
20:03:28.0183 6980 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
20:03:28.0297 6980 pla - ok
20:03:28.0331 6980 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:03:28.0412 6980 PlugPlay - ok
20:03:28.0441 6980 [ 7FE2AFB17D91CF39843D6766EA31CFC7 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:03:28.0450 6980 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:03:28.0450 6980 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:03:28.0476 6980 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:03:28.0512 6980 PNRPAutoReg - ok
20:03:28.0575 6980 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:03:28.0611 6980 PNRPsvc - ok
20:03:28.0658 6980 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:03:28.0707 6980 PolicyAgent - ok
20:03:28.0735 6980 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:03:28.0773 6980 PptpMiniport - ok
20:03:28.0827 6980 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
20:03:28.0889 6980 Processor - ok
20:03:28.0913 6980 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
20:03:28.0966 6980 ProfSvc - ok
20:03:28.0981 6980 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
20:03:29.0002 6980 ProtectedStorage - ok
20:03:29.0049 6980 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:03:29.0093 6980 PSched - ok
20:03:29.0133 6980 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:03:29.0213 6980 ql2300 - ok
20:03:29.0234 6980 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:03:29.0254 6980 ql40xx - ok
20:03:29.0290 6980 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
20:03:29.0334 6980 QWAVE - ok
20:03:29.0357 6980 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:03:29.0393 6980 QWAVEdrv - ok
20:03:29.0425 6980 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:03:29.0486 6980 RasAcd - ok
20:03:29.0523 6980 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
20:03:29.0595 6980 RasAuto - ok
20:03:29.0652 6980 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:03:29.0725 6980 Rasl2tp - ok
20:03:29.0771 6980 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
20:03:29.0814 6980 RasMan - ok
20:03:29.0918 6980 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:03:29.0996 6980 RasPppoe - ok
20:03:30.0012 6980 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:03:30.0034 6980 RasSstp - ok
20:03:30.0114 6980 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:03:30.0220 6980 rdbss - ok
20:03:30.0250 6980 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:03:30.0296 6980 RDPCDD - ok
20:03:30.0323 6980 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:03:30.0387 6980 rdpdr - ok
20:03:30.0406 6980 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:03:30.0464 6980 RDPENCDD - ok
20:03:30.0512 6980 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:03:30.0564 6980 RDPWD - ok
20:03:30.0760 6980 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
20:03:30.0791 6980 Recovery Service for Windows - ok
20:03:30.0837 6980 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:03:30.0887 6980 RemoteAccess - ok
20:03:30.0912 6980 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:03:30.0951 6980 RemoteRegistry - ok
20:03:31.0019 6980 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
20:03:31.0072 6980 RpcLocator - ok
20:03:31.0110 6980 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
20:03:31.0159 6980 RpcSs - ok
20:03:31.0200 6980 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:03:31.0264 6980 rspndr - ok
20:03:31.0315 6980 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
20:03:31.0387 6980 RTL8169 - ok
20:03:31.0402 6980 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
20:03:31.0422 6980 SamSs - ok
20:03:31.0463 6980 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:03:31.0486 6980 sbp2port - ok
20:03:31.0508 6980 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:03:31.0563 6980 SCardSvr - ok
20:03:31.0689 6980 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
20:03:31.0910 6980 Schedule - ok
20:03:32.0060 6980 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:03:32.0095 6980 SCPolicySvc - ok
20:03:32.0210 6980 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:03:32.0293 6980 sdbus - ok
20:03:32.0325 6980 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:03:32.0375 6980 SDRSVC - ok
20:03:32.0392 6980 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:03:32.0483 6980 secdrv - ok
20:03:32.0503 6980 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
20:03:32.0570 6980 seclogon - ok
20:03:32.0595 6980 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
20:03:32.0660 6980 SENS - ok
20:03:32.0694 6980 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:03:32.0779 6980 Serenum - ok
20:03:32.0831 6980 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
20:03:32.0902 6980 Serial - ok
20:03:32.0919 6980 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:03:32.0977 6980 sermouse - ok
20:03:33.0039 6980 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
20:03:33.0106 6980 SessionEnv - ok
20:03:33.0123 6980 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:03:33.0170 6980 sffdisk - ok
20:03:33.0201 6980 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:03:33.0288 6980 sffp_mmc - ok
20:03:33.0295 6980 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:03:33.0359 6980 sffp_sd - ok
20:03:33.0370 6980 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:03:33.0440 6980 sfloppy - ok
20:03:33.0481 6980 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:03:33.0554 6980 SharedAccess - ok
20:03:33.0581 6980 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:03:33.0650 6980 ShellHWDetection - ok
20:03:33.0680 6980 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:03:33.0702 6980 SiSRaid2 - ok
20:03:33.0713 6980 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:03:33.0735 6980 SiSRaid4 - ok
20:03:33.0778 6980 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:03:33.0801 6980 SkypeUpdate - ok
20:03:33.0880 6980 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
20:03:34.0053 6980 slsvc - ok
20:03:34.0083 6980 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:03:34.0127 6980 SLUINotify - ok
20:03:34.0155 6980 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:03:34.0209 6980 Smb - ok
20:03:34.0246 6980 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:03:34.0285 6980 SNMPTRAP - ok
20:03:34.0313 6980 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
20:03:34.0336 6980 spldr - ok
20:03:34.0364 6980 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
20:03:34.0414 6980 Spooler - ok
20:03:34.0720 6980 [ 4EDA91FF8EEE2196229AACCCC9F6952C ] SProtection C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
20:03:34.0838 6980 SProtection - ok
20:03:34.0908 6980 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
20:03:34.0955 6980 SRTSP - ok
20:03:34.0992 6980 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
20:03:35.0008 6980 SRTSPX - ok
20:03:35.0066 6980 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
20:03:35.0127 6980 srv - ok
20:03:35.0182 6980 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:03:35.0229 6980 srv2 - ok
20:03:35.0249 6980 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:03:35.0289 6980 srvnet - ok
20:03:35.0316 6980 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:03:35.0378 6980 SSDPSRV - ok
20:03:35.0402 6980 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:03:35.0443 6980 SstpSvc - ok
20:03:35.0519 6980 [ A400C503B256CD7C8289B2A943370415 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe
20:03:35.0557 6980 STacSV - ok
20:03:35.0597 6980 [ 0C2BF91CDC0575F5713A4D2D5118BC06 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:03:35.0626 6980 STHDA - ok
20:03:35.0665 6980 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
20:03:35.0719 6980 stisvc - ok
20:03:35.0818 6980 [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\user\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
20:03:35.0871 6980 StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - warning
20:03:35.0871 6980 StumbleUponUpdater - detected UnsignedFile.Multi.Generic (1)
20:03:35.0937 6980 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:03:35.0957 6980 swenum - ok
20:03:36.0001 6980 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
20:03:36.0066 6980 swprv - ok
20:03:36.0084 6980 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:03:36.0109 6980 Symc8xx - ok
20:03:36.0127 6980 SYMDNS - ok
20:03:36.0158 6980 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
20:03:36.0189 6980 SymDS - ok
20:03:36.0239 6980 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
20:03:36.0295 6980 SymEFA - ok
20:03:36.0342 6980 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:03:36.0361 6980 SymEvent - ok
20:03:36.0366 6980 SYMFW - ok
20:03:36.0393 6980 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
20:03:36.0411 6980 SymIRON - ok
20:03:36.0418 6980 SYMNDISV - ok
20:03:36.0424 6980 SYMREDRV - ok
20:03:36.0548 6980 [ 61D06BE74FA23EBB7D816E4468EDD19E ] SYMTDIv C:\Windows\System32\Drivers\NISx64\1207020.003\SYMTDIV.SYS
20:03:36.0578 6980 SYMTDIv - ok
20:03:36.0604 6980 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:03:36.0622 6980 Sym_hi - ok
20:03:36.0628 6980 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:03:36.0645 6980 Sym_u3 - ok
20:03:36.0674 6980 [ 5BFCF934891022E15404BEFE0F5ECE9F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:03:36.0695 6980 SynTP - ok
20:03:36.0726 6980 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
20:03:36.0799 6980 SysMain - ok
20:03:36.0843 6980 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:03:36.0881 6980 TabletInputService - ok
20:03:36.0913 6980 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:03:36.0955 6980 TapiSrv - ok
20:03:36.0966 6980 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
20:03:37.0035 6980 TBS - ok
20:03:37.0085 6980 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:03:37.0167 6980 Tcpip - ok
20:03:37.0240 6980 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:03:37.0295 6980 Tcpip6 - ok
20:03:37.0336 6980 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:03:37.0394 6980 tcpipreg - ok
20:03:37.0441 6980 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:03:37.0503 6980 TDPIPE - ok
20:03:37.0522 6980 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:03:37.0586 6980 TDTCP - ok
20:03:37.0609 6980 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:03:37.0654 6980 tdx - ok
20:03:37.0684 6980 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:03:37.0705 6980 TermDD - ok
20:03:37.0742 6980 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
20:03:37.0805 6980 TermService - ok
20:03:37.0829 6980 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
20:03:37.0853 6980 Themes - ok
20:03:37.0866 6980 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
20:03:37.0912 6980 THREADORDER - ok
20:03:37.0947 6980 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
20:03:38.0009 6980 TrkWks - ok
20:03:38.0062 6980 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:03:38.0109 6980 TrustedInstaller - ok
20:03:38.0142 6980 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:03:38.0189 6980 tssecsrv - ok
20:03:38.0201 6980 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:03:38.0221 6980 tunmp - ok
20:03:38.0251 6980 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:03:38.0283 6980 tunnel - ok
20:03:38.0373 6980 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
20:03:38.0396 6980 TVCapSvc - ok
20:03:38.0414 6980 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
20:03:38.0430 6980 TVSched - ok
20:03:38.0463 6980 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:03:38.0484 6980 uagp35 - ok
20:03:38.0514 6980 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:03:38.0567 6980 udfs - ok
20:03:38.0662 6980 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:03:38.0740 6980 UI0Detect - ok
20:03:38.0978 6980 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:03:39.0035 6980 uliagpkx - ok
20:03:39.0054 6980 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:03:39.0081 6980 uliahci - ok
20:03:39.0096 6980 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:03:39.0118 6980 UlSata - ok
20:03:39.0136 6980 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:03:39.0159 6980 ulsata2 - ok
20:03:39.0175 6980 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:03:39.0237 6980 umbus - ok
20:03:39.0258 6980 Update-Service - ok
20:03:39.0283 6980 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
20:03:39.0355 6980 upnphost - ok
20:03:39.0393 6980 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:03:39.0429 6980 usbccgp - ok
20:03:39.0464 6980 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:03:39.0545 6980 usbcir - ok
20:03:39.0583 6980 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:03:39.0634 6980 usbehci - ok
20:03:39.0672 6980 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:03:39.0714 6980 usbhub - ok
20:03:39.0741 6980 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:03:39.0824 6980 usbohci - ok
20:03:39.0860 6980 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:03:39.0908 6980 usbprint - ok
20:03:39.0938 6980 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:03:39.0987 6980 usbscan - ok
20:03:40.0019 6980 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:03:40.0068 6980 USBSTOR - ok
20:03:40.0100 6980 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:03:40.0150 6980 usbuhci - ok
20:03:40.0191 6980 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:03:40.0242 6980 usbvideo - ok
20:03:40.0269 6980 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
20:03:40.0316 6980 UxSms - ok
20:03:40.0360 6980 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
20:03:40.0419 6980 vds - ok
20:03:40.0472 6980 [ 4B6F9959F8DF8FADC8170CD8A6BCE5C2 ] vfsFPService C:\Windows\system32\vfsFPService.exe
20:03:40.0520 6980 vfsFPService - ok
20:03:40.0568 6980 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:03:40.0634 6980 vga - ok
20:03:40.0655 6980 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:03:40.0719 6980 VgaSave - ok
20:03:40.0743 6980 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
20:03:40.0762 6980 viaide - ok
20:03:40.0780 6980 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:03:40.0801 6980 volmgr - ok
20:03:40.0837 6980 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:03:40.0874 6980 volmgrx - ok
20:03:40.0896 6980 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:03:40.0924 6980 volsnap - ok
20:03:40.0948 6980 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:03:40.0971 6980 vsmraid - ok
20:03:41.0020 6980 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
20:03:41.0111 6980 VSS - ok
20:03:41.0166 6980 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
20:03:41.0231 6980 W32Time - ok
20:03:41.0254 6980 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:03:41.0353 6980 WacomPen - ok
20:03:41.0398 6980 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:03:41.0456 6980 Wanarp - ok
20:03:41.0461 6980 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:03:41.0499 6980 Wanarpv6 - ok
20:03:41.0545 6980 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:03:41.0595 6980 wcncsvc - ok
20:03:41.0659 6980 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:03:41.0733 6980 WcsPlugInService - ok
20:03:41.0756 6980 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
20:03:41.0780 6980 Wd - ok
20:03:41.0843 6980 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:03:41.0899 6980 Wdf01000 - ok
20:03:41.0923 6980 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:03:41.0993 6980 WdiServiceHost - ok
20:03:41.0997 6980 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:03:42.0052 6980 WdiSystemHost - ok
20:03:42.0205 6980 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
20:03:42.0252 6980 WebClient - ok
20:03:42.0285 6980 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:03:42.0335 6980 Wecsvc - ok
20:03:42.0370 6980 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:03:42.0424 6980 wercplsupport - ok
20:03:42.0447 6980 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
20:03:42.0485 6980 WerSvc - ok
20:03:42.0516 6980 WinDefend - ok
20:03:42.0524 6980 WinHttpAutoProxySvc - ok
20:03:42.0576 6980 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:03:42.0614 6980 Winmgmt - ok
20:03:42.0679 6980 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
20:03:42.0890 6980 WinRM - ok
20:03:42.0921 6980 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
20:03:42.0978 6980 WinUSB - ok
20:03:43.0125 6980 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:03:43.0215 6980 Wlansvc - ok
20:03:43.0232 6980 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:03:43.0281 6980 WmiAcpi - ok
20:03:43.0358 6980 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:03:43.0397 6980 wmiApSrv - ok
20:03:43.0421 6980 WMPNetworkSvc - ok
20:03:43.0472 6980 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:03:43.0549 6980 WPCSvc - ok
20:03:43.0573 6980 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:03:43.0643 6980 WPDBusEnum - ok
20:03:43.0980 6980 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:03:44.0047 6980 WPFFontCache_v0400 - ok
20:03:44.0095 6980 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:03:44.0143 6980 ws2ifsl - ok
20:03:44.0169 6980 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
20:03:44.0211 6980 wscsvc - ok
20:03:44.0216 6980 WSearch - ok
20:03:44.0432 6980 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:03:44.0580 6980 wuauserv - ok
20:03:44.0661 6980 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:03:44.0715 6980 WudfPf - ok
20:03:44.0748 6980 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:03:44.0772 6980 WUDFRd - ok
20:03:44.0829 6980 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:03:44.0865 6980 wudfsvc - ok
20:03:44.0956 6980 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
20:03:45.0071 6980 yukonx64 - ok
20:03:45.0135 6980 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
20:03:45.0153 6980 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
20:03:45.0171 6980 ================ Scan global ===============================
20:03:45.0201 6980 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
20:03:45.0231 6980 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
20:03:45.0252 6980 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
20:03:45.0279 6980 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
20:03:45.0289 6980 [Global] - ok
20:03:45.0289 6980 ================ Scan MBR ==================================
20:03:45.0306 6980 [ 5C86ADEC17B739C437E145E3B3FC2E6D ] \Device\Harddisk0\DR0
20:03:46.0011 6980 \Device\Harddisk0\DR0 - ok
20:03:46.0396 6980 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
20:03:46.0519 6980 \Device\Harddisk1\DR1 - ok
20:03:46.0520 6980 ================ Scan VBR ==================================
20:03:46.0529 6980 [ 4F671ACB12D2B23C2A215D3B242A1E8F ] \Device\Harddisk0\DR0\Partition1
20:03:46.0532 6980 \Device\Harddisk0\DR0\Partition1 - ok
20:03:46.0572 6980 [ F3238CC177B4F693F5920F754B483096 ] \Device\Harddisk0\DR0\Partition2
20:03:46.0576 6980 \Device\Harddisk0\DR0\Partition2 - ok
20:03:46.0616 6980 [ 2BC4F56E651241AAAED52DE9DD161092 ] \Device\Harddisk1\DR1\Partition1
20:03:46.0619 6980 \Device\Harddisk1\DR1\Partition1 - ok
20:03:46.0620 6980 ============================================================
20:03:46.0620 6980 Scan finished
20:03:46.0620 6980 ============================================================
20:03:46.0637 6972 Detected object count: 13
20:03:46.0637 6972 Actual detected object count: 13
20:04:57.0857 6972 cscriptd ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0857 6972 cscriptd ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0857 6972 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0857 6972 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0859 6972 DpHost ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0859 6972 DpHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0861 6972 GFilterSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0861 6972 GFilterSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0863 6972 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0863 6972 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0864 6972 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0864 6972 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0867 6972 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0867 6972 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0870 6972 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0871 6972 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0873 6972 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0873 6972 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0875 6972 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0875 6972 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0877 6972 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0877 6972 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0878 6972 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0878 6972 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:57.0880 6972 StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:57.0880 6972 StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 03.03.2013, 20:52

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Praziquantel · 03.03.2013, 22:10

Der Combo log:

Zitat:

Code:

ATTFilter

ComboFix 13-03-03.01 - user 03.03.2013  21:34:41.1.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4062.1721 [GMT 1:00]
ausgeführt von:: c:\users\user\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\AppData\Roaming\completescan
c:\users\user\AppData\Roaming\inst.exe
c:\users\user\AppData\Roaming\install
c:\users\user\AppData\Roaming\vso_ts_preview.xml
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-03 bis 2013-03-03  ))))))))))))))))))))))))))))))
.
.
2013-03-03 20:47 . 2013-03-03 20:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-28 04:44 . 2013-02-28 04:44	--------	d-----w-	C:\_OTL
2013-02-19 14:36 . 2013-02-19 14:36	--------	d-----w-	c:\users\user\AppData\Local\Macromedia
2013-02-17 17:38 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\vgx\VGX.dll
2013-02-17 17:38 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-02-14 15:05 . 2013-01-04 11:31	1423720	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-14 15:05 . 2013-01-04 01:59	2773504	----a-w-	c:\windows\system32\win32k.sys
2013-02-14 15:05 . 2012-11-08 04:26	1570816	----a-w-	c:\windows\system32\quartz.dll
2013-02-14 15:05 . 2012-11-08 03:48	1314816	----a-w-	c:\windows\SysWow64\quartz.dll
2013-02-14 15:04 . 2013-01-05 05:37	4695400	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-05 11:57 . 2013-02-05 11:57	--------	d-----w-	c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-17 17:33 . 2006-11-02 12:35	70004024	----a-w-	c:\windows\system32\mrt.exe
2013-02-08 00:28 . 2013-03-03 17:24	9162192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{51AE658E-1BC4-4693-B8C8-08CDF22BA7FC}\mpengine.dll
2013-01-17 00:28 . 2009-10-19 11:32	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-08 16:37 . 2012-06-20 06:30	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-08 16:37 . 2011-06-09 18:03	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-16 13:31 . 2012-12-23 11:27	48128	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 13:12 . 2012-12-23 11:27	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-16 11:08 . 2012-12-23 11:27	368128	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 10:50 . 2012-12-23 11:27	293376	----a-w-	c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}]
2011-11-22 08:59	269824	----a-w-	c:\users\user\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-03-27 00:40	792864	----a-w-	c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"PeerGuardian"="c:\program files (x86)\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2009-09-28 2101848]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-10-08 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"TVAgent"="c:\program files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-01-21 210216]
"UCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-09-29 842816]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2012-10-30 1073784]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2012-10-30 884344]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Nach Updates suchen.lnk - c:\program files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe [2008-06-27 89088]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
Update-Service-Installer-Service	REG_MULTI_SZ   	Update-Service-Installer-Service
Update-Service	REG_MULTI_SZ   	Update-Service
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-24 17:20	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-06-13 21:13]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:50]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-15 17:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1560872]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.iminent.com/?appId=E55BCDD2-B6A4-432F-B13D-4E82F1569FE9
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=10
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = 
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - (no file)
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
Wow6432Node-HKLM-Run-DivXUpdate - c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1577994689-2054047540-2356781726-1000\Software\SecuROM\License information*]
"datasecu"=hex:42,a0,d6,bd,40,ca,42,3a,6d,78,52,aa,10,00,b1,76,8c,d4,0c,18,bf,
   e4,ad,86,fe,e5,77,0f,2a,f8,51,94,26,27,11,70,09,12,34,54,ea,66,4e,6b,0a,56,\
"rkeysecu"=hex:c6,76,49,5c,f1,72,21,ae,a6,94,38,34,f7,36,cf,34
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\Common Files\Umbrella\Umbrella.exe
c:\users\user\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-03-03  22:02:29 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-03-03 21:02
.
Vor Suchlauf: 10 Verzeichnis(se), 86.010.093.568 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 87.917.416.448 Bytes frei
.
- - End Of File - - A928A3A6B89884CEE55BEE9E2AB17F9E

markusg · 04.03.2013, 20:03

Hi
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Praziquantel · 06.03.2013, 18:35

Und weiter gehts:

Zitat:

[code]Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.06.08

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-PC [Administrator]

06.03.2013 14:36:32
mbam-log-2013-03-06 (14-36-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 474811
Laufzeit: 1 Stunde(n), 31 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab PDF Creator (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\Program Files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\27b8b2b-57b54a72 (Malware.Packer.SGX1) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\user\Desktop\Minecraft\PDFCreatorSetup.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\user\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\user\Downloads\free screen video recorder.exe (PUP.BundleInstaller.SOL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\user\Downloads\PDFCreatorSetup.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02272013_234417\C_Users\user\AppData\Roaming\skype.dat (Malware.Packer.SGX1) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\flvtube.xml (PUP.Zwangi) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
[code]

markusg · 06.03.2013, 18:36

Hi

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Bildschirm nach Hochfahrennur noch weiss

Plagegeister aller Art und deren Bekämpfung: Bildschirm nach Hochfahrennur noch weiss