Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.03.2013, 12:07   #1
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



hallöchen,
ich habe vor ca. einem Monat den GVU Trojaner auf meinem Laptop gehabt.
Ich habe formatiert und ich dachte das alles ok ist.
Seid Mittwoch kann ich meine Emails von Aol nicht mehr abrufen.
Ich gebe angeblich das falsche Passwort ein......
Auch mein Sicherheitskennwort stimmt angeblich nicht ....
Ich bin mir aber sicher ,dass ich die richtigen Daten eingegeben habe.
Als ich gestern sah ,dass ich bei Ebay angeblich für 1100 Euro zwei Handys
gekauft habe ,wurde mir ganz schlecht....
Jetzt bin ich total am Ende und hoffe das ich hier Hilfe bekomme.
Ich habe erst einmal mein Ebaykonto ,Onlinebanking ,Kreditkarten und Paypal sperren
lassen.
Mein Antiviren Programm von Mc Afee zeigt aber keine Viren oder Trojaner an.
Kann er sein das meine Passwörter schon geknackt wurden als ich den GVU Trojaner
auf meinem Laptop hatte ?
Oder kann es jetzt sein ,dass ich einen Trojaner auf meinem I Phone 4s habe ?
Ich gehe sehr oft mit meinem I Phone ins Net und rufe damit meine Emails ab.
Wie kann ich denn mein Passwort zurücksetzen bei AOL wenn ich angeblich nicht mehr
weiß wie mein Haustier heißt....denn die Hotline von AOL gibt es nur noch in Amerika....
Sorry ,ich kann mich nicht so gut ausdrücken ,da ich nicht viel Ahnung von Computern
habe und ich eine blonde Frau bin....aber ich hoffe das ich hier Hilfe bekomme.

Alt 08.03.2013, 13:20   #2
markusg
/// Malware-holic
 
GVU Trojaner - Standard

GVU Trojaner



Hi hast du bereits anzeige erstattet, da jemand deinen Ebay account missbraucht hat währe das das Erste
__________________

__________________

Alt 11.03.2013, 22:20   #3
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



Hallöchen,
ich war heute bei der Polizei.
Ich bekomme täglich Emails von Online Händlern die mir schreiben,dass die Ware auf dem Weg zu mir ist.....
Der Hacher hat zum Bezahlen unter anderem eine Kreditkarte benutzt.
Leider hat er aber auch meine Kontodaten herausgefunden.
Ich weiß nicht wie er das geschafft hat.
Ich bin echt verzweifelt.
Besonders schlimm ist ,dass ich bei der Sicherheitsabfrage von Aol um mein Benutzerpasswort zu ändert scheitere obwohl ich genau weiß wann ich geboren bin und
wie die Postleitzahl lautet von dem Ort an dem ich wohne.
Habe schon 6 mal versucht ,dass Aol meine Sicherheitsfrage ändert ,aber die wollen
mein Anliegen nicht verstehen.....
Ich habe ja nachdem ich ende Januar den GVU Virus hatte mein Laptop formatiert,
mein Mc Afee findet nun keine Viren und Antivir findet auch nichts.
Kann ich da sicher sein,dass der Hacker keinen Zugriff mehr hat oder muß ich mein
Laptop zum Überprüfen in eine Computerwerkstatt bringen ?
Ich würde mich sehr über eine Antwort freuen.
freundliche Grüße
__________________

Alt 12.03.2013, 20:01   #4
markusg
/// Malware-holic
 
GVU Trojaner - Standard

GVU Trojaner



hi
wieso sind mcafee und avira gleichzeitig instaliert, bitte deinstaliere eines.
hast du dich schon an ebay gewannt um dein konto deaktivieren zu lassen?
teile ihnen evtl. auch deine aktennummer und den beamten bei der polizei mit.
warscheinlich hat derjenige alle abfragen geändert, den mailaccount wirst du abschreiben können.
oder rufst halt da an:
01805-313164
das müsste aol sein.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.03.2013, 22:10   #5
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



PRC - [2013.03.12 21:23:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\baer\Downloads\OTL.exe
PRC - [2013.02.27 22:37:26 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
PRC - [2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013.02.19 14:08:52 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2013.02.19 14:06:50 | 000,203,840 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2013.01.14 18:00:22 | 001,278,064 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2013.01.08 23:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.12.17 17:14:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.12.17 16:48:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.11.28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.07.24 15:21:20 | 000,241,664 | ---- | M] () -- C:\Windows\tsnp2uvc.exe
PRC - [2009.03.05 17:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.07.24 15:21:20 | 000,241,664 | ---- | M] () -- C:\Windows\tsnp2uvc.exe
MOD - [2002.07.04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\PhotoImpression 5\Share\PIHook.dll


========== Services (SafeList) ==========

SRV - [2013.02.27 22:37:29 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013.02.19 14:08:52 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013.02.19 14:06:50 | 000,203,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.29 01:35:56 | 000,217,178 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.05 17:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009.03.04 08:27:42 | 000,113,152 | ---- | M] (Wistron Corp.) [Disabled | Stopped] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009.02.11 16:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- Device\mfehidk01.sys -- (mfehidk01)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - [2013.02.19 14:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013.02.19 14:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013.02.19 14:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2013.02.19 14:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013.02.19 14:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013.02.19 14:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013.02.19 14:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013.02.19 14:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.29 01:35:56 | 000,407,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.01 22:29:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.26 14:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.06.19 07:27:48 | 000,786,656 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2009.05.20 15:10:42 | 001,759,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.04.28 17:06:00 | 000,496,640 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.03.12 15:11:12 | 000,113,504 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.10.28 14:48:24 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = AOL.de | Kostenlose Email, Nachrichten & Wetter, Finanzen , Sport und Star-News auf AOL.de [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/settings/account
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {8041C146-2260-4A4B-AE77-779C51C6E11B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{613DF6EB-158C-4B24-825A-9F66C961465B}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{8041C146-2260-4A4B-AE77-779C51C6E11B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.02.02 18:13:31 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google-Suche = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Google Mail = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Mail = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe ()
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Optimizer Pro] C:\Programme\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{089C58DB-1074-46CB-945F-F6330804EF5C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mediashow.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroupgrade.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\optimizerpro.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pdr.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerdvd8.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\producer.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\youcam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - E:\autoexec.bat -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.03.12 21:49:11 | 000,000,000 | ---D | C] -- C:\Users\baer\Documents\Neuer Ordner
[2013.03.12 21:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.03.10 20:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.10 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.03.03 19:49:46 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Roaming\HP
[2013.03.03 19:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.03.03 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013.03.03 19:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2013.03.03 18:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.03.03 18:43:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013.03.03 18:34:30 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510a-f
[2013.03.03 18:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013.03.03 18:33:45 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013.03.03 18:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.03.03 14:36:02 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Local\ElevatedDiagnostics
[2013.03.03 14:17:25 | 000,000,000 | ---D | C] -- C:\Users\baer\Documents\versand
[2013.02.14 16:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.02.14 16:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013.02.14 16:00:11 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Local\Google
[2013.02.14 16:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.02.12 22:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.02.12 22:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

========== Files - Modified Within 30 Days ==========

[2013.03.12 22:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.12 21:27:05 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\WebReg .job
[2013.03.12 21:26:44 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013.03.12 21:26:41 | 000,001,038 | ---- | M] () -- C:\Users\baer\Desktop\OTL - Verknüpfung.lnk
[2013.03.12 21:23:16 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.12 21:16:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.12 21:16:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.12 10:42:09 | 000,005,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 10:42:09 | 000,005,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 10:41:18 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.12 10:41:18 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.12 10:41:18 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.12 10:41:18 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.12 10:34:04 | 2388,291,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.07 19:29:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.06 00:51:04 | 000,342,219 | ---- | M] () -- C:\Users\baer\Documents\bbb
[2013.03.06 00:19:45 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.04 21:30:30 | 000,441,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.03 19:49:36 | 000,127,989 | ---- | M] () -- C:\Windows\hpwins27.dat
[2013.03.03 18:36:18 | 000,067,623 | ---- | M] () -- C:\Users\baer\Desktop\HP Installationsfehler – Windows 7.hta
[2013.02.19 14:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2013.02.19 14:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2013.02.19 14:11:02 | 000,010,088 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2013.02.19 14:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2013.02.19 14:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2013.02.19 14:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2013.02.19 14:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2013.02.19 14:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2013.02.19 14:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys

========== Files Created - No Company Name ==========

[2013.03.12 21:27:05 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\WebReg .job
[2013.03.12 21:26:41 | 000,001,038 | ---- | C] () -- C:\Users\baer\Desktop\OTL - Verknüpfung.lnk
[2013.03.09 10:42:44 | 005,648,322 | ---- | C] () -- C:\Users\baer\Documents\PICT2147.JPG
[2013.03.09 10:42:44 | 004,783,976 | ---- | C] () -- C:\Users\baer\Documents\PICT2145.JPG
[2013.03.09 10:42:44 | 003,719,374 | ---- | C] () -- C:\Users\baer\Documents\PICT2144.JPG
[2013.03.09 10:42:44 | 003,643,535 | ---- | C] () -- C:\Users\baer\Documents\PICT2152.JPG
[2013.03.09 10:42:44 | 003,291,024 | ---- | C] () -- C:\Users\baer\Documents\PICT2132.JPG
[2013.03.09 10:42:44 | 003,268,945 | ---- | C] () -- C:\Users\baer\Documents\PICT2137.JPG
[2013.03.09 10:42:44 | 003,158,994 | ---- | C] () -- C:\Users\baer\Documents\PICT2131.JPG
[2013.03.09 10:42:44 | 003,001,543 | ---- | C] () -- C:\Users\baer\Documents\PICT2133.JPG
[2013.03.09 10:42:44 | 002,961,706 | ---- | C] () -- C:\Users\baer\Documents\PICT2129.JPG
[2013.03.09 10:42:44 | 002,861,188 | ---- | C] () -- C:\Users\baer\Documents\PICT2150.JPG
[2013.03.09 10:42:44 | 002,847,234 | ---- | C] () -- C:\Users\baer\Documents\PICT2130.JPG
[2013.03.09 10:42:44 | 002,833,034 | ---- | C] () -- C:\Users\baer\Documents\PICT2153.JPG
[2013.03.09 10:42:44 | 002,775,033 | ---- | C] () -- C:\Users\baer\Documents\PICT2136.JPG
[2013.03.09 10:42:44 | 002,769,895 | ---- | C] () -- C:\Users\baer\Documents\PICT2149.JPG
[2013.03.09 10:42:44 | 002,714,155 | ---- | C] () -- C:\Users\baer\Documents\PICT2151.JPG
[2013.03.09 10:42:44 | 002,594,524 | ---- | C] () -- C:\Users\baer\Documents\PICT2148.JPG
[2013.03.09 10:42:44 | 002,497,938 | ---- | C] () -- C:\Users\baer\Documents\PICT2156.JPG
[2013.03.09 10:42:44 | 002,480,906 | ---- | C] () -- C:\Users\baer\Documents\PICT2157.JPG
[2013.03.09 10:42:44 | 002,427,453 | ---- | C] () -- C:\Users\baer\Documents\PICT2158.JPG
[2013.03.09 10:42:44 | 002,369,699 | ---- | C] () -- C:\Users\baer\Documents\PICT2146.JPG
[2013.03.09 10:42:44 | 002,368,667 | ---- | C] () -- C:\Users\baer\Documents\PICT2135.JPG
[2013.03.09 10:42:44 | 002,336,215 | ---- | C] () -- C:\Users\baer\Documents\PICT2159.JPG
[2013.03.09 10:42:44 | 002,296,160 | ---- | C] () -- C:\Users\baer\Documents\PICT2141.JPG
[2013.03.09 10:42:44 | 002,291,106 | ---- | C] () -- C:\Users\baer\Documents\PICT2143.JPG
[2013.03.09 10:42:44 | 002,263,721 | ---- | C] () -- C:\Users\baer\Documents\PICT2154.JPG
[2013.03.09 10:42:44 | 002,262,508 | ---- | C] () -- C:\Users\baer\Documents\PICT2155.JPG
[2013.03.09 10:42:44 | 002,036,460 | ---- | C] () -- C:\Users\baer\Documents\PICT2142.JPG
[2013.03.09 10:42:44 | 002,004,249 | ---- | C] () -- C:\Users\baer\Documents\PICT2138.JPG
[2013.03.09 10:42:44 | 002,001,087 | ---- | C] () -- C:\Users\baer\Documents\PICT2140.JPG
[2013.03.09 10:42:44 | 001,962,666 | ---- | C] () -- C:\Users\baer\Documents\PICT2139.JPG
[2013.03.09 10:42:44 | 001,860,236 | ---- | C] () -- C:\Users\baer\Documents\PICT2134.JPG
[2013.03.07 19:29:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.06 00:41:49 | 000,342,219 | ---- | C] () -- C:\Users\baer\Documents\bbb
[2013.03.03 19:26:08 | 000,127,989 | ---- | C] () -- C:\Windows\hpwins27.dat
[2013.03.03 19:26:07 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2013.03.03 18:36:18 | 000,067,623 | ---- | C] () -- C:\Users\baer\Desktop\HP Installationsfehler – Windows 7.hta
[2013.02.14 16:01:03 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.14 16:00:20 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 16:00:20 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.14 16:00:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.10 17:54:32 | 000,049,152 | ---- | C] () -- C:\Windows\StiRegstGer.dll
[2013.02.10 16:54:48 | 000,064,000 | ---- | C] () -- C:\Windows\System32\esfw52.bin
[2013.02.10 16:54:19 | 000,000,027 | ---- | C] () -- C:\Windows\CDE P34903590GD.ini
[2013.01.28 22:04:20 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.02.10 19:14:25 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\EPSON
[2013.02.06 15:18:22 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\MAGIX
[2013.01.28 23:06:10 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\Optimizer Pro
[2013.01.29 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\simplitec
[2013.01.29 00:04:41 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

PRC - [2013.03.12 21:23:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\baer\Downloads\OTL.exe
PRC - [2013.02.27 22:37:26 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
PRC - [2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013.02.19 14:08:52 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2013.02.19 14:06:50 | 000,203,840 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2013.01.14 18:00:22 | 001,278,064 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2013.01.08 23:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.12.17 17:14:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.12.17 16:48:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.11.28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.07.24 15:21:20 | 000,241,664 | ---- | M] () -- C:\Windows\tsnp2uvc.exe
PRC - [2009.03.05 17:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.07.24 15:21:20 | 000,241,664 | ---- | M] () -- C:\Windows\tsnp2uvc.exe
MOD - [2002.07.04 09:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\PhotoImpression 5\Share\PIHook.dll


========== Services (SafeList) ==========

SRV - [2013.02.27 22:37:29 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013.02.19 14:08:52 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013.02.19 14:06:50 | 000,203,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012.08.31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.29 01:35:56 | 000,217,178 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.05 17:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)
SRV - [2009.03.04 08:27:42 | 000,113,152 | ---- | M] (Wistron Corp.) [Disabled | Stopped] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009.02.11 16:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- Device\mfehidk01.sys -- (mfehidk01)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - [2013.02.19 14:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013.02.19 14:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013.02.19 14:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2013.02.19 14:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013.02.19 14:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013.02.19 14:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013.02.19 14:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013.02.19 14:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.29 01:35:56 | 000,407,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.01 22:29:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.26 14:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.06.19 07:27:48 | 000,786,656 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2009.05.20 15:10:42 | 001,759,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.04.28 17:06:00 | 000,496,640 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.03.12 15:11:12 | 000,113,504 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.10.28 14:48:24 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = AOL.de | Kostenlose Email, Nachrichten & Wetter, Finanzen , Sport und Star-News auf AOL.de [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/settings/account
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {8041C146-2260-4A4B-AE77-779C51C6E11B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{613DF6EB-158C-4B24-825A-9F66C961465B}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{8041C146-2260-4A4B-AE77-779C51C6E11B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.02.02 18:13:31 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google-Suche = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Google Mail = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Mail = C:\Users\baer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe ()
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Optimizer Pro] C:\Programme\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{089C58DB-1074-46CB-945F-F6330804EF5C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mediashow.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroupgrade.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\optimizerpro.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pdr.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerdvd8.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\producer.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\youcam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - E:\autoexec.bat -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.03.12 21:49:11 | 000,000,000 | ---D | C] -- C:\Users\baer\Documents\Neuer Ordner
[2013.03.12 21:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.03.10 20:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.10 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.03.03 19:49:46 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Roaming\HP
[2013.03.03 19:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.03.03 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013.03.03 19:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2013.03.03 18:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.03.03 18:43:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013.03.03 18:34:30 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510a-f
[2013.03.03 18:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013.03.03 18:33:45 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013.03.03 18:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.03.03 14:36:02 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Local\ElevatedDiagnostics
[2013.03.03 14:17:25 | 000,000,000 | ---D | C] -- C:\Users\baer\Documents\versand
[2013.02.14 16:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.02.14 16:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013.02.14 16:00:11 | 000,000,000 | ---D | C] -- C:\Users\baer\AppData\Local\Google
[2013.02.14 16:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.02.12 22:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.02.12 22:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

========== Files - Modified Within 30 Days ==========

[2013.03.12 22:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.12 21:27:05 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\WebReg .job
[2013.03.12 21:26:44 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2013.03.12 21:26:41 | 000,001,038 | ---- | M] () -- C:\Users\baer\Desktop\OTL - Verknüpfung.lnk
[2013.03.12 21:23:16 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.12 21:16:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.12 21:16:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.12 10:42:09 | 000,005,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 10:42:09 | 000,005,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 10:41:18 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.12 10:41:18 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.12 10:41:18 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.12 10:41:18 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.12 10:34:04 | 2388,291,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.07 19:29:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.06 00:51:04 | 000,342,219 | ---- | M] () -- C:\Users\baer\Documents\bbb
[2013.03.06 00:19:45 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.04 21:30:30 | 000,441,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.03 19:49:36 | 000,127,989 | ---- | M] () -- C:\Windows\hpwins27.dat
[2013.03.03 18:36:18 | 000,067,623 | ---- | M] () -- C:\Users\baer\Desktop\HP Installationsfehler – Windows 7.hta
[2013.02.19 14:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2013.02.19 14:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2013.02.19 14:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2013.02.19 14:11:02 | 000,010,088 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2013.02.19 14:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2013.02.19 14:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2013.02.19 14:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2013.02.19 14:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2013.02.19 14:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2013.02.19 14:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys

========== Files Created - No Company Name ==========

[2013.03.12 21:27:05 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\WebReg .job
[2013.03.12 21:26:41 | 000,001,038 | ---- | C] () -- C:\Users\baer\Desktop\OTL - Verknüpfung.lnk
[2013.03.09 10:42:44 | 005,648,322 | ---- | C] () -- C:\Users\baer\Documents\PICT2147.JPG
[2013.03.09 10:42:44 | 004,783,976 | ---- | C] () -- C:\Users\baer\Documents\PICT2145.JPG
[2013.03.09 10:42:44 | 003,719,374 | ---- | C] () -- C:\Users\baer\Documents\PICT2144.JPG
[2013.03.09 10:42:44 | 003,643,535 | ---- | C] () -- C:\Users\baer\Documents\PICT2152.JPG
[2013.03.09 10:42:44 | 003,291,024 | ---- | C] () -- C:\Users\baer\Documents\PICT2132.JPG
[2013.03.09 10:42:44 | 003,268,945 | ---- | C] () -- C:\Users\baer\Documents\PICT2137.JPG
[2013.03.09 10:42:44 | 003,158,994 | ---- | C] () -- C:\Users\baer\Documents\PICT2131.JPG
[2013.03.09 10:42:44 | 003,001,543 | ---- | C] () -- C:\Users\baer\Documents\PICT2133.JPG
[2013.03.09 10:42:44 | 002,961,706 | ---- | C] () -- C:\Users\baer\Documents\PICT2129.JPG
[2013.03.09 10:42:44 | 002,861,188 | ---- | C] () -- C:\Users\baer\Documents\PICT2150.JPG
[2013.03.09 10:42:44 | 002,847,234 | ---- | C] () -- C:\Users\baer\Documents\PICT2130.JPG
[2013.03.09 10:42:44 | 002,833,034 | ---- | C] () -- C:\Users\baer\Documents\PICT2153.JPG
[2013.03.09 10:42:44 | 002,775,033 | ---- | C] () -- C:\Users\baer\Documents\PICT2136.JPG
[2013.03.09 10:42:44 | 002,769,895 | ---- | C] () -- C:\Users\baer\Documents\PICT2149.JPG
[2013.03.09 10:42:44 | 002,714,155 | ---- | C] () -- C:\Users\baer\Documents\PICT2151.JPG
[2013.03.09 10:42:44 | 002,594,524 | ---- | C] () -- C:\Users\baer\Documents\PICT2148.JPG
[2013.03.09 10:42:44 | 002,497,938 | ---- | C] () -- C:\Users\baer\Documents\PICT2156.JPG
[2013.03.09 10:42:44 | 002,480,906 | ---- | C] () -- C:\Users\baer\Documents\PICT2157.JPG
[2013.03.09 10:42:44 | 002,427,453 | ---- | C] () -- C:\Users\baer\Documents\PICT2158.JPG
[2013.03.09 10:42:44 | 002,369,699 | ---- | C] () -- C:\Users\baer\Documents\PICT2146.JPG
[2013.03.09 10:42:44 | 002,368,667 | ---- | C] () -- C:\Users\baer\Documents\PICT2135.JPG
[2013.03.09 10:42:44 | 002,336,215 | ---- | C] () -- C:\Users\baer\Documents\PICT2159.JPG
[2013.03.09 10:42:44 | 002,296,160 | ---- | C] () -- C:\Users\baer\Documents\PICT2141.JPG
[2013.03.09 10:42:44 | 002,291,106 | ---- | C] () -- C:\Users\baer\Documents\PICT2143.JPG
[2013.03.09 10:42:44 | 002,263,721 | ---- | C] () -- C:\Users\baer\Documents\PICT2154.JPG
[2013.03.09 10:42:44 | 002,262,508 | ---- | C] () -- C:\Users\baer\Documents\PICT2155.JPG
[2013.03.09 10:42:44 | 002,036,460 | ---- | C] () -- C:\Users\baer\Documents\PICT2142.JPG
[2013.03.09 10:42:44 | 002,004,249 | ---- | C] () -- C:\Users\baer\Documents\PICT2138.JPG
[2013.03.09 10:42:44 | 002,001,087 | ---- | C] () -- C:\Users\baer\Documents\PICT2140.JPG
[2013.03.09 10:42:44 | 001,962,666 | ---- | C] () -- C:\Users\baer\Documents\PICT2139.JPG
[2013.03.09 10:42:44 | 001,860,236 | ---- | C] () -- C:\Users\baer\Documents\PICT2134.JPG
[2013.03.07 19:29:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.06 00:41:49 | 000,342,219 | ---- | C] () -- C:\Users\baer\Documents\bbb
[2013.03.03 19:26:08 | 000,127,989 | ---- | C] () -- C:\Windows\hpwins27.dat
[2013.03.03 19:26:07 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2013.03.03 18:36:18 | 000,067,623 | ---- | C] () -- C:\Users\baer\Desktop\HP Installationsfehler – Windows 7.hta
[2013.02.14 16:01:03 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.14 16:00:20 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.14 16:00:20 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.14 16:00:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.10 17:54:32 | 000,049,152 | ---- | C] () -- C:\Windows\StiRegstGer.dll
[2013.02.10 16:54:48 | 000,064,000 | ---- | C] () -- C:\Windows\System32\esfw52.bin
[2013.02.10 16:54:19 | 000,000,027 | ---- | C] () -- C:\Windows\CDE P34903590GD.ini
[2013.01.28 22:04:20 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.02.10 19:14:25 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\EPSON
[2013.02.06 15:18:22 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\MAGIX
[2013.01.28 23:06:10 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\Optimizer Pro
[2013.01.29 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\simplitec
[2013.01.29 00:04:41 | 000,000,000 | ---D | M] -- C:\Users\baer\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

Hallöchen,
danke für die Hilfe !
Ich weiß aber nicht ob ich es ins richtige Fenster kopiert habe....sorry
ich habe nur mc Afee instaliert,antivir habe ich nur einmal zusätzlich laufen lassen um zu schauen,ob damit vielleicht eine Virenmeldung kommt.
Ich kann Aol leider nur per Email kontaktieren.
Eine AOL Hotline gibt es in Deutschland nicht mehr.Ich habe 16 Emails nach Amerika gesendet....immer Antworten die ich nicht gebrauchen konnte.
Ich habe schon Magengeschwüre....
Die Damen und Herren verstehen einfach nicht ,das ich die Sicherheitsabfrage richtig
beantworte aber das system immer wieder antwortet : falsche Eingabe !
Der Hacker hat meine Angaben wohl auch verändert ,doch AOL Amerika versteht nur Bahnhof....Denn meinen Geburtstag und meine Postleitzahl weiß ich genau....
Dann kommt immer wieder der Hinweis ,dass ich mein Passwort selber ändern kann...
Ist echt zum verzweifeln.....dann muß ich mich wohl von meiner AOL Email Adresse schweren Herzens nach 15 Jahren trennen.
Seid gestern habe ich zum Glück keine Nachrichten mehr bekommen ,dass noch weitere
Pakete von Onlinehändlern rausgeschickt wurden.
Aber ich habe immernoch Angst,dass der Hacher noch tätig werden kann .
Nochmal ganz lieben Dank für die Hilfe
Ich hoffe das die Daten etwas Klarheit bringen.

Hallöchen,
danke für die Hilfe !
Ich weiß aber nicht ob ich es ins richtige Fenster kopiert habe....sorry
ich habe nur mc Afee instaliert,antivir habe ich nur einmal zusätzlich laufen lassen um zu schauen,ob damit vielleicht eine Virenmeldung kommt.
Ich kann Aol leider nur per Email kontaktieren.
Eine AOL Hotline gibt es in Deutschland nicht mehr.Ich habe 16 Emails nach Amerika gesendet....immer Antworten die ich nicht gebrauchen konnte.
Ich habe schon Magengeschwüre....
Die Damen und Herren verstehen einfach nicht ,das ich die Sicherheitsabfrage richtig
beantworte aber das system immer wieder antwortet : falsche Eingabe !
Der Hacker hat meine Angaben wohl auch verändert ,doch AOL Amerika versteht nur Bahnhof....Denn meinen Geburtstag und meine Postleitzahl weiß ich genau....
Dann kommt immer wieder der Hinweis ,dass ich mein Passwort selber ändern kann...
Ist echt zum verzweifeln.....dann muß ich mich wohl von meiner AOL Email Adresse schweren Herzens nach 15 Jahren trennen.
Seid gestern habe ich zum Glück keine Nachrichten mehr bekommen ,dass noch weitere
Pakete von Onlinehändlern rausgeschickt wurden.
Aber ich habe immernoch Angst,dass der Hacher noch tätig werden kann .
Nochmal ganz lieben Dank für die Hilfe
Ich hoffe das die Daten etwas Klarheit bringen.


Alt 13.03.2013, 18:45   #6
markusg
/// Malware-holic
 
GVU Trojaner - Standard

GVU Trojaner



hast du die nummer von oben probiert?
was ist mit ebay, angerufen?
bzw angeschrieben.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> GVU Trojaner

Alt 14.03.2013, 10:44   #7
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



hallöchen,danke für die Hilfe !
Es wurden 8 Bedrohnungen gefunden !Da ich O Ahnung habe ,kann ich damit leider nichts anfangen und brauche weiter Hilfe.
Wurde bei meiner Kopie von OTL exe etwas gefunden ? oder war da alles ok ?
Ich habe mit allen Onlinehändlern gesprochen ,ist noch alles in der Bearbeitung.
Gleich gehe ich erst einmal zur Bank,da der Hacker meine Kontonummer kennt.....
AOL hat es auch nach 17 Emails ! mein Sicherheitskennwort zu ändern !!!!
Eine AOL Hotline gibt es in Deutschland nicht mehr.
O2 ist für AOL zuständig ,aber nicht für Emailaccounts.
Nochmal ganz lieben Dank für die Hilfe !!!!!!!!!
10:27:57.0613 0452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:27:57.0909 0452 ============================================================
10:27:57.0909 0452 Current date / time: 2013/03/14 10:27:57.0909
10:27:57.0909 0452 SystemInfo:
10:27:57.0909 0452
10:27:57.0909 0452 OS Version: 6.1.7601 ServicePack: 1.0
10:27:57.0909 0452 Product type: Workstation
10:27:57.0909 0452 ComputerName: BAER-PC
10:27:57.0909 0452 UserName: baer
10:27:57.0909 0452 Windows directory: C:\Windows
10:27:57.0909 0452 System windows directory: C:\Windows
10:27:57.0909 0452 Processor architecture: Intel x86
10:27:57.0909 0452 Number of processors: 2
10:27:57.0909 0452 Page size: 0x1000
10:27:57.0909 0452 Boot type: Normal boot
10:27:57.0909 0452 ============================================================
10:27:58.0455 0452 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
10:27:58.0471 0452 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:27:58.0471 0452 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:27:58.0471 0452 ============================================================
10:27:58.0471 0452 \Device\Harddisk1\DR1:
10:27:58.0471 0452 MBR partitions:
10:27:58.0471 0452 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
10:27:58.0471 0452 \Device\Harddisk0\DR0:
10:27:58.0471 0452 MBR partitions:
10:27:58.0471 0452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x36311000
10:27:58.0471 0452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x36311800, BlocksNum 0x4074000
10:27:58.0471 0452 \Device\Harddisk1\DR1:
10:27:58.0471 0452 MBR partitions:
10:27:58.0471 0452 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
10:27:58.0471 0452 ============================================================
10:27:58.0502 0452 C: <-> \Device\Harddisk0\DR0\Partition1
10:27:58.0533 0452 E: <-> \Device\Harddisk0\DR0\Partition2
10:27:58.0533 0452 ============================================================
10:27:58.0533 0452 Initialize success
10:27:58.0533 0452 ============================================================
10:28:13.0287 4064 ============================================================
10:28:13.0287 4064 Scan started
10:28:13.0287 4064 Mode: Manual; SigCheck; TDLFS;
10:28:13.0287 4064 ============================================================
10:28:16.0017 4064 ================ Scan system memory ========================
10:28:16.0017 4064 System memory - ok
10:28:16.0017 4064 ================ Scan services =============================
10:28:16.0297 4064 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:28:16.0391 4064 1394ohci - ok
10:28:16.0438 4064 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:28:16.0469 4064 ACPI - ok
10:28:16.0516 4064 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:28:16.0547 4064 AcpiPmi - ok
10:28:16.0641 4064 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:28:16.0672 4064 AdobeFlashPlayerUpdateSvc - ok
10:28:16.0719 4064 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:28:16.0750 4064 adp94xx - ok
10:28:16.0750 4064 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:28:16.0765 4064 adpahci - ok
10:28:16.0797 4064 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:28:16.0812 4064 adpu320 - ok
10:28:16.0843 4064 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:28:16.0859 4064 AeLookupSvc - ok
10:28:16.0906 4064 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
10:28:16.0953 4064 AFD - ok
10:28:16.0984 4064 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:28:16.0999 4064 agp440 - ok
10:28:17.0046 4064 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
10:28:17.0077 4064 aic78xx - ok
10:28:17.0156 4064 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
10:28:17.0172 4064 ALG - ok
10:28:17.0203 4064 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
10:28:17.0234 4064 aliide - ok
10:28:17.0297 4064 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:28:17.0328 4064 amdagp - ok
10:28:17.0344 4064 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
10:28:17.0359 4064 amdide - ok
10:28:17.0406 4064 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:28:17.0422 4064 AmdK8 - ok
10:28:17.0437 4064 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:28:17.0453 4064 AmdPPM - ok
10:28:17.0500 4064 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:28:17.0515 4064 amdsata - ok
10:28:17.0546 4064 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:28:17.0562 4064 amdsbs - ok
10:28:17.0578 4064 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:28:17.0593 4064 amdxata - ok
10:28:17.0640 4064 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
10:28:17.0671 4064 AppID - ok
10:28:17.0718 4064 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:28:17.0749 4064 AppIDSvc - ok
10:28:17.0796 4064 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
10:28:17.0843 4064 Appinfo - ok
10:28:17.0936 4064 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:28:17.0968 4064 Apple Mobile Device - ok
10:28:17.0999 4064 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:28:18.0014 4064 arc - ok
10:28:18.0030 4064 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:28:18.0046 4064 arcsas - ok
10:28:18.0077 4064 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:28:18.0108 4064 AsyncMac - ok
10:28:18.0155 4064 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
10:28:18.0170 4064 atapi - ok
10:28:18.0233 4064 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:28:18.0280 4064 AudioEndpointBuilder - ok
10:28:18.0311 4064 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:28:18.0342 4064 Audiosrv - ok
10:28:18.0389 4064 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:28:18.0404 4064 AxInstSV - ok
10:28:18.0451 4064 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
10:28:18.0498 4064 b06bdrv - ok
10:28:18.0545 4064 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:28:18.0560 4064 b57nd60x - ok
10:28:18.0670 4064 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
10:28:18.0701 4064 BBSvc - ok
10:28:18.0732 4064 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
10:28:18.0779 4064 BBUpdate - ok
10:28:18.0826 4064 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
10:28:18.0857 4064 BDESVC - ok
10:28:18.0904 4064 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
10:28:18.0935 4064 Beep - ok
10:28:18.0997 4064 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
10:28:19.0044 4064 BFE - ok
10:28:19.0060 4064 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
10:28:19.0106 4064 BITS - ok
10:28:19.0122 4064 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:28:19.0138 4064 blbdrive - ok
10:28:19.0200 4064 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:28:19.0216 4064 Bonjour Service - ok
10:28:19.0262 4064 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:28:19.0278 4064 bowser - ok
10:28:19.0309 4064 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:28:19.0325 4064 BrFiltLo - ok
10:28:19.0356 4064 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:28:19.0372 4064 BrFiltUp - ok
10:28:19.0403 4064 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
10:28:19.0434 4064 Browser - ok
10:28:19.0450 4064 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:28:19.0481 4064 Brserid - ok
10:28:19.0496 4064 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:28:19.0528 4064 BrSerWdm - ok
10:28:19.0528 4064 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:28:19.0543 4064 BrUsbMdm - ok
10:28:19.0559 4064 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:28:19.0574 4064 BrUsbSer - ok
10:28:19.0574 4064 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:28:19.0606 4064 BTHMODEM - ok
10:28:19.0652 4064 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
10:28:19.0684 4064 bthserv - ok
10:28:19.0699 4064 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:28:19.0746 4064 cdfs - ok
10:28:19.0777 4064 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:28:19.0793 4064 cdrom - ok
10:28:19.0840 4064 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
10:28:19.0886 4064 CertPropSvc - ok
10:28:19.0918 4064 [ 25C323075C5EA4A2555E35355A01F793 ] cfwids C:\Windows\system32\drivers\cfwids.sys
10:28:19.0933 4064 cfwids - ok
10:28:19.0964 4064 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:28:19.0996 4064 circlass - ok
10:28:20.0027 4064 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
10:28:20.0042 4064 CLFS - ok
10:28:20.0136 4064 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:28:20.0152 4064 clr_optimization_v2.0.50727_32 - ok
10:28:20.0214 4064 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:28:20.0245 4064 clr_optimization_v4.0.30319_32 - ok
10:28:20.0276 4064 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:28:20.0292 4064 CmBatt - ok
10:28:20.0323 4064 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:28:20.0339 4064 cmdide - ok
10:28:20.0370 4064 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
10:28:20.0401 4064 CNG - ok
10:28:20.0417 4064 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:28:20.0432 4064 Compbatt - ok
10:28:20.0479 4064 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:28:20.0510 4064 CompositeBus - ok
10:28:20.0510 4064 COMSysApp - ok
10:28:20.0542 4064 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:28:20.0557 4064 crcdisk - ok
10:28:20.0588 4064 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:28:20.0604 4064 CryptSvc - ok
10:28:20.0651 4064 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:28:20.0698 4064 DcomLaunch - ok
10:28:20.0729 4064 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
10:28:20.0760 4064 defragsvc - ok
10:28:20.0791 4064 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:28:20.0854 4064 DfsC - ok
10:28:20.0916 4064 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:28:20.0932 4064 Dhcp - ok
10:28:20.0963 4064 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
10:28:20.0994 4064 discache - ok
10:28:21.0041 4064 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:28:21.0056 4064 Disk - ok
10:28:21.0088 4064 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:28:21.0103 4064 Dnscache - ok
10:28:21.0134 4064 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
10:28:21.0181 4064 dot3svc - ok
10:28:21.0244 4064 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:28:21.0275 4064 Dot4 - ok
10:28:21.0290 4064 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:28:21.0322 4064 Dot4Print - ok
10:28:21.0337 4064 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:28:21.0353 4064 dot4usb - ok
10:28:21.0400 4064 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
10:28:21.0431 4064 DPS - ok
10:28:21.0462 4064 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:28:21.0493 4064 drmkaud - ok
10:28:21.0524 4064 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:28:21.0587 4064 DXGKrnl - ok
10:28:21.0618 4064 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
10:28:21.0649 4064 EapHost - ok
10:28:21.0758 4064 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
10:28:21.0899 4064 ebdrv - ok
10:28:21.0930 4064 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
10:28:21.0961 4064 EFS - ok
10:28:22.0024 4064 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:28:22.0070 4064 ehRecvr - ok
10:28:22.0102 4064 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
10:28:22.0117 4064 ehSched - ok
10:28:22.0181 4064 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:28:22.0196 4064 elxstor - ok
10:28:22.0243 4064 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:28:22.0259 4064 ErrDev - ok
10:28:22.0305 4064 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
10:28:22.0352 4064 EventSystem - ok
10:28:22.0368 4064 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
10:28:22.0399 4064 exfat - ok
10:28:22.0446 4064 Fabs - ok
10:28:22.0477 4064 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:28:22.0508 4064 fastfat - ok
10:28:22.0555 4064 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
10:28:22.0602 4064 Fax - ok
10:28:22.0649 4064 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:28:22.0680 4064 fdc - ok
10:28:22.0711 4064 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
10:28:22.0742 4064 fdPHost - ok
10:28:22.0758 4064 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
10:28:22.0789 4064 FDResPub - ok
10:28:22.0805 4064 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:28:22.0820 4064 FileInfo - ok
10:28:22.0836 4064 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:28:22.0867 4064 Filetrace - ok
10:28:22.0962 4064 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
10:28:23.0071 4064 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
10:28:23.0071 4064 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
10:28:23.0086 4064 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:28:23.0102 4064 flpydisk - ok
10:28:23.0149 4064 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:28:23.0180 4064 FltMgr - ok
10:28:23.0227 4064 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
10:28:23.0274 4064 FontCache - ok
10:28:23.0336 4064 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:28:23.0352 4064 FontCache3.0.0.0 - ok
10:28:23.0383 4064 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:28:23.0398 4064 FsDepends - ok
10:28:23.0430 4064 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:28:23.0445 4064 Fs_Rec - ok
10:28:23.0492 4064 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:28:23.0508 4064 fvevol - ok
10:28:23.0539 4064 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:28:23.0554 4064 gagp30kx - ok
10:28:23.0586 4064 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:28:23.0601 4064 GEARAspiWDM - ok
10:28:23.0632 4064 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
10:28:23.0679 4064 gpsvc - ok
10:28:23.0742 4064 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:28:23.0757 4064 gupdate - ok
10:28:23.0788 4064 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:28:23.0804 4064 gupdatem - ok
10:28:23.0835 4064 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:28:23.0866 4064 gusvc - ok
10:28:23.0898 4064 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:28:23.0913 4064 hcw85cir - ok
10:28:23.0944 4064 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:28:23.0960 4064 HDAudBus - ok
10:28:23.0976 4064 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:28:23.0991 4064 HidBatt - ok
10:28:24.0022 4064 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:28:24.0038 4064 HidBth - ok
10:28:24.0054 4064 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:28:24.0069 4064 HidIr - ok
10:28:24.0100 4064 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
10:28:24.0147 4064 hidserv - ok
10:28:24.0194 4064 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:28:24.0225 4064 HidUsb - ok
10:28:24.0256 4064 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
10:28:24.0272 4064 HipShieldK - ok
10:28:24.0303 4064 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:28:24.0334 4064 hkmsvc - ok
10:28:24.0381 4064 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:28:24.0397 4064 HomeGroupListener - ok
10:28:24.0444 4064 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:28:24.0506 4064 HomeGroupProvider - ok
10:28:24.0553 4064 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:28:24.0568 4064 HpSAMD - ok
10:28:24.0631 4064 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:28:24.0693 4064 HTTP - ok
10:28:24.0724 4064 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:28:24.0740 4064 hwpolicy - ok
10:28:24.0787 4064 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:28:24.0802 4064 i8042prt - ok
10:28:24.0880 4064 [ 52E8A3CC8269ADB27D25182284C5E650 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:28:24.0912 4064 IAANTMON - ok
10:28:24.0943 4064 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:28:24.0958 4064 iaStor - ok
10:28:25.0021 4064 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:28:25.0052 4064 iaStorV - ok
10:28:25.0114 4064 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:28:25.0161 4064 idsvc - ok
10:28:25.0208 4064 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:28:25.0224 4064 iirsp - ok
10:28:25.0286 4064 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
10:28:25.0333 4064 IKEEXT - ok
10:28:25.0380 4064 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
10:28:25.0411 4064 intelide - ok
10:28:25.0426 4064 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:28:25.0442 4064 intelppm - ok
10:28:25.0489 4064 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:28:25.0520 4064 IPBusEnum - ok
10:28:25.0536 4064 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:28:25.0567 4064 IpFilterDriver - ok
10:28:25.0614 4064 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:28:25.0692 4064 iphlpsvc - ok
10:28:25.0723 4064 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:28:25.0738 4064 IPMIDRV - ok
10:28:25.0770 4064 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:28:25.0801 4064 IPNAT - ok
10:28:25.0816 4064 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:28:25.0848 4064 iPod Service - ok
10:28:25.0879 4064 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:28:25.0910 4064 IRENUM - ok
10:28:25.0926 4064 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:28:25.0941 4064 isapnp - ok
10:28:25.0972 4064 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:28:25.0988 4064 iScsiPrt - ok
10:28:26.0035 4064 [ 9EFE54794B3A94E93DA50703692E011E ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
10:28:26.0066 4064 JMCR - ok
10:28:26.0097 4064 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:28:26.0113 4064 kbdclass - ok
10:28:26.0128 4064 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:28:26.0160 4064 kbdhid - ok
10:28:26.0160 4064 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
10:28:26.0175 4064 KeyIso - ok
10:28:26.0206 4064 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:28:26.0222 4064 KSecDD - ok
10:28:26.0238 4064 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:28:26.0253 4064 KSecPkg - ok
10:28:26.0284 4064 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
10:28:26.0347 4064 KtmRm - ok
10:28:26.0378 4064 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
10:28:26.0409 4064 LanmanServer - ok
10:28:26.0425 4064 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:28:26.0456 4064 LanmanWorkstation - ok
10:28:26.0503 4064 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:28:26.0534 4064 lltdio - ok
10:28:26.0550 4064 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:28:26.0612 4064 lltdsvc - ok
10:28:26.0628 4064 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
10:28:26.0659 4064 lmhosts - ok
10:28:26.0674 4064 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:28:26.0706 4064 LSI_FC - ok
10:28:26.0737 4064 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:28:26.0752 4064 LSI_SAS - ok
10:28:26.0768 4064 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:28:26.0784 4064 LSI_SAS2 - ok
10:28:26.0784 4064 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:28:26.0815 4064 LSI_SCSI - ok
10:28:26.0846 4064 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
10:28:26.0877 4064 luafv - ok
10:28:26.0924 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:26.0940 4064 McAfee SiteAdvisor Service - ok
10:28:26.0955 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:26.0971 4064 McMPFSvc - ok
10:28:27.0018 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:27.0049 4064 mcmscsvc - ok
10:28:27.0049 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:27.0064 4064 McNaiAnn - ok
10:28:27.0064 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:27.0080 4064 McNASvc - ok
10:28:27.0174 4064 [ C7DA06C9A9AEEFBE37AAC281EA6385D5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
10:28:27.0211 4064 McODS - ok
10:28:27.0236 4064 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:28:27.0252 4064 McProxy - ok
10:28:27.0314 4064 [ 6FE0532CB16300C09D098F808EAAEE9D ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
10:28:27.0330 4064 McShield - ok
10:28:27.0377 4064 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:28:27.0392 4064 Mcx2Svc - ok
10:28:27.0439 4064 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:28:27.0455 4064 megasas - ok
10:28:27.0502 4064 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:28:27.0517 4064 MegaSR - ok
10:28:27.0564 4064 [ 6708AD7D9ABDD6FDE1EB9B54FFE426B0 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
10:28:27.0580 4064 mfeapfk - ok
10:28:27.0611 4064 [ 375DE90B68533D9D0D7766D4CCB4CA32 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
10:28:27.0642 4064 mfeavfk - ok
10:28:27.0673 4064 mfeavfk01 - ok
10:28:27.0689 4064 [ 5ED806D4DF27AC11236BD9AD2CC10B7E ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
10:28:27.0704 4064 mfebopk - ok
10:28:27.0736 4064 [ 1A427BB508ACBEE09A88F08D1CA38E2F ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:28:27.0767 4064 mfefire - ok
10:28:27.0782 4064 [ 16BF9475BFCFAA420A8CB29E40284457 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
10:28:27.0798 4064 mfefirek - ok
10:28:27.0860 4064 [ 875452ECDF4AEBE12B8C2EFD8599A36F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:28:27.0907 4064 mfehidk - ok
10:28:27.0923 4064 mfehidk01 - ok
10:28:27.0970 4064 [ D669ACBE7672819109706C3CFF6BD1DB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
10:28:27.0985 4064 mferkdet - ok
10:28:28.0001 4064 [ D66A1A16166897A5F7D04961F582F03B ] mfevtp C:\Windows\system32\mfevtps.exe
10:28:28.0016 4064 mfevtp - ok
10:28:28.0048 4064 [ 28A9A52052006AC4B5EF1992C2984252 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
10:28:28.0063 4064 mfewfpk - ok
10:28:28.0110 4064 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
10:28:28.0157 4064 MMCSS - ok
10:28:28.0204 4064 [ 47DA077CB3735AE65D83BF2AD22E5C01 ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys
10:28:28.0250 4064 mod7700 - ok
10:28:28.0266 4064 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
10:28:28.0297 4064 Modem - ok
10:28:28.0328 4064 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:28:28.0344 4064 monitor - ok
10:28:28.0375 4064 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:28:28.0391 4064 mouclass - ok
10:28:28.0406 4064 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:28:28.0422 4064 mouhid - ok
10:28:28.0453 4064 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:28:28.0484 4064 mountmgr - ok
10:28:28.0531 4064 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
10:28:28.0547 4064 mpio - ok
10:28:28.0562 4064 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:28:28.0594 4064 mpsdrv - ok
10:28:28.0656 4064 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:28:28.0718 4064 MpsSvc - ok
10:28:28.0750 4064 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:28:28.0781 4064 MRxDAV - ok
10:28:28.0828 4064 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:28:28.0843 4064 mrxsmb - ok
10:28:28.0859 4064 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:28:28.0874 4064 mrxsmb10 - ok
10:28:28.0906 4064 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:28:28.0921 4064 mrxsmb20 - ok
10:28:28.0952 4064 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
10:28:28.0968 4064 msahci - ok
10:28:29.0015 4064 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:28:29.0046 4064 msdsm - ok
10:28:29.0093 4064 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
10:28:29.0124 4064 MSDTC - ok
10:28:29.0155 4064 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:28:29.0186 4064 Msfs - ok
10:28:29.0202 4064 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:28:29.0249 4064 mshidkmdf - ok
10:28:29.0264 4064 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:28:29.0280 4064 msisadrv - ok
10:28:29.0311 4064 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:28:29.0342 4064 MSiSCSI - ok
10:28:29.0342 4064 msiserver - ok
10:28:29.0389 4064 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:28:29.0420 4064 MSKSSRV - ok
10:28:29.0436 4064 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:28:29.0467 4064 MSPCLOCK - ok
10:28:29.0483 4064 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:28:29.0514 4064 MSPQM - ok
10:28:29.0530 4064 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:28:29.0561 4064 MsRPC - ok
10:28:29.0592 4064 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:28:29.0608 4064 mssmbios - ok
10:28:29.0623 4064 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:28:29.0654 4064 MSTEE - ok
10:28:29.0654 4064 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:28:29.0670 4064 MTConfig - ok
10:28:29.0701 4064 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
10:28:29.0717 4064 Mup - ok
10:28:29.0764 4064 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
10:28:29.0795 4064 napagent - ok
10:28:29.0826 4064 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:28:29.0857 4064 NativeWifiP - ok
10:28:29.0904 4064 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:28:29.0966 4064 NDIS - ok
10:28:29.0982 4064 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:28:30.0013 4064 NdisCap - ok
10:28:30.0029 4064 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:28:30.0060 4064 NdisTapi - ok
10:28:30.0091 4064 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:28:30.0122 4064 Ndisuio - ok
10:28:30.0169 4064 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:28:30.0216 4064 NdisWan - ok
10:28:30.0232 4064 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:28:30.0263 4064 NDProxy - ok
10:28:30.0356 4064 [ 40D7D0A208EE863BCA8D89E299216F15 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
10:28:30.0419 4064 Nero BackItUp Scheduler 3 - ok
10:28:30.0497 4064 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:28:30.0497 4064 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:28:30.0497 4064 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:28:30.0544 4064 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:28:30.0590 4064 NetBIOS - ok
10:28:30.0653 4064 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:28:30.0700 4064 NetBT - ok
10:28:30.0715 4064 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
10:28:30.0731 4064 Netlogon - ok
10:28:30.0793 4064 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
10:28:30.0824 4064 Netman - ok
10:28:30.0856 4064 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
10:28:30.0902 4064 netprofm - ok
10:28:30.0934 4064 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:28:30.0949 4064 NetTcpPortSharing - ok
10:28:30.0996 4064 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:28:31.0012 4064 nfrd960 - ok
10:28:31.0043 4064 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:28:31.0058 4064 NlaSvc - ok
10:28:31.0152 4064 [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
10:28:31.0199 4064 NMIndexingService - ok
10:28:31.0230 4064 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:28:31.0261 4064 Npfs - ok
10:28:31.0292 4064 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
10:28:31.0324 4064 nsi - ok
10:28:31.0324 4064 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:28:31.0370 4064 nsiproxy - ok
10:28:31.0417 4064 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:28:31.0480 4064 Ntfs - ok
10:28:31.0495 4064 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
10:28:31.0542 4064 Null - ok
10:28:31.0573 4064 [ D2F4C4B22969236382CA853B8DAA2D4E ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
10:28:31.0604 4064 NVHDA - ok
10:28:31.0838 4064 [ 5CE5B23855262ACABAECCE156F48DD88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:28:32.0119 4064 nvlddmkm - ok
10:28:32.0135 4064 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:28:32.0166 4064 nvraid - ok
10:28:32.0197 4064 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:28:32.0213 4064 nvstor - ok
10:28:32.0244 4064 [ 6DF4CC671CD9704840C5522627F3ED43 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:28:32.0269 4064 nvsvc - ok
10:28:32.0286 4064 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:28:32.0302 4064 nv_agp - ok
10:28:32.0380 4064 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:28:32.0427 4064 odserv - ok
10:28:32.0458 4064 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:28:32.0473 4064 ohci1394 - ok
10:28:32.0536 4064 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:28:32.0567 4064 ose - ok
10:28:32.0598 4064 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:28:32.0614 4064 p2pimsvc - ok
10:28:32.0645 4064 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
10:28:32.0661 4064 p2psvc - ok
10:28:32.0692 4064 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:28:32.0707 4064 Parport - ok
10:28:32.0739 4064 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:28:32.0863 4064 partmgr - ok
10:28:32.0879 4064 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:28:32.0910 4064 Parvdm - ok
10:28:32.0926 4064 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:28:32.0941 4064 PcaSvc - ok
10:28:32.0988 4064 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
10:28:33.0019 4064 pci - ok
10:28:33.0035 4064 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
10:28:33.0051 4064 pciide - ok
10:28:33.0066 4064 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:28:33.0097 4064 pcmcia - ok
10:28:33.0113 4064 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
10:28:33.0129 4064 pcw - ok
10:28:33.0160 4064 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:28:33.0207 4064 PEAUTH - ok
10:28:33.0253 4064 [ 6C1618A07B49E3873582B6449E744088 ] pfc C:\Windows\system32\drivers\pfc.sys
10:28:33.0253 4064 pfc ( UnsignedFile.Multi.Generic ) - warning
10:28:33.0253 4064 pfc - detected UnsignedFile.Multi.Generic (1)
10:28:33.0331 4064 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
10:28:33.0441 4064 pla - ok
10:28:33.0456 4064 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
10:28:33.0472 4064 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
10:28:33.0472 4064 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
10:28:33.0519 4064 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:28:33.0534 4064 PlugPlay - ok
10:28:33.0581 4064 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:28:33.0581 4064 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:28:33.0581 4064 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:28:33.0612 4064 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:28:33.0643 4064 PNRPAutoReg - ok
10:28:33.0675 4064 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:28:33.0690 4064 PNRPsvc - ok
10:28:33.0737 4064 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:28:33.0784 4064 PolicyAgent - ok
10:28:33.0815 4064 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
10:28:33.0846 4064 Power - ok
10:28:33.0893 4064 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:28:33.0940 4064 PptpMiniport - ok
10:28:33.0955 4064 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:28:33.0971 4064 Processor - ok
10:28:34.0002 4064 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
10:28:34.0018 4064 ProfSvc - ok
10:28:34.0033 4064 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:28:34.0049 4064 ProtectedStorage - ok
10:28:34.0065 4064 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
10:28:34.0080 4064 ProtexisLicensing - ok
10:28:34.0111 4064 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:28:34.0158 4064 Psched - ok
10:28:34.0189 4064 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:28:34.0205 4064 PSI_SVC_2 - ok
10:28:34.0252 4064 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:28:34.0345 4064 ql2300 - ok
10:28:34.0361 4064 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:28:34.0377 4064 ql40xx - ok
10:28:34.0423 4064 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
10:28:34.0439 4064 QWAVE - ok
10:28:34.0455 4064 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:28:34.0486 4064 QWAVEdrv - ok
10:28:34.0486 4064 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:28:34.0533 4064 RasAcd - ok
10:28:34.0579 4064 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:28:34.0611 4064 RasAgileVpn - ok
10:28:34.0626 4064 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
10:28:34.0673 4064 RasAuto - ok
10:28:34.0689 4064 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:28:34.0735 4064 Rasl2tp - ok
10:28:34.0782 4064 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
10:28:34.0829 4064 RasMan - ok
10:28:34.0860 4064 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:28:34.0891 4064 RasPppoe - ok
10:28:34.0907 4064 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:28:34.0938 4064 RasSstp - ok
10:28:34.0954 4064 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:28:34.0985 4064 rdbss - ok
10:28:35.0001 4064 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:28:35.0016 4064 rdpbus - ok
10:28:35.0047 4064 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:28:35.0080 4064 RDPCDD - ok
10:28:35.0111 4064 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:28:35.0142 4064 RDPENCDD - ok
10:28:35.0158 4064 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:28:35.0189 4064 RDPREFMP - ok
10:28:35.0220 4064 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:28:35.0236 4064 RDPWD - ok
10:28:35.0282 4064 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:28:35.0298 4064 rdyboost - ok
10:28:35.0329 4064 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
10:28:35.0360 4064 RemoteAccess - ok
10:28:35.0392 4064 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:28:35.0423 4064 RemoteRegistry - ok
10:28:35.0454 4064 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\Windows\SYSTEM32\Rezip.exe
10:28:35.0470 4064 Rezip ( UnsignedFile.Multi.Generic ) - warning
10:28:35.0470 4064 Rezip - detected UnsignedFile.Multi.Generic (1)
10:28:35.0532 4064 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\Cyberlink\Shared files\RichVideo.exe
10:28:35.0548 4064 RichVideo - ok
10:28:35.0594 4064 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:28:35.0641 4064 RpcEptMapper - ok
10:28:35.0672 4064 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
10:28:35.0704 4064 RpcLocator - ok
10:28:35.0735 4064 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
10:28:35.0766 4064 RpcSs - ok
10:28:35.0813 4064 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:28:35.0844 4064 rspndr - ok
10:28:35.0891 4064 [ 9FF72982F8C3945FB1BC10A6246B9B97 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
10:28:35.0938 4064 rtl8192se - ok
10:28:35.0938 4064 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
10:28:35.0969 4064 SamSs - ok
10:28:36.0000 4064 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:28:36.0031 4064 sbp2port - ok
10:28:36.0047 4064 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:28:36.0094 4064 SCardSvr - ok
10:28:36.0125 4064 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:28:36.0156 4064 scfilter - ok
10:28:36.0218 4064 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
10:28:36.0265 4064 Schedule - ok
10:28:36.0281 4064 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:28:36.0312 4064 SCPolicySvc - ok
10:28:36.0343 4064 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:28:36.0359 4064 SDRSVC - ok
10:28:36.0421 4064 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:28:36.0468 4064 secdrv - ok
10:28:36.0499 4064 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
10:28:36.0530 4064 seclogon - ok
10:28:36.0562 4064 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
10:28:36.0593 4064 SENS - ok
10:28:36.0593 4064 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:28:36.0624 4064 SensrSvc - ok
10:28:36.0640 4064 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:28:36.0655 4064 Serenum - ok
10:28:36.0686 4064 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:28:36.0702 4064 Serial - ok
10:28:36.0733 4064 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:28:36.0749 4064 sermouse - ok
10:28:36.0796 4064 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
10:28:36.0842 4064 SessionEnv - ok
10:28:36.0874 4064 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:28:36.0889 4064 sffdisk - ok
10:28:36.0889 4064 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:28:36.0920 4064 sffp_mmc - ok
10:28:36.0936 4064 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:28:36.0952 4064 sffp_sd - ok
10:28:36.0983 4064 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:28:36.0998 4064 sfloppy - ok
10:28:37.0030 4064 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:28:37.0061 4064 SharedAccess - ok
10:28:37.0092 4064 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:28:37.0123 4064 ShellHWDetection - ok
10:28:37.0154 4064 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:28:37.0170 4064 sisagp - ok
10:28:37.0201 4064 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:28:37.0217 4064 SiSRaid2 - ok
10:28:37.0248 4064 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:28:37.0264 4064 SiSRaid4 - ok
10:28:37.0295 4064 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:28:37.0311 4064 SkypeUpdate - ok
10:28:37.0343 4064 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:28:37.0389 4064 Smb - ok
10:28:37.0452 4064 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:28:37.0467 4064 SNMPTRAP - ok
10:28:37.0545 4064 [ 9DD74F4A2EE831F7DFFE64299F23541A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
10:28:37.0639 4064 SNP2UVC - ok
10:28:37.0670 4064 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
10:28:37.0686 4064 spldr - ok
10:28:37.0717 4064 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
10:28:37.0748 4064 Spooler - ok
10:28:37.0857 4064 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
10:28:37.0982 4064 sppsvc - ok
10:28:38.0013 4064 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:28:38.0045 4064 sppuinotify - ok
10:28:38.0060 4064 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:28:38.0108 4064 srv - ok
10:28:38.0124 4064 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:28:38.0139 4064 srv2 - ok
10:28:38.0155 4064 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:28:38.0170 4064 srvnet - ok
10:28:38.0217 4064 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:28:38.0264 4064 SSDPSRV - ok
10:28:38.0280 4064 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:28:38.0311 4064 SstpSvc - ok
10:28:38.0389 4064 [ 2EF99F5129D4A89480DFDF24332A0CA9 ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
10:28:38.0420 4064 STacSV - ok
10:28:38.0467 4064 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:28:38.0482 4064 stexstor - ok
10:28:38.0529 4064 [ 1475633F01CB13102B55C059287CBAC8 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
10:28:38.0576 4064 STHDA - ok
10:28:38.0623 4064 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
10:28:38.0654 4064 StiSvc - ok
10:28:38.0685 4064 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
10:28:38.0716 4064 swenum - ok
10:28:38.0763 4064 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
10:28:38.0794 4064 swprv - ok
10:28:38.0857 4064 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
10:28:38.0935 4064 SysMain - ok
10:28:38.0966 4064 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:28:38.0997 4064 TabletInputService - ok
10:28:39.0013 4064 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
10:28:39.0044 4064 TapiSrv - ok
10:28:39.0060 4064 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
10:28:39.0091 4064 TBS - ok
10:28:39.0153 4064 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:28:39.0216 4064 Tcpip - ok
10:28:39.0278 4064 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:28:39.0309 4064 TCPIP6 - ok
10:28:39.0356 4064 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:28:39.0372 4064 tcpipreg - ok
10:28:39.0403 4064 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:28:39.0418 4064 TDPIPE - ok
10:28:39.0418 4064 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:28:39.0434 4064 TDTCP - ok
10:28:39.0465 4064 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:28:39.0512 4064 tdx - ok
10:28:39.0528 4064 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:28:39.0543 4064 TermDD - ok
10:28:39.0590 4064 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
10:28:39.0668 4064 TermService - ok
10:28:39.0699 4064 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
10:28:39.0715 4064 Themes - ok
10:28:39.0746 4064 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
10:28:39.0777 4064 THREADORDER - ok
10:28:39.0808 4064 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
10:28:39.0840 4064 TrkWks - ok
10:28:39.0918 4064 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:28:39.0964 4064 TrustedInstaller - ok
10:28:39.0980 4064 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:28:40.0011 4064 tssecsrv - ok
10:28:40.0058 4064 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:28:40.0089 4064 TsUsbFlt - ok
10:28:40.0167 4064 [ AF5F31156EE89D35AD6EC3179A805D23 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
10:28:40.0245 4064 TuneUp.UtilitiesSvc - ok
10:28:40.0276 4064 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
10:28:40.0292 4064 TuneUpUtilitiesDrv - ok
10:28:40.0354 4064 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:28:40.0401 4064 tunnel - ok
10:28:40.0464 4064 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:28:40.0495 4064 uagp35 - ok
10:28:40.0510 4064 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:28:40.0542 4064 udfs - ok
10:28:40.0588 4064 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:28:40.0604 4064 UI0Detect - ok
10:28:40.0651 4064 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:28:40.0666 4064 uliagpkx - ok
10:28:40.0729 4064 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
10:28:40.0760 4064 umbus - ok
10:28:40.0791 4064 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:28:40.0807 4064 UmPass - ok
10:28:40.0854 4064 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
10:28:40.0916 4064 upnphost - ok
10:28:40.0932 4064 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
10:28:40.0963 4064 USBAAPL - ok
10:28:40.0994 4064 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:28:41.0041 4064 usbccgp - ok
10:28:41.0088 4064 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:28:41.0119 4064 usbcir - ok
10:28:41.0150 4064 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:28:41.0181 4064 usbehci - ok
10:28:41.0197 4064 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:28:41.0228 4064 usbhub - ok
10:28:41.0244 4064 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:28:41.0259 4064 usbohci - ok
10:28:41.0306 4064 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:28:41.0322 4064 usbprint - ok
10:28:41.0353 4064 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:28:41.0368 4064 usbscan - ok
10:28:41.0384 4064 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:28:41.0400 4064 USBSTOR - ok
10:28:41.0446 4064 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:28:41.0462 4064 usbuhci - ok
10:28:41.0509 4064 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:28:41.0556 4064 usbvideo - ok
10:28:41.0587 4064 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
10:28:41.0634 4064 UxSms - ok
10:28:41.0649 4064 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
10:28:41.0665 4064 VaultSvc - ok
10:28:41.0696 4064 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:28:41.0712 4064 vdrvroot - ok
10:28:41.0758 4064 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
10:28:41.0821 4064 vds - ok
10:28:41.0852 4064 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:28:41.0868 4064 vga - ok
10:28:41.0883 4064 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:28:41.0914 4064 VgaSave - ok
10:28:41.0961 4064 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:28:41.0992 4064 vhdmp - ok
10:28:42.0055 4064 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:28:42.0086 4064 viaagp - ok
10:28:42.0102 4064 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
10:28:42.0133 4064 ViaC7 - ok
10:28:42.0133 4064 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
10:28:42.0148 4064 viaide - ok
10:28:42.0180 4064 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:28:42.0195 4064 volmgr - ok
10:28:42.0211 4064 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:28:42.0242 4064 volmgrx - ok
10:28:42.0273 4064 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:28:42.0289 4064 volsnap - ok
10:28:42.0320 4064 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:28:42.0336 4064 vsmraid - ok
10:28:42.0399 4064 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
10:28:42.0461 4064 VSS - ok
10:28:42.0508 4064 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:28:42.0539 4064 vwifibus - ok
10:28:42.0602 4064 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
10:28:42.0633 4064 W32Time - ok
10:28:42.0680 4064 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:28:42.0695 4064 WacomPen - ok
10:28:42.0742 4064 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:28:42.0773 4064 WANARP - ok
10:28:42.0789 4064 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:28:42.0820 4064 Wanarpv6 - ok
10:28:42.0851 4064 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
10:28:42.0914 4064 wbengine - ok
10:28:42.0929 4064 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:28:42.0961 4064 WbioSrvc - ok
10:28:42.0992 4064 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:28:43.0039 4064 wcncsvc - ok
10:28:43.0070 4064 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:28:43.0101 4064 WcsPlugInService - ok
10:28:43.0132 4064 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:28:43.0148 4064 Wd - ok
10:28:43.0195 4064 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:28:43.0226 4064 Wdf01000 - ok
10:28:43.0257 4064 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:28:43.0273 4064 WdiServiceHost - ok
10:28:43.0273 4064 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:28:43.0304 4064 WdiSystemHost - ok
10:28:43.0351 4064 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
10:28:43.0382 4064 WebClient - ok
10:28:43.0397 4064 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:28:43.0444 4064 Wecsvc - ok
10:28:43.0444 4064 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:28:43.0475 4064 wercplsupport - ok
10:28:43.0522 4064 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
10:28:43.0553 4064 WerSvc - ok
10:28:43.0600 4064 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:28:43.0647 4064 WfpLwf - ok
10:28:43.0663 4064 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:28:43.0694 4064 WIMMount - ok
10:28:43.0834 4064 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:28:43.0881 4064 WinDefend - ok
10:28:43.0897 4064 WinHttpAutoProxySvc - ok
10:28:43.0975 4064 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:28:44.0006 4064 Winmgmt - ok
10:28:44.0068 4064 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
10:28:44.0162 4064 WinRM - ok
10:28:44.0209 4064 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:28:44.0224 4064 WinUsb - ok
10:28:44.0271 4064 [ 20A97B632A76CC977FCFB98F28CAAAB3 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
10:28:44.0271 4064 WisLMSvc ( UnsignedFile.Multi.Generic ) - warning
10:28:44.0271 4064 WisLMSvc - detected UnsignedFile.Multi.Generic (1)
10:28:44.0333 4064 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:28:44.0396 4064 Wlansvc - ok
10:28:44.0443 4064 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:28:44.0458 4064 WmiAcpi - ok
10:28:44.0505 4064 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:28:44.0536 4064 wmiApSrv - ok
10:28:44.0630 4064 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:28:44.0692 4064 WMPNetworkSvc - ok
10:28:44.0739 4064 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:28:44.0755 4064 WPCSvc - ok
10:28:44.0786 4064 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:28:44.0801 4064 WPDBusEnum - ok
10:28:44.0848 4064 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:28:44.0895 4064 ws2ifsl - ok
10:28:44.0911 4064 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
10:28:44.0926 4064 wscsvc - ok
10:28:44.0926 4064 WSearch - ok
10:28:45.0004 4064 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:28:45.0098 4064 wuauserv - ok
10:28:45.0129 4064 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:28:45.0145 4064 WudfPf - ok
10:28:45.0176 4064 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:28:45.0191 4064 WUDFRd - ok
10:28:45.0223 4064 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:28:45.0238 4064 wudfsvc - ok
10:28:45.0285 4064 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:28:45.0316 4064 WwanSvc - ok
10:28:45.0379 4064 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\Program Files\Common Files\X10\Common\X10nets.exe
10:28:45.0394 4064 x10nets ( UnsignedFile.Multi.Generic ) - warning
10:28:45.0394 4064 x10nets - detected UnsignedFile.Multi.Generic (1)
10:28:45.0410 4064 [ 0625DB94911790F20A866A564D22612B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
10:28:45.0441 4064 XUIF - ok
10:28:45.0472 4064 [ C6CA0CC2F7FCDCFE5B551335BFE6D696 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
10:28:45.0503 4064 yukonwlh - ok
10:28:45.0503 4064 ================ Scan global ===============================
10:28:45.0550 4064 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
10:28:45.0566 4064 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
10:28:45.0581 4064 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
10:28:45.0628 4064 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
10:28:45.0644 4064 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
10:28:45.0644 4064 [Global] - ok
10:28:45.0644 4064 ================ Scan MBR ==================================
10:28:45.0659 4064 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:28:45.0800 4064 \Device\Harddisk1\DR1 - ok
10:28:45.0815 4064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:28:46.0174 4064 \Device\Harddisk0\DR0 - ok
10:28:46.0190 4064 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:28:46.0330 4064 \Device\Harddisk1\DR1 - ok
10:28:46.0330 4064 ================ Scan VBR ==================================
10:28:46.0346 4064 [ 632573534C54F5C41C1F98ED9BAC5BEC ] \Device\Harddisk1\DR1\Partition1
10:28:46.0346 4064 \Device\Harddisk1\DR1\Partition1 - ok
10:28:46.0346 4064 [ F2C6ACCDFFB676A2F9E6E053C6D1190E ] \Device\Harddisk0\DR0\Partition1
10:28:46.0346 4064 \Device\Harddisk0\DR0\Partition1 - ok
10:28:46.0361 4064 [ A9A4B2959B2299CA51E1A9FF5A20F4E1 ] \Device\Harddisk0\DR0\Partition2
10:28:46.0361 4064 \Device\Harddisk0\DR0\Partition2 - ok
10:28:46.0377 4064 [ 632573534C54F5C41C1F98ED9BAC5BEC ] \Device\Harddisk1\DR1\Partition1
10:28:46.0377 4064 \Device\Harddisk1\DR1\Partition1 - ok
10:28:46.0377 4064 ============================================================
10:28:46.0377 4064 Scan finished
10:28:46.0377 4064 ============================================================
10:28:46.0393 3168 Detected object count: 8
10:28:46.0393 3168 Actual detected object count: 8
10:29:00.0418 3168 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0418 3168 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0418 3168 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0418 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0418 3168 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0418 3168 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0418 3168 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0433 3168 WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0433 3168 WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:00.0433 3168 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:00.0433 3168 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 14.03.2013, 20:42   #8
markusg
/// Malware-holic
 
GVU Trojaner - Standard

GVU Trojaner



sieht ok aus
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.03.2013, 14:07   #9
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



Hallöchen,ich bin es schon wieder.......
Ich habe gestern Malwarebytes scannen lassen.
Es hat über zwei Stunden gedauert und es wurden keine Bedrohungen gefunden.
Soll ich dann trotzdem den Bericht senden ?
Wie schon geschrieben,ich habe keine Ahnung.....
Ich bin total froh ,dass ich hier Hilfe bekomme .DANKE DANKE DANKE

Alt 28.03.2013, 20:00   #10
markusg
/// Malware-holic
 
GVU Trojaner - Standard

GVU Trojaner



ja bitte den bericht posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.03.2013, 12:27   #11
Feivel
 
GVU Trojaner - Standard

GVU Trojaner



Hallöchen ,danke das ich weiterhin Hilfe bekomme !

Malwarebytes Anti-Malware (Test) 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.03.14.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
baer :: BAER-PC [Administrator]

Schutz: Aktiviert

14.03.2013 21:54:19
mbam-log-2013-03-14 (21-54-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 413927
Laufzeit: 2 Stunde(n), 27 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Antwort

Themen zu GVU Trojaner
ahnung, angeblich, antiviren, computer, computern, daten, ebanking, ebay, emails, euro, falsche, geknackt, gvu trojaner - internetsperrung bereits behoben - weitere hilfe benötigt, karte, karten, keine viren, kreditkarte, laptop, mittwoch, nicht mehr, onlinebanking, passwort, passwörter, paypal, programm, sperre, total, trojaner, zurücksetzen




Zum Thema GVU Trojaner - hallöchen, ich habe vor ca. einem Monat den GVU Trojaner auf meinem Laptop gehabt. Ich habe formatiert und ich dachte das alles ok ist. Seid Mittwoch kann ich meine Emails - GVU Trojaner...
Archiv
Du betrachtest: GVU Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.