Trojaner-Board - System Care Antivirus auf Vista eingefangen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - System Care Antivirus auf Vista eingefangen - wie werde ich ihn los? (https://www.trojaner-board.de/135511-system-care-antivirus-vista-eingefangen-ihn-los.html)

System Care Antivirus auf Vista eingefangen - wie werde ich ihn los?

Hallo,
auf dem Computer meiner Schwiegermutter hat sich System Care Antivirus eingenistet. Ich habe den Virus bei erstem Auftauchen gesehen und erstmal auf einem sauberen PC gegooglet. Also Virus :heulen: Sie dachte, sie hätte ein nennenswertes Antivirenprogramm, da der Computer vor einiger Zeit schomal einen Virus hatte, den sie teuer hat entfernen lassen. Die hätten ein super tolles Antivirenprogramm installiert und auch in Rechnung gestellt. Komisch, dass immer nur avira free lief... (malwarebytes hatte ich damals zur Überprüfung draufgespielt)
Ich habe OLT im abgesicherten Modus mit Netzwerktreibern laufen lassen und hier kommen die logs (frühere logs gibt es nicht):
OTL Extras logfile created on: 24.05.2013 21:02:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\beyer\Downloads\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,93 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 78,99% Memory free
4,10 Gb Paging File | 3,83 Gb Available in Paging File | 93,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,42 Gb Total Space | 111,48 Gb Free Space | 49,68% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,61 Gb Free Space | 19,02% Space Free | Partition Type: NTFS
Drive F: | 1,86 Gb Total Space | 0,67 Gb Free Space | 36,18% Space Free | Partition Type: FAT
Drive G: | 6,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BEYER-PC | User Name: beyer | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1255160105-2566943596-1927998645-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Kaufland Fotoservice] -- "C:\Users\beyer\Kaufland Fotoservice\Kaufland Fotoservice.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{44378A0F-CD7B-4A69-85AF-01AFC604AF1A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9EED639-F1A7-4E22-95D9-D2ED8EA99E79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06823482-EEFA-45B8-9754-291E9D071115}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{082ACBC8-03A2-47B0-B65A-4FB8F56CCD0C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{34EC1FC1-2801-4E36-ACD0-0B7AB8EEEFC1}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{4476E671-968A-4AD8-AD16-18FD475BE10E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6D0F9ADF-38D6-4473-AA02-DA02E86539E5}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{8690F0E0-888E-4B79-A8CA-C013ACB085C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B181E83-7636-45A0-91BC-142EA5B548C9}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{C75BE659-47F8-4739-9F90-C1FBED166CFC}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E4042DA1-32B0-486A-9989-48054B258A05}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{F7406AD3-DC73-401D-B07F-BBCA416F9668}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{999356A6-F155-4A13-AC83-1BAD46E60869}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{9A1A2EBA-C48E-4022-AB74-D835AEEF4432}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{AA5C2F73-3359-4D91-BFFA-094B79D25BBB}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{C32C1803-DA44-4F3F-AE71-DCB597D3B0C1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{C792C429-8799-437A-A82C-9D4851023708}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{3EBA7A1E-BBDE-46B5-A810-F8631BF0901D}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{485558DA-75FD-4958-9280-88AF7A0158E3}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{6410FBD6-F9CA-46C9-BBEC-07EC65AD5461}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{8D7D454E-94AB-4615-BFED-C33B616AFE0C}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{DC132640-6F70-48AA-A88A-9AE45199EDDD}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{2683060F-C3A6-469C-98E6-1BEC87F14043}" = face2face Pre-intermediate
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 F1
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite MFC-250C
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{5DB6B920-7C09-402D-BE52-0A35398036F3}" = Essential Grammar in Use German Edition
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Creative OA004" = Integrated Webcam Driver (1.00.03.0720)
"Digital Camera Driver" = Digital Camera Driver
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Kaufland Fotoservice" = Kaufland Fotoservice
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.11
"WildTangent hp Master Uninstall" = My HP Games

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.05.2013 12:54:00 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:00.684]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:02 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:02.184]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:03 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:03.684]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:05 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:05.184]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:06 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:06.684]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:08 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:08.184]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:09 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:09.684]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:11 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:11.184]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:12 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:12.684]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error - 22.05.2013 12:54:14 | Computer Name = beyer-PC | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2013/05/22 18:54:14.184]: [00003524]: lperrcode->api
= 1 , lperrcode->code = 2

Error encountered while reading event logs.

< End of report >

und hier der Zweite:

OTL logfile created on: 24.05.2013 21:02:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\beyer\Downloads\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,93 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 78,99% Memory free
4,10 Gb Paging File | 3,83 Gb Available in Paging File | 93,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,42 Gb Total Space | 111,48 Gb Free Space | 49,68% Space Free | Partition Type: NTFS
Drive D: | 8,47 Gb Total Space | 1,61 Gb Free Space | 19,02% Space Free | Partition Type: NTFS
Drive F: | 1,86 Gb Total Space | 0,67 Gb Free Space | 36,18% Space Free | Partition Type: FAT
Drive G: | 6,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BEYER-PC | User Name: beyer | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.05.24 20:51:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\beyer\Downloads\Desktop\OTL.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:33:37 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - [2013.05.16 21:46:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.15 22:33:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.30 23:12:05 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.30 23:11:52 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.04.30 17:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.04.26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Stopped] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Stopped] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:35:20 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006.06.01 21:06:00 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.03.30 23:12:18 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.30 23:12:18 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.30 23:12:18 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.03.15 20:40:09 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.04.01 05:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009.09.05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.05.01 01:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.04.30 17:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.10.03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008.07.17 18:01:00 | 000,269,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA004Vid.sys -- (OA004Vid)
DRV - [2008.06.10 20:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.06.04 19:54:22 | 000,113,664 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008.06.03 10:30:24 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA004Ufd.sys -- (OA004Ufd)
DRV - [2007.10.18 01:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Presario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Presario&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {4B48443C-6B3B-4A1B-9EF3-4A472C567BC0}
IE - HKLM\..\SearchScopes\{4B48443C-6B3B-4A1B-9EF3-4A472C567BC0}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKLM\..\SearchScopes\{63908BD5-36C8-4EE8-A5A7-8EF57F2E23BE}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Presario&pf=cnnb
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ecda5539-80ea-4a7b-bd43-787e605f35e9&apn_sauid=2FBF6B2D-C4B5-4E6D-9074-82BCBE7A2FA4
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..\SearchScopes\{4B48443C-6B3B-4A1B-9EF3-4A472C567BC0}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..\SearchScopes\{63908BD5-36C8-4EE8-A5A7-8EF57F2E23BE}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.15 22:33:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.15 22:33:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.15 22:33:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.15 22:33:32 | 000,000,000 | ---D | M]

[2011.01.07 13:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beyer\AppData\Roaming\mozilla\Extensions
[2013.03.19 14:59:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beyer\AppData\Roaming\mozilla\Firefox\Profiles\nyg2vab8.default\extensions
[2012.02.26 15:02:01 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\beyer\AppData\Roaming\mozilla\firefox\profiles\nyg2vab8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013.03.15 22:46:50 | 000,002,344 | ---- | M] () -- C:\Users\beyer\AppData\Roaming\mozilla\firefox\profiles\nyg2vab8.default\searchplugins\askcom.xml
[2013.04.15 22:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.04.15 22:33:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.04.15 22:33:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.04.15 22:33:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.02 23:25:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.02 23:25:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.01.02 23:25:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.02 23:25:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.02 23:25:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.02 23:25:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000..\RunOnce: [333994DB0163E4730000333961A6E9BD] C:\ProgramData\333994DB0163E4730000333961A6E9BD\333994DB0163E4730000333961A6E9BD.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DFD9740-243A-441C-B986-6EFA8EC440FC}: DhcpNameServer = 192.168.0.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A7CD7F6-F6AA-46E5-871B-F4FCF28BECB5}: DhcpNameServer = 192.168.178.1 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\beyer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\beyer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.10.23 09:22:58 | 000,000,283 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{de5dcd06-e185-11dd-abc8-001f16467338}\Shell\AutoRun\command - "" = F:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007.10.23 09:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.05.24 21:00:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\beyer\Downloads\Desktop\OTL.exe
[2013.05.24 15:56:10 | 000,000,000 | ---D | C] -- C:\Users\beyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
[2013.05.24 15:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\333994DB0163E4730000333961A6E9BD
[2013.05.16 21:39:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.16 21:20:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.16 21:20:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.16 21:20:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.16 21:20:00 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.16 21:19:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.16 21:19:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.16 21:19:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.15 22:11:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.05.15 22:11:30 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

========== Files - Modified Within 30 Days ==========

[2013.05.24 21:05:12 | 000,627,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.24 21:05:12 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.24 21:05:12 | 000,125,870 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.24 21:05:12 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.24 20:58:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 20:53:53 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 20:53:53 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 20:53:53 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.24 20:51:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\beyer\Downloads\Desktop\OTL.exe
[2013.05.24 15:56:10 | 000,002,002 | ---- | M] () -- C:\Users\beyer\Downloads\Desktop\System Care Antivirus.lnk
[2013.05.16 21:55:21 | 000,348,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.16 21:46:26 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.16 21:46:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.16 21:43:36 | 000,162,350 | ---- | M] () -- C:\Users\beyer\Downloads\Desktop\01W183e105b154C62_a_07m919T139e60034_.jpg
[2013.05.16 21:43:14 | 000,175,677 | ---- | M] () -- C:\Users\beyer\Downloads\Desktop\01W183e105b158C62_a_08m311T133e40035_.jpg
[2013.05.16 21:42:50 | 000,176,811 | ---- | M] () -- C:\Users\beyer\Downloads\Desktop\01W184e100b150C62_a_01m418T934e60036_.jpg
[2013.05.15 19:46:54 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2013.05.05 21:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

========== Files Created - No Company Name ==========

[2013.05.24 15:56:10 | 000,002,002 | ---- | C] () -- C:\Users\beyer\Downloads\Desktop\System Care Antivirus.lnk
[2013.05.16 21:43:43 | 000,162,350 | ---- | C] () -- C:\Users\beyer\Downloads\Desktop\01W183e105b154C62_a_07m919T139e60034_.jpg
[2013.05.16 21:43:26 | 000,175,677 | ---- | C] () -- C:\Users\beyer\Downloads\Desktop\01W183e105b158C62_a_08m311T133e40035_.jpg
[2013.05.16 21:43:07 | 000,176,811 | ---- | C] () -- C:\Users\beyer\Downloads\Desktop\01W184e100b150C62_a_01m418T934e60036_.jpg
[2013.01.31 16:25:04 | 000,031,903 | ---- | C] () -- C:\Windows\maxlink.ini
[2009.12.24 15:27:17 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.06.25 21:28:02 | 000,007,052 | ---- | C] () -- C:\Users\beyer\AppData\Local\d3d9caps.dat
[2009.02.23 18:33:54 | 000,010,240 | ---- | C] () -- C:\Users\beyer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.12 09:50:12 | 000,000,000 | ---- | C] () -- C:\Users\beyer\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2006.11.02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Könnt ihr mir weiterhelfen? Muss ich sonst noch was posten?
Vielen, vielen Dank schonmal!
Grüsse,
mamatijo

Hi,

otl fix

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

:OTL

O4 - HKU\S-1-5-21-1255160105-2566943596-1927998645-1000..\RunOnce: [333994DB0163E4730000333961A6E9BD] C:\ProgramData\333994DB0163E4730000333961A6E9BD\333994DB0163E4730000333961A6E9BD.exe

()

[2013.05.24 15:56:10 | 000,000,000 | ---D | C] -- C:\Users\beyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus

:files

C:\ProgramData\333994DB0163E4730000333961A6E9BD

:Commands

[emptytemp]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

Vielen Dank für die super schnelle Antwort!!!
Also, hier erstmal den Inhalt des threads, den Rest mache ich jetzt und gebe Bescheid, ob der upload gut klappt.
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1255160105-2566943596-1927998645-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\333994DB0163E4730000333961A6E9BD deleted successfully.
C:\ProgramData\333994DB0163E4730000333961A6E9BD\333994DB0163E4730000333961A6E9BD.exe moved successfully.
C:\Users\beyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus folder moved successfully.
========== FILES ==========
C:\ProgramData\333994DB0163E4730000333961A6E9BD folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: beyer
->Temp folder emptied: 496307344 bytes
->Temporary Internet Files folder emptied: 415868558 bytes
->Java cache emptied: 162 bytes
->FireFox cache emptied: 78887166 bytes
->Flash cache emptied: 7210 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 261198427 bytes
RecycleBin emptied: 111551265 bytes

Total Files Cleaned = 1.301,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 05242013_214508

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ich habe es gerade hochgeladen und es sieht so aus, als ob es geklappt hätte.

thx
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ok, hier kommt der thread, hat zum Glück nix infiziertes mehr gefunden, sondern nur noch threats (klingt eigentlich auch nicht viel besser ...):
22:08:45.0855 5556 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:08:46.0399 5556 ============================================================
22:08:46.0399 5556 Current date / time: 2013/05/24 22:08:46.0399
22:08:46.0399 5556 SystemInfo:
22:08:46.0399 5556
22:08:46.0399 5556 OS Version: 6.0.6002 ServicePack: 2.0
22:08:46.0399 5556 Product type: Workstation
22:08:46.0399 5556 ComputerName: BEYER-PC
22:08:46.0400 5556 UserName: beyer
22:08:46.0400 5556 Windows directory: C:\Windows
22:08:46.0400 5556 System windows directory: C:\Windows
22:08:46.0400 5556 Processor architecture: Intel x86
22:08:46.0400 5556 Number of processors: 2
22:08:46.0400 5556 Page size: 0x1000
22:08:46.0400 5556 Boot type: Normal boot
22:08:46.0400 5556 ============================================================
22:08:47.0964 5556 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:08:47.0969 5556 ============================================================
22:08:47.0969 5556 \Device\Harddisk0\DR0:
22:08:47.0970 5556 MBR partitions:
22:08:47.0970 5556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C0D4FC1
22:08:47.0970 5556 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C0D5000, BlocksNum 0x10EF000
22:08:47.0970 5556 ============================================================
22:08:47.0981 5556 C: <-> \Device\Harddisk0\DR0\Partition1
22:08:48.0081 5556 D: <-> \Device\Harddisk0\DR0\Partition2
22:08:48.0081 5556 ============================================================
22:08:48.0081 5556 Initialize success
22:08:48.0081 5556 ============================================================
22:09:14.0569 1356 ============================================================
22:09:14.0569 1356 Scan started
22:09:14.0569 1356 Mode: Manual; SigCheck; TDLFS;
22:09:14.0569 1356 ============================================================
22:09:16.0068 1356 ================ Scan system memory ========================
22:09:16.0069 1356 System memory - ok
22:09:16.0075 1356 ================ Scan services =============================
22:09:16.0227 1356 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:09:16.0449 1356 ACDaemon - ok
22:09:16.0643 1356 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:09:16.0667 1356 ACPI - ok
22:09:16.0742 1356 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:09:16.0768 1356 AdobeARMservice - ok
22:09:16.0873 1356 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:09:16.0892 1356 AdobeFlashPlayerUpdateSvc - ok
22:09:16.0941 1356 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:09:16.0987 1356 adp94xx - ok
22:09:16.0999 1356 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:09:17.0038 1356 adpahci - ok
22:09:17.0057 1356 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:09:17.0086 1356 adpu160m - ok
22:09:17.0100 1356 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:09:17.0130 1356 adpu320 - ok
22:09:17.0159 1356 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:09:17.0289 1356 AeLookupSvc - ok
22:09:17.0329 1356 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\Windows\system32\drivers\Afc.sys
22:09:17.0355 1356 Afc - ok
22:09:17.0420 1356 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:09:17.0523 1356 AFD - ok
22:09:17.0579 1356 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:09:17.0610 1356 agp440 - ok
22:09:17.0643 1356 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:09:17.0681 1356 aic78xx - ok
22:09:17.0706 1356 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:09:17.0899 1356 ALG - ok
22:09:17.0927 1356 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:09:17.0964 1356 aliide - ok
22:09:17.0989 1356 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:09:18.0031 1356 amdagp - ok
22:09:18.0046 1356 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:09:18.0083 1356 amdide - ok
22:09:18.0121 1356 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:09:18.0211 1356 AmdK7 - ok
22:09:18.0243 1356 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:09:18.0340 1356 AmdK8 - ok
22:09:18.0446 1356 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:09:18.0484 1356 AntiVirSchedulerService - ok
22:09:18.0555 1356 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:09:18.0594 1356 AntiVirService - ok
22:09:18.0627 1356 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:09:18.0689 1356 Appinfo - ok
22:09:18.0731 1356 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:09:18.0773 1356 arc - ok
22:09:18.0818 1356 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:09:18.0864 1356 arcsas - ok
22:09:18.0897 1356 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:09:18.0996 1356 AsyncMac - ok
22:09:19.0039 1356 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:09:19.0067 1356 atapi - ok
22:09:19.0170 1356 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
22:09:19.0436 1356 athr - ok
22:09:19.0534 1356 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:09:19.0690 1356 AudioEndpointBuilder - ok
22:09:19.0722 1356 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:09:19.0773 1356 Audiosrv - ok
22:09:19.0838 1356 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:09:19.0879 1356 avgntflt - ok
22:09:19.0946 1356 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:09:19.0974 1356 avipbb - ok
22:09:19.0997 1356 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:09:20.0023 1356 avkmgr - ok
22:09:20.0071 1356 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
22:09:20.0318 1356 BCM43XV - ok
22:09:20.0345 1356 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:09:20.0405 1356 Beep - ok
22:09:20.0466 1356 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:09:20.0503 1356 BFE - ok
22:09:20.0595 1356 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:09:20.0693 1356 BITS - ok
22:09:20.0711 1356 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:09:20.0782 1356 blbdrive - ok
22:09:20.0835 1356 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:09:20.0897 1356 bowser - ok
22:09:20.0955 1356 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:09:21.0010 1356 BrFiltLo - ok
22:09:21.0034 1356 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:09:21.0101 1356 BrFiltUp - ok
22:09:21.0134 1356 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:09:21.0216 1356 Browser - ok
22:09:21.0257 1356 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:09:21.0371 1356 Brserid - ok
22:09:21.0401 1356 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:09:21.0466 1356 BrSerWdm - ok
22:09:21.0490 1356 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:09:21.0553 1356 BrUsbMdm - ok
22:09:21.0575 1356 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:09:21.0639 1356 BrUsbSer - ok
22:09:21.0659 1356 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:09:21.0727 1356 BTHMODEM - ok
22:09:21.0755 1356 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:09:21.0851 1356 cdfs - ok
22:09:21.0896 1356 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:09:21.0947 1356 cdrom - ok
22:09:22.0015 1356 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:09:22.0075 1356 CertPropSvc - ok
22:09:22.0101 1356 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:09:22.0166 1356 circlass - ok
22:09:22.0219 1356 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:09:22.0261 1356 CLFS - ok
22:09:22.0321 1356 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:09:22.0346 1356 clr_optimization_v2.0.50727_32 - ok
22:09:22.0470 1356 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:09:22.0484 1356 clr_optimization_v4.0.30319_32 - ok
22:09:22.0503 1356 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:09:22.0548 1356 CmBatt - ok
22:09:22.0564 1356 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:09:22.0586 1356 cmdide - ok
22:09:22.0665 1356 [ DDA0CB141150FEF87419926790CD26C8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
22:09:22.0718 1356 CnxtHdAudService - ok
22:09:22.0770 1356 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
22:09:22.0790 1356 Com4QLBEx - ok
22:09:22.0797 1356 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:09:22.0821 1356 Compbatt - ok
22:09:22.0828 1356 COMSysApp - ok
22:09:22.0837 1356 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:09:22.0859 1356 crcdisk - ok
22:09:22.0886 1356 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:09:22.0938 1356 Crusoe - ok
22:09:22.0991 1356 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:09:23.0027 1356 CryptSvc - ok
22:09:23.0090 1356 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:09:23.0220 1356 DcomLaunch - ok
22:09:23.0277 1356 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:09:23.0315 1356 DfsC - ok
22:09:23.0411 1356 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:09:23.0626 1356 DFSR - ok
22:09:23.0682 1356 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:09:23.0730 1356 Dhcp - ok
22:09:23.0795 1356 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:09:23.0827 1356 disk - ok
22:09:23.0891 1356 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:09:23.0960 1356 Dnscache - ok
22:09:24.0022 1356 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:09:24.0092 1356 dot3svc - ok
22:09:24.0129 1356 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:09:24.0203 1356 DPS - ok
22:09:24.0236 1356 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:09:24.0261 1356 drmkaud - ok
22:09:24.0321 1356 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:09:24.0366 1356 DXGKrnl - ok
22:09:24.0417 1356 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:09:24.0471 1356 E1G60 - ok
22:09:24.0502 1356 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:09:24.0542 1356 EapHost - ok
22:09:24.0606 1356 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:09:24.0636 1356 Ecache - ok
22:09:24.0664 1356 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:09:24.0705 1356 elxstor - ok
22:09:24.0773 1356 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:09:24.0870 1356 EMDMgmt - ok
22:09:24.0893 1356 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:09:24.0946 1356 ErrDev - ok
22:09:25.0020 1356 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:09:25.0082 1356 EventSystem - ok
22:09:25.0142 1356 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:09:25.0217 1356 exfat - ok
22:09:25.0272 1356 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
22:09:25.0296 1356 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
22:09:25.0296 1356 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
22:09:25.0351 1356 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:09:25.0403 1356 fastfat - ok
22:09:25.0444 1356 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:09:25.0520 1356 fdc - ok
22:09:25.0550 1356 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:09:25.0586 1356 fdPHost - ok
22:09:25.0608 1356 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:09:25.0664 1356 FDResPub - ok
22:09:25.0687 1356 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:09:25.0711 1356 FileInfo - ok
22:09:25.0740 1356 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:09:25.0782 1356 Filetrace - ok
22:09:25.0812 1356 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:09:25.0866 1356 flpydisk - ok
22:09:25.0920 1356 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:09:25.0949 1356 FltMgr - ok
22:09:26.0030 1356 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:09:26.0131 1356 FontCache - ok
22:09:26.0192 1356 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:09:26.0214 1356 FontCache3.0.0.0 - ok
22:09:26.0264 1356 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:09:26.0321 1356 Fs_Rec - ok
22:09:26.0371 1356 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:09:26.0404 1356 gagp30kx - ok
22:09:26.0468 1356 [ 44D07E5A444692E9B6A5CDD7401B4402 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
22:09:26.0506 1356 GameConsoleService - ok
22:09:26.0562 1356 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:09:26.0654 1356 gpsvc - ok
22:09:26.0760 1356 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:09:26.0804 1356 gusvc - ok
22:09:26.0843 1356 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:09:26.0950 1356 HdAudAddService - ok
22:09:27.0015 1356 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:09:27.0140 1356 HDAudBus - ok
22:09:27.0177 1356 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:09:27.0248 1356 HidBth - ok
22:09:27.0279 1356 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:09:27.0361 1356 HidIr - ok
22:09:27.0404 1356 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:09:27.0463 1356 hidserv - ok
22:09:27.0500 1356 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:09:27.0542 1356 HidUsb - ok
22:09:27.0584 1356 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:09:27.0617 1356 hkmsvc - ok
22:09:27.0671 1356 [ D13E6BFD7E9189D26A42E94CB2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
22:09:27.0692 1356 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
22:09:27.0692 1356 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
22:09:27.0718 1356 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:09:27.0748 1356 HpCISSs - ok
22:09:27.0776 1356 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:09:27.0826 1356 HpqKbFiltr - ok
22:09:27.0856 1356 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
22:09:27.0876 1356 hpqwmiex - ok
22:09:27.0913 1356 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:09:28.0015 1356 HSFHWAZL - ok
22:09:28.0067 1356 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:09:28.0217 1356 HSF_DPV - ok
22:09:28.0260 1356 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:09:28.0318 1356 HSXHWAZL - ok
22:09:28.0377 1356 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:09:28.0494 1356 HTTP - ok
22:09:28.0524 1356 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:09:28.0560 1356 i2omp - ok
22:09:28.0605 1356 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:09:28.0657 1356 i8042prt - ok
22:09:28.0690 1356 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:09:28.0728 1356 iaStorV - ok
22:09:28.0796 1356 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:09:28.0852 1356 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:09:28.0852 1356 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:09:28.0934 1356 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:09:29.0043 1356 idsvc - ok
22:09:29.0370 1356 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:09:31.0320 1356 igfx - ok
22:09:31.0376 1356 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:09:31.0415 1356 iirsp - ok
22:09:31.0488 1356 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:09:31.0568 1356 IKEEXT - ok
22:09:31.0662 1356 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
22:09:31.0715 1356 IntcHdmiAddService - ok
22:09:31.0762 1356 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:09:31.0797 1356 intelide - ok
22:09:31.0838 1356 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:09:31.0909 1356 intelppm - ok
22:09:31.0942 1356 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:09:32.0025 1356 IPBusEnum - ok
22:09:32.0050 1356 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:09:32.0123 1356 IpFilterDriver - ok
22:09:32.0172 1356 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:09:32.0241 1356 iphlpsvc - ok
22:09:32.0251 1356 IpInIp - ok
22:09:32.0280 1356 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:09:32.0345 1356 IPMIDRV - ok
22:09:32.0375 1356 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:09:32.0444 1356 IPNAT - ok
22:09:32.0464 1356 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:09:32.0554 1356 IRENUM - ok
22:09:32.0583 1356 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:09:32.0622 1356 isapnp - ok
22:09:32.0678 1356 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:09:32.0713 1356 iScsiPrt - ok
22:09:32.0734 1356 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:09:32.0769 1356 iteatapi - ok
22:09:32.0820 1356 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:09:32.0857 1356 iteraid - ok
22:09:32.0875 1356 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:09:32.0915 1356 kbdclass - ok
22:09:32.0935 1356 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:09:32.0967 1356 kbdhid - ok
22:09:33.0022 1356 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:09:33.0061 1356 KeyIso - ok
22:09:33.0083 1356 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:09:33.0166 1356 KSecDD - ok
22:09:33.0240 1356 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:09:33.0288 1356 KtmRm - ok
22:09:33.0336 1356 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:09:33.0382 1356 LanmanServer - ok
22:09:33.0440 1356 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:09:33.0482 1356 LanmanWorkstation - ok
22:09:33.0524 1356 [ 984ECB68ED2A2B2E6A544E87E24FBA2D ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:09:33.0541 1356 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:09:33.0541 1356 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:09:33.0563 1356 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:09:33.0630 1356 lltdio - ok
22:09:33.0670 1356 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:09:33.0742 1356 lltdsvc - ok
22:09:33.0761 1356 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:09:33.0831 1356 lmhosts - ok
22:09:33.0860 1356 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:09:33.0892 1356 LSI_FC - ok
22:09:33.0901 1356 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:09:33.0934 1356 LSI_SAS - ok
22:09:33.0952 1356 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:09:33.0976 1356 LSI_SCSI - ok
22:09:33.0983 1356 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:09:34.0034 1356 luafv - ok
22:09:34.0092 1356 [ C57C48FB9AE3EFB9848AF594E3123A63 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
22:09:34.0109 1356 LVPr2Mon - ok
22:09:34.0205 1356 [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
22:09:34.0218 1356 LVPrcSrv - ok
22:09:34.0263 1356 [ 87ECCE893D8AEC5A9337B917742D339C ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
22:09:34.0296 1356 LVRS - ok
22:09:34.0475 1356 [ 6C42815DD57E397F0CD988304B5EB4B3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
22:09:35.0135 1356 LVUVC - ok
22:09:35.0175 1356 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:09:35.0235 1356 mdmxsdk - ok
22:09:35.0270 1356 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:09:35.0306 1356 megasas - ok
22:09:35.0333 1356 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:09:35.0381 1356 MegaSR - ok
22:09:35.0412 1356 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:09:35.0454 1356 MMCSS - ok
22:09:35.0470 1356 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:09:35.0504 1356 Modem - ok
22:09:35.0522 1356 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:09:35.0560 1356 monitor - ok
22:09:35.0581 1356 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:09:35.0602 1356 mouclass - ok
22:09:35.0623 1356 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:09:35.0664 1356 mouhid - ok
22:09:35.0692 1356 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:09:35.0715 1356 MountMgr - ok
22:09:35.0790 1356 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:09:35.0819 1356 MozillaMaintenance - ok
22:09:35.0853 1356 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:09:35.0882 1356 mpio - ok
22:09:35.0897 1356 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:09:35.0950 1356 mpsdrv - ok
22:09:35.0999 1356 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:09:36.0061 1356 MpsSvc - ok
22:09:36.0098 1356 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:09:36.0120 1356 Mraid35x - ok
22:09:36.0165 1356 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:09:36.0205 1356 MRxDAV - ok
22:09:36.0251 1356 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:09:36.0295 1356 mrxsmb - ok
22:09:36.0346 1356 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:09:36.0415 1356 mrxsmb10 - ok
22:09:36.0450 1356 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:09:36.0487 1356 mrxsmb20 - ok
22:09:36.0543 1356 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
22:09:36.0581 1356 msahci - ok
22:09:36.0609 1356 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:09:36.0652 1356 msdsm - ok
22:09:36.0680 1356 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:09:36.0767 1356 MSDTC - ok
22:09:36.0794 1356 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:09:36.0846 1356 Msfs - ok
22:09:36.0856 1356 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:09:36.0878 1356 msisadrv - ok
22:09:36.0918 1356 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:09:36.0977 1356 MSiSCSI - ok
22:09:36.0983 1356 msiserver - ok
22:09:37.0001 1356 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:09:37.0059 1356 MSKSSRV - ok
22:09:37.0085 1356 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:09:37.0123 1356 MSPCLOCK - ok
22:09:37.0138 1356 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:09:37.0184 1356 MSPQM - ok
22:09:37.0234 1356 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:09:37.0261 1356 MsRPC - ok
22:09:37.0281 1356 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:09:37.0295 1356 mssmbios - ok
22:09:37.0317 1356 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:09:37.0349 1356 MSTEE - ok
22:09:37.0405 1356 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:09:37.0429 1356 Mup - ok
22:09:37.0481 1356 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:09:37.0553 1356 napagent - ok
22:09:37.0595 1356 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:09:37.0634 1356 NativeWifiP - ok
22:09:37.0711 1356 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:09:37.0793 1356 NDIS - ok
22:09:37.0844 1356 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:09:37.0890 1356 NdisTapi - ok
22:09:37.0921 1356 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:09:37.0959 1356 Ndisuio - ok
22:09:38.0006 1356 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:09:38.0048 1356 NdisWan - ok
22:09:38.0064 1356 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:09:38.0104 1356 NDProxy - ok
22:09:38.0120 1356 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:09:38.0179 1356 NetBIOS - ok
22:09:38.0234 1356 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:09:38.0311 1356 netbt - ok
22:09:38.0336 1356 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:09:38.0365 1356 Netlogon - ok
22:09:38.0396 1356 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:09:38.0476 1356 Netman - ok
22:09:38.0498 1356 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:09:38.0548 1356 netprofm - ok
22:09:38.0596 1356 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:09:38.0621 1356 NetTcpPortSharing - ok
22:09:38.0635 1356 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:09:38.0656 1356 nfrd960 - ok
22:09:38.0672 1356 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:09:38.0704 1356 NlaSvc - ok
22:09:38.0725 1356 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:09:38.0752 1356 Npfs - ok
22:09:38.0777 1356 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:09:38.0805 1356 nsi - ok
22:09:38.0827 1356 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:09:38.0864 1356 nsiproxy - ok
22:09:38.0952 1356 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:09:39.0049 1356 Ntfs - ok
22:09:39.0076 1356 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:09:39.0127 1356 ntrigdigi - ok
22:09:39.0152 1356 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:09:39.0184 1356 Null - ok
22:09:39.0218 1356 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
22:09:39.0330 1356 NVENETFD - ok
22:09:39.0360 1356 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:09:39.0387 1356 nvraid - ok
22:09:39.0402 1356 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:09:39.0426 1356 nvstor - ok
22:09:39.0454 1356 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:09:39.0482 1356 nv_agp - ok
22:09:39.0488 1356 NwlnkFlt - ok
22:09:39.0496 1356 NwlnkFwd - ok
22:09:39.0551 1356 [ A015DD2BA6009C8BDD00A6C431302D06 ] OA004Ufd C:\Windows\system32\DRIVERS\OA004Ufd.sys
22:09:39.0593 1356 OA004Ufd - ok
22:09:39.0626 1356 [ 12A4366FF51BEFBDF018F654FF8B22B8 ] OA004Vid C:\Windows\system32\DRIVERS\OA004Vid.sys
22:09:39.0653 1356 OA004Vid - ok
22:09:39.0694 1356 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:09:39.0750 1356 ohci1394 - ok
22:09:39.0834 1356 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:09:39.0858 1356 ose - ok
22:09:39.0923 1356 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:09:40.0060 1356 p2pimsvc - ok
22:09:40.0076 1356 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:09:40.0153 1356 p2psvc - ok
22:09:40.0213 1356 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:09:40.0307 1356 Parport - ok
22:09:40.0361 1356 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:09:40.0393 1356 partmgr - ok
22:09:40.0412 1356 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:09:40.0507 1356 Parvdm - ok
22:09:40.0556 1356 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:09:40.0619 1356 PcaSvc - ok
22:09:40.0672 1356 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:09:40.0743 1356 pci - ok
22:09:40.0765 1356 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:09:40.0805 1356 pciide - ok
22:09:40.0842 1356 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:09:40.0887 1356 pcmcia - ok
22:09:40.0962 1356 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:09:41.0185 1356 PEAUTH - ok
22:09:41.0287 1356 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:09:41.0472 1356 pla - ok
22:09:41.0539 1356 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:09:41.0606 1356 PlugPlay - ok
22:09:41.0647 1356 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:09:41.0717 1356 PNRPAutoReg - ok
22:09:41.0780 1356 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:09:41.0809 1356 PNRPsvc - ok
22:09:41.0868 1356 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:09:41.0926 1356 PolicyAgent - ok
22:09:41.0980 1356 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:09:42.0015 1356 PptpMiniport - ok
22:09:42.0049 1356 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:09:42.0114 1356 Processor - ok
22:09:42.0163 1356 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:09:42.0222 1356 ProfSvc - ok
22:09:42.0238 1356 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:09:42.0258 1356 ProtectedStorage - ok
22:09:42.0313 1356 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:09:42.0351 1356 PSched - ok
22:09:42.0413 1356 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:09:42.0519 1356 ql2300 - ok
22:09:42.0527 1356 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:09:42.0552 1356 ql40xx - ok
22:09:42.0583 1356 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:09:42.0641 1356 QWAVE - ok
22:09:42.0677 1356 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:09:42.0706 1356 QWAVEdrv - ok
22:09:42.0727 1356 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:09:42.0774 1356 RasAcd - ok
22:09:42.0802 1356 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:09:42.0856 1356 RasAuto - ok
22:09:42.0892 1356 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:09:42.0953 1356 Rasl2tp - ok
22:09:43.0003 1356 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:09:43.0036 1356 RasMan - ok
22:09:43.0082 1356 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:09:43.0122 1356 RasPppoe - ok
22:09:43.0174 1356 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:09:43.0205 1356 RasSstp - ok
22:09:43.0267 1356 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:09:43.0321 1356 rdbss - ok
22:09:43.0348 1356 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:09:43.0402 1356 RDPCDD - ok
22:09:43.0435 1356 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:09:43.0503 1356 rdpdr - ok
22:09:43.0510 1356 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:09:43.0549 1356 RDPENCDD - ok
22:09:43.0609 1356 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:09:43.0673 1356 RDPWD - ok
22:09:43.0714 1356 [ 431723F23D0E065BEF502389E8FFDC10 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
22:09:43.0801 1356 Recovery Service for Windows - ok
22:09:43.0872 1356 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:09:43.0957 1356 RemoteAccess - ok
22:09:43.0999 1356 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:09:44.0046 1356 RemoteRegistry - ok
22:09:44.0114 1356 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
22:09:44.0150 1356 RichVideo - ok
22:09:44.0181 1356 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:09:44.0228 1356 RpcLocator - ok
22:09:44.0258 1356 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:09:44.0338 1356 RpcSs - ok
22:09:44.0385 1356 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:09:44.0425 1356 rspndr - ok
22:09:44.0464 1356 [ 125C504A34D0A2E152517E342E7E432C ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:09:44.0534 1356 RTL8169 - ok
22:09:44.0566 1356 [ B0538DEA03E088B80482CA939F4E8740 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
22:09:44.0622 1356 RTSTOR - ok
22:09:44.0640 1356 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:09:44.0662 1356 SamSs - ok
22:09:44.0679 1356 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:09:44.0711 1356 sbp2port - ok
22:09:44.0768 1356 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:09:44.0812 1356 SCardSvr - ok
22:09:44.0947 1356 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:09:45.0270 1356 Schedule - ok
22:09:45.0285 1356 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:09:45.0327 1356 SCPolicySvc - ok
22:09:45.0345 1356 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:09:45.0392 1356 SDRSVC - ok
22:09:45.0430 1356 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:09:45.0538 1356 secdrv - ok
22:09:45.0551 1356 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:09:45.0584 1356 seclogon - ok
22:09:45.0594 1356 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:09:45.0647 1356 SENS - ok
22:09:45.0662 1356 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:09:45.0735 1356 Serenum - ok
22:09:45.0753 1356 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:09:45.0823 1356 Serial - ok
22:09:45.0853 1356 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:09:45.0885 1356 sermouse - ok
22:09:45.0923 1356 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:09:45.0966 1356 SessionEnv - ok
22:09:45.0991 1356 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:09:46.0040 1356 sffdisk - ok
22:09:46.0068 1356 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:09:46.0117 1356 sffp_mmc - ok
22:09:46.0137 1356 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:09:46.0174 1356 sffp_sd - ok
22:09:46.0197 1356 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:09:46.0257 1356 sfloppy - ok
22:09:46.0297 1356 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:09:46.0354 1356 SharedAccess - ok
22:09:46.0408 1356 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:09:46.0445 1356 ShellHWDetection - ok
22:09:46.0467 1356 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:09:46.0500 1356 sisagp - ok
22:09:46.0520 1356 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:09:46.0544 1356 SiSRaid2 - ok
22:09:46.0559 1356 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:09:46.0599 1356 SiSRaid4 - ok
22:09:46.0680 1356 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:09:46.0695 1356 SkypeUpdate - ok
22:09:46.0833 1356 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:09:47.0079 1356 slsvc - ok
22:09:47.0126 1356 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:09:47.0162 1356 SLUINotify - ok
22:09:47.0211 1356 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:09:47.0265 1356 Smb - ok
22:09:47.0307 1356 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:09:47.0329 1356 SNMPTRAP - ok
22:09:47.0348 1356 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:09:47.0379 1356 spldr - ok
22:09:47.0429 1356 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:09:47.0477 1356 Spooler - ok
22:09:47.0537 1356 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:09:47.0619 1356 srv - ok
22:09:47.0680 1356 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:09:47.0751 1356 srv2 - ok
22:09:47.0805 1356 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:09:47.0862 1356 srvnet - ok
22:09:47.0889 1356 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:09:47.0942 1356 SSDPSRV - ok
22:09:48.0004 1356 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
22:09:48.0020 1356 ssmdrv - ok
22:09:48.0043 1356 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:09:48.0101 1356 SstpSvc - ok
22:09:48.0160 1356 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:09:48.0236 1356 stisvc - ok
22:09:48.0264 1356 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:09:48.0299 1356 swenum - ok
22:09:48.0357 1356 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:09:48.0433 1356 swprv - ok
22:09:48.0447 1356 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:09:48.0484 1356 Symc8xx - ok
22:09:48.0502 1356 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:09:48.0535 1356 Sym_hi - ok
22:09:48.0542 1356 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:09:48.0563 1356 Sym_u3 - ok
22:09:48.0592 1356 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:09:48.0618 1356 SynTP - ok
22:09:48.0672 1356 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:09:48.0747 1356 SysMain - ok
22:09:48.0813 1356 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:09:48.0837 1356 TabletInputService - ok
22:09:48.0898 1356 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:09:48.0940 1356 TapiSrv - ok
22:09:48.0965 1356 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:09:49.0012 1356 TBS - ok
22:09:49.0067 1356 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:09:49.0174 1356 Tcpip - ok
22:09:49.0197 1356 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:09:49.0274 1356 Tcpip6 - ok
22:09:49.0323 1356 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:09:49.0384 1356 tcpipreg - ok
22:09:49.0433 1356 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:09:49.0479 1356 TDPIPE - ok
22:09:49.0503 1356 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:09:49.0544 1356 TDTCP - ok
22:09:49.0583 1356 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:09:49.0621 1356 tdx - ok
22:09:49.0670 1356 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:09:49.0693 1356 TermDD - ok
22:09:49.0716 1356 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:09:49.0801 1356 TermService - ok
22:09:49.0843 1356 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:09:49.0863 1356 Themes - ok
22:09:49.0888 1356 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:09:49.0917 1356 THREADORDER - ok
22:09:49.0947 1356 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:09:49.0993 1356 TrkWks - ok
22:09:50.0065 1356 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:09:50.0100 1356 TrustedInstaller - ok
22:09:50.0137 1356 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:09:50.0183 1356 tssecsrv - ok
22:09:50.0218 1356 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:09:50.0255 1356 tunmp - ok
22:09:50.0316 1356 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:09:50.0336 1356 tunnel - ok
22:09:50.0364 1356 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:09:50.0386 1356 uagp35 - ok
22:09:50.0448 1356 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:09:50.0492 1356 udfs - ok
22:09:50.0530 1356 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:09:50.0581 1356 UI0Detect - ok
22:09:50.0600 1356 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:09:50.0634 1356 uliagpkx - ok
22:09:50.0657 1356 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:09:50.0706 1356 uliahci - ok
22:09:50.0714 1356 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:09:50.0741 1356 UlSata - ok
22:09:50.0760 1356 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:09:50.0787 1356 ulsata2 - ok
22:09:50.0804 1356 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:09:50.0843 1356 umbus - ok
22:09:50.0876 1356 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:09:50.0942 1356 upnphost - ok
22:09:51.0019 1356 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:09:51.0074 1356 usbaudio - ok
22:09:51.0122 1356 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:09:51.0187 1356 usbccgp - ok
22:09:51.0205 1356 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:09:51.0286 1356 usbcir - ok
22:09:51.0322 1356 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:09:51.0361 1356 usbehci - ok
22:09:51.0411 1356 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:09:51.0474 1356 usbhub - ok
22:09:51.0501 1356 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:09:51.0569 1356 usbohci - ok
22:09:51.0593 1356 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:09:51.0652 1356 usbprint - ok
22:09:51.0684 1356 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:09:51.0724 1356 usbscan - ok
22:09:51.0773 1356 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:09:51.0844 1356 USBSTOR - ok
22:09:51.0869 1356 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:09:51.0907 1356 usbuhci - ok
22:09:51.0949 1356 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:09:52.0001 1356 usbvideo - ok
22:09:52.0062 1356 [ C5B70A6AA947667CE0E5FC84A05EC8B6 ] usnjsvc C:\Program Files\MSN Messenger\usnsvc.exe
22:09:52.0094 1356 usnjsvc - ok
22:09:52.0147 1356 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:09:52.0191 1356 UxSms - ok
22:09:52.0254 1356 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:09:52.0348 1356 vds - ok
22:09:52.0390 1356 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:09:52.0462 1356 vga - ok
22:09:52.0489 1356 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:09:52.0542 1356 VgaSave - ok
22:09:52.0560 1356 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:09:52.0581 1356 viaagp - ok
22:09:52.0605 1356 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:09:52.0639 1356 ViaC7 - ok
22:09:52.0669 1356 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:09:52.0689 1356 viaide - ok
22:09:52.0702 1356 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:09:52.0725 1356 volmgr - ok
22:09:52.0787 1356 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:09:52.0827 1356 volmgrx - ok
22:09:52.0881 1356 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:09:52.0911 1356 volsnap - ok
22:09:52.0925 1356 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:09:52.0954 1356 vsmraid - ok
22:09:53.0022 1356 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:09:53.0144 1356 VSS - ok
22:09:53.0199 1356 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:09:53.0276 1356 W32Time - ok
22:09:53.0337 1356 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:09:53.0424 1356 WacomPen - ok
22:09:53.0463 1356 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:09:53.0513 1356 Wanarp - ok
22:09:53.0523 1356 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:09:53.0549 1356 Wanarpv6 - ok
22:09:53.0571 1356 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:09:53.0626 1356 wcncsvc - ok
22:09:53.0648 1356 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:09:53.0686 1356 WcsPlugInService - ok
22:09:53.0707 1356 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:09:53.0730 1356 Wd - ok
22:09:53.0796 1356 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:09:53.0877 1356 Wdf01000 - ok
22:09:53.0918 1356 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:09:53.0966 1356 WdiServiceHost - ok
22:09:53.0972 1356 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:09:54.0008 1356 WdiSystemHost - ok
22:09:54.0066 1356 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:09:54.0116 1356 WebClient - ok
22:09:54.0154 1356 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:09:54.0200 1356 Wecsvc - ok
22:09:54.0229 1356 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:09:54.0281 1356 wercplsupport - ok
22:09:54.0327 1356 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:09:54.0363 1356 WerSvc - ok
22:09:54.0417 1356 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:09:54.0569 1356 winachsf - ok
22:09:54.0645 1356 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:09:54.0681 1356 WinDefend - ok
22:09:54.0691 1356 WinHttpAutoProxySvc - ok
22:09:54.0778 1356 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:09:54.0811 1356 Winmgmt - ok
22:09:54.0887 1356 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:09:55.0116 1356 WinRM - ok
22:09:55.0198 1356 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:09:55.0324 1356 Wlansvc - ok
22:09:55.0366 1356 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:09:55.0397 1356 WmiAcpi - ok
22:09:55.0457 1356 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:09:55.0507 1356 wmiApSrv - ok
22:09:55.0591 1356 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:09:55.0691 1356 WMPNetworkSvc - ok
22:09:55.0745 1356 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:09:55.0823 1356 WPCSvc - ok
22:09:55.0877 1356 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:09:55.0935 1356 WPDBusEnum - ok
22:09:56.0104 1356 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:09:56.0207 1356 WPFFontCache_v0400 - ok
22:09:56.0238 1356 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:09:56.0298 1356 ws2ifsl - ok
22:09:56.0342 1356 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:09:56.0376 1356 wscsvc - ok
22:09:56.0384 1356 WSearch - ok
22:09:56.0501 1356 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:09:56.0647 1356 wuauserv - ok
22:09:56.0729 1356 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:09:56.0775 1356 WudfPf - ok
22:09:56.0806 1356 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:09:56.0843 1356 WUDFRd - ok
22:09:56.0893 1356 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:09:56.0922 1356 wudfsvc - ok
22:09:56.0937 1356 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
22:09:56.0957 1356 XAudio - ok
22:09:56.0993 1356 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
22:09:57.0019 1356 XAudioService - ok
22:09:57.0058 1356 ================ Scan global ===============================
22:09:57.0077 1356 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:09:57.0130 1356 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
22:09:57.0163 1356 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
22:09:57.0208 1356 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:09:57.0213 1356 [Global] - ok
22:09:57.0214 1356 ================ Scan MBR ==================================
22:09:57.0226 1356 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
22:09:57.0899 1356 \Device\Harddisk0\DR0 - ok
22:09:57.0900 1356 ================ Scan VBR ==================================
22:09:57.0904 1356 [ FC0A3477B2AF022D9735AC97D050BACD ] \Device\Harddisk0\DR0\Partition1
22:09:57.0906 1356 \Device\Harddisk0\DR0\Partition1 - ok
22:09:57.0911 1356 [ 2C83B441A6A201BD96A9A8EB5F85AA55 ] \Device\Harddisk0\DR0\Partition2
22:09:57.0914 1356 \Device\Harddisk0\DR0\Partition2 - ok
22:09:57.0914 1356 ============================================================
22:09:57.0914 1356 Scan finished
22:09:57.0914 1356 ============================================================
22:09:57.0929 5716 Detected object count: 4
22:09:57.0929 5716 Actual detected object count: 4
22:12:08.0865 5716 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:12:08.0865 5716 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:12:08.0866 5716 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:12:08.0866 5716 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:12:08.0869 5716 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:12:08.0870 5716 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:12:08.0873 5716 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:12:08.0873 5716 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Vermute mal, dass es für heute Abend genug ist :)
Schonmal vielen, vielen Dank für die Hilfe! Es wäre super, wenn du mir noch weiterhelfen könntest, was ich mit den threats anstellen soll.
Grüsse,
mamatijo

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hallo!
Super! Hänge ich natürlich gleich ran. Code tags probiere ich natürlich auch, hoffe es klappt - sorry, wusste vorher nicht wirklich Bescheid wie das geht...ehem.
Während combofix lief hat sich der javaupdater gemeldet und auch der dumme avira notifier, obwohl ich avira geschlossen und den schutz deaktiviert hatte - hoffe das ist kein Problem oder muss ich es erneut laufen lassen?
Combofix hat auch einen Neustart durchgeführt. Ist vermutlich nicht wichtig, aber ich schreibe es lieber rein :) Da hat sich dann dummerweise auch wieder java gemeldet.

Code:

ComboFix 13-05-24.01 - beyer 25.05.2013   8:35.1.2 - x86

Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.49.1031.18.1978.873 [GMT 2:00]

ausgeführt von:: c:\users\beyer\Downloads\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\pkunzip.pif

c:\windows\pkzip.pif

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_usnjsvc

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-04-25 bis 2013-05-25  ))))))))))))))))))))))))))))))

.

.

2013-05-25 06:46 . 2013-05-25 06:46        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-05-24 19:49 . 2013-05-24 20:12        --------        d-----w-        c:\users\beyer\AppData\Roaming\U3

2013-05-24 19:45 . 2013-05-24 19:56        --------        d-----w-        C:\_OTL

2013-05-16 19:39 . 2013-05-05 19:12        2382848        ----a-w-        c:\windows\system32\mshtml.tlb

2013-05-16 19:20 . 2013-04-04 22:47        149632        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll

2013-05-16 19:20 . 2013-04-04 22:00        768512        ----a-w-        c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-05-16 19:20 . 2013-04-04 21:57        420864        ----a-w-        c:\windows\system32\vbscript.dll

2013-05-16 19:20 . 2013-04-04 21:59        194048        ----a-w-        c:\program files\Internet Explorer\IEShims.dll

2013-05-16 19:20 . 2013-04-04 21:58        142848        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-05-16 19:20 . 2013-04-04 22:02        1129472        ----a-w-        c:\windows\system32\wininet.dll

2013-05-16 19:20 . 2013-04-04 22:00        194560        ----a-w-        c:\program files\Internet Explorer\ieproxy.dll

2013-05-16 19:19 . 2013-04-04 22:11        1800704        ----a-w-        c:\windows\system32\jscript9.dll

2013-05-16 19:19 . 2013-04-04 22:47        757360        ----a-w-        c:\program files\Internet Explorer\iexplore.exe

2013-05-16 19:19 . 2013-04-04 22:05        678912        ----a-w-        c:\program files\Internet Explorer\iedvtool.dll

2013-05-16 19:19 . 2013-04-04 22:04        387584        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll

2013-05-16 19:19 . 2013-04-04 22:02        1427968        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-05-15 20:11 . 2013-04-15 14:20        638328        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 20:11 . 2013-04-13 10:56        37376        ----a-w-        c:\windows\system32\cdd.dll

2013-05-15 20:11 . 2013-04-09 01:36        2049024        ----a-w-        c:\windows\system32\win32k.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-16 19:46 . 2012-09-29 11:05        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-16 19:46 . 2012-09-29 11:05        692104        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2013-04-02 14:09 . 2013-04-02 14:09        4550656        ----a-w-        c:\windows\system32\GPhotos.scr

2013-03-30 21:12 . 2013-03-15 18:47        84744        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-03-30 21:12 . 2013-03-15 18:47        37352        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-03-30 21:12 . 2013-03-15 18:47        135136        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-03-11 13:25 . 2013-04-13 07:24        3603816        ----a-w-        c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25 . 2013-04-13 07:24        3551080        ----a-w-        c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45 . 2013-04-13 07:24        49152        ----a-w-        c:\windows\system32\csrsrv.dll

2013-03-09 01:28 . 2013-04-13 07:24        64000        ----a-w-        c:\windows\system32\smss.exe

2013-03-08 03:53 . 2013-04-13 07:24        376320        ----a-w-        c:\windows\system32\winsrv.dll

2013-03-08 03:52 . 2013-04-13 07:24        2067968        ----a-w-        c:\windows\system32\mstscax.dll

2013-03-03 19:07 . 2013-04-24 18:33        1082232        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2013-04-15 20:33 . 2013-04-15 20:33        263064        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-01-19 1150976]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]

"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]

"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2009-01-09 114688]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-05-12 345312]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

PHOTOfunSTUDIO 5.0.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2010-8-23 172544]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

2009-01-09 14:53        114688        ----a-w-        c:\program files\Brother\ControlCenter3\BrCtrCen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-04-15 11:42        70912        ----a-w-        c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]

2008-02-26 12:08        2289664        ----a-w-        c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]

2009-04-30 13:39        5472016        ----a-w-        c:\program files\Logitech\Logitech Vid\Vid.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2008-06-11 20:17        468264        ----a-w-        c:\program files\HP\QuickPlay\QPService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-11-10 21:08        417792        ----a-w-        c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2004-11-02 19:24        32768        ----a-w-        c:\program files\CyberLink\PowerDVD\PDVDServ.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"AntiSpywareOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork        REG_MULTI_SZ           PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-02-26 12:06        451872        ----a-w-        c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhalt des "geplante Tasks" Ordners

.

2013-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 19:46]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Presario&pf=cnnb

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1 192.168.1.1

FF - ProfilePath - c:\users\beyer\AppData\Roaming\Mozilla\Firefox\Profiles\nyg2vab8.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - ExtSQL: !HIDDEN! 2009-08-13 20:56; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2013-05-25 08:49

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\system32\WLANExt.exe

c:\program files\Avira\AntiVir Desktop\sched.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\SMINST\BLService.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\windows\system32\DRIVERS\xaudio.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\igfxsrvc.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe

c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

c:\program files\Brother\ControlCenter3\brccMCtl.exe

c:\program files\Brother\Brmfcmon\BrMfcmon.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Synaptics\SynTP\SynTPHelper.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-05-25  08:59:48 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-05-25 06:59

.

Vor Suchlauf: 10 Verzeichnis(se), 120.656.949.248 Bytes frei

Nach Suchlauf: 15 Verzeichnis(se), 120.262.836.224 Bytes frei

.

- - End Of File - - C18FEC45670DC501641268C076CFC2C6

So, jetzt müsste alles dabei sein. Danke!!!!!
mamatijo

Cooool :) Code tags haben funktioniert :):)

hi, um Java kümmern wir uns gleich :-)
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Hi!
Uff, das ist ja lange gelaufen. Also, malwarebytes sagt, dass nichts gefunden wurde. Hier der log:

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.05.25.05
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

beyer :: BEYER-PC [Administrator]
 

25.05.2013 17:13:53

mbam-log-2013-05-25 (17-13-53).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 391652

Laufzeit: 1 Stunde(n), 48 Minute(n), 38 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Ganz am Ende tauchte plötzlich wieder Avira auf (wurde deaktiviert!, weiss nicht, was ich dmit noch machen soll, ausser es zu entfernen!) und meldete: Zugriff auf die Datei OTL etc. wurde verweigert. Danach fing es automatisch an das System zu überprüfen (ist wohl auf automatisch gestellt, damit meine Schwiegermutter sich nicht drum kümmern braucht). Hoffe es ist jetzt nicht alles versiebt!!!!!!!!!!!!!!!!
Grüsse,
mamatijo

Ok, Avira zeigt jetzt an:
Objekt: 333994DBO163E4730000333961A6E9BD.exe
Fund: TR/Dldr.Agent.495616.6
Aktion: in Quarantäne verschieben
Ich mache nichts, solange ich nicht genau weiss, was.
Bibber!!!! Ich hoffe es war nicht alles umsonst :(

Dateiname müsste dabei stehen, mal posten bitte, denke aber es ist in der otl quarantäne.
Danach:

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hi, sorry, Dateiname steht leider nicht dabei. Hatte wegen OTL auch die QUarantäne vermutetet und gehofft...
Ich lade jetzt den cleaner, müsste aber vorher noch wissen, ob ich einfach abbrechen kann - möchte ja nichts verkehrt machen.
Danke!

Ok, meine Antwort ist verschwunden, also nochmal:
Dateiname steht da nicht, der wurde, als der avira mit prüfen anfing ausgeblendet. Ich erinnere mich aber an OTL/ und dann eine mega lange Zahl. Ich tippe mal auf die, die ich unter Objekt stehen habe und hoffe, dass es die Quarantäne ist.
Ich lade jetzt den cleaner, müsste aber vorher noch wissen, ob ich den avira abbrechen darf - möchte ja keinen Mist bauen.
Danke!

Ok, meine Antwort ist verschwunden, also nochmal:
Dateiname steht da nicht, der wurde, als der avira mit prüfen anfing ausgeblendet. Ich erinnere mich aber an OTL/ und dann eine mega lange Zahl. Ich tippe mal auf die, die ich unter Objekt stehen habe und hoffe, dass es die Quarantäne ist.
Ich lade jetzt den cleaner, müsste aber vorher noch wissen, ob ich den avira abbrechen darf - möchte ja keinen Mist bauen.
Danke!

P.S.: Sorry, bin irgendwie in ein anderes Forum gerutscht?! Tut mir leid!! Bitte löschen... :(

So, jetzt bin ich durch. Abbrechen oder nicht hat sich erledigt, als mein Schwiegervater, der anscheinend die letzten Tage nix mitbekommen hat, mal eben einen Knopf gedrückt hat und bei mir einen stummen Schrei ausgelöst hat. Ich hoffe es ist nicht zu schlimm? Es war wenigstens abbrechen... :( Da holt man sich mal schnell was zu trinken und geich geht die Welt unter :(
Hier also die Programme: Die Virenscanner habe ich mal als notwendig markiert.

Code:

Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        15.05.2013                11.7.700.202 notwendig

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        16.05.2013                11.7.700.202 notwendig

Adobe Reader X (10.1.6) - Deutsch        Adobe Systems Incorporated        09.03.2013        121MB        10.1.6 notwendig

Adobe Shockwave Player 11.6        Adobe Systems, Inc.        27.09.2012        27,5MB        11.6.7.637 notwendig

Apple Application Support        Apple Inc.        23.08.2010        32,3MB        1.1.0 unbekannt

Apple Software Update        Apple Inc.        23.08.2010        2,15MB        2.1.1.116 unbekannt

ArcSoft MediaImpression        ArcSoft        13.03.2010        122MB        1.5.42.488 notwendig

Atheros Driver Installation Program        Atheros        14.10.2008        10,9MB        5.0 unbekannt

Avira Free Antivirus        Avira        12.05.2013        79,6MB        13.0.0.3640 unnötig

Brother MFL-Pro Suite DCP-195C        Brother Industries, Ltd.        30.01.2013        6,44MB        1.0.0.0 notwendig

Brother MFL-Pro Suite MFC-250C        Brother Industries, Ltd.        12.08.2010        10,0MB        1.1.8.0 notwendig

CCleaner        Piriform        23.04.2013        4,70MB        4.01 notwendig

Cisco EAP-FAST Module        Cisco Systems, Inc.        14.10.2008        1,04MB        2.1.6 unbekannt

Cisco LEAP Module        Cisco Systems, Inc.        14.10.2008        1,04MB        1.0.12 unbekannt

Cisco PEAP Module        Cisco Systems, Inc.        14.10.2008        868KB        1.0.13 unbekannt

Compatibility Pack für 2007 Office System        Microsoft Corporation        12.01.2013        64,0MB        12.0.6612.1000 notwendig

Conexant HD Audio        Conexant        04.10.2012        1,28MB        4.58.1.0 notwendig

CyberLink DVD Suite        CyberLink Corp.        14.10.2008        48,0MB        5.5.1519 notwendig

CyberLink YouCam        CyberLink Corp.        14.10.2008        76,0MB        2.0.1616 notwendig

Digital Camera Driver                22.02.2009        172KB        notwendig

Essential Grammar in Use German Edition        Cambridge        17.02.2011        248MB        1.00.0000 notwendig

face2face Pre-intermediate        Cambridge        22.02.2011        499MB        1.00.0000 notwendig

HDAUDIO Soft Data Fax Modem with SmartCP                14.10.2008        1,26MB        notwendig

HP Customer Experience Enhancements        Hewlett-Packard        01.08.2008        0,98MB        5.7.0.2630 notwendig

HP DVD Play 3.7        Hewlett-Packard        14.10.2008        178MB         notwendig

HP Easy Setup - Frontend        Hewlett-Packard        01.08.2008        2,18MB        5.7.0.2630 notwendig

HP Help and Support        Hewlett-Packard        01.08.2008        14,2MB        2.0.9.0 notwendig

HP Quick Launch Buttons 6.40 F1        Hewlett-Packard        01.08.2008        16,1MB        6.40 F1 notwendig

HP Total Care Advisor        Hewlett-Packard        01.08.2008        26,7MB        2.1.4047.2685 notwendig

HP Update        Hewlett-Packard        01.08.2008        3,71MB        4.000.010.008 notwendig

HP Wireless Assistant        Hewlett-Packard        01.08.2008        3,85MB        3.00 J1 notwendig

Integrated Webcam Driver (1.00.03.0720)                04.10.2012                 notwendig

Intel(R) Graphics Media Accelerator Driver        Intel Corporation        14.10.2008 notwendig                

Java 7 Update 17        Oracle        18.03.2013        129MB        7.0.170 unbekannt

Java(TM) 6 Update 35        Oracle        04.10.2012        95,7MB        6.0.350 unbekannt

Java(TM) 6 Update 5        Sun Microsystems, Inc.        01.08.2008        171MB        1.6.0.50 unbekannt

Kaufland Fotoservice                16.03.2010        131MB        notwendig

LabelPrint        CyberLink Corp.        14.10.2008        229MB        2.20.2719 notwendig

LightScribe System Software  1.12.33.2        LightScribe        14.10.2008        20,8MB        1.12.33.2 notwendig

Logitech Vid        Logitech Inc.        23.12.2009        38,1MB        1.00.1062 notwendig

Logitech Webcam Software        Logitech Inc.        23.12.2009        43,7MB        12.00.1280 notwendig

Logitech Webcam Software-Treiberpaket        Logitech Inc.        23.12.2009        24,3MB        12.0.1278 notwendig

Malwarebytes Anti-Malware Version 1.75.0.1300        Malwarebytes Corporation        25.05.2013        12,7MB        1.75.0.1300 notwendig

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        13.08.2009        36,9MB        notwendig

Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        07.08.2009        36,9MB        notwendig

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        01.11.2010        120MB        4.0.30319 notwendig

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        01.11.2010        24,5MB        4.0.30319 notwendig

Microsoft Office File Validation Add-In        Microsoft Corporation        04.10.2012        11,2MB        14.0.5130.5003 notwendig

Microsoft Office Live Add-in 1.5        Microsoft Corporation        04.10.2012        506KB        2.0.4024.1 notwendig

Microsoft Office Professional Edition 2003        Microsoft Corporation        16.05.2013        406MB        11.0.8173.0 notwendig

Microsoft Silverlight        Microsoft Corporation        15.03.2013        44,0KB        5.1.20125.0 notwendig

Microsoft SQL Server Compact 3.5 SP1 English        Microsoft Corporation        23.08.2010        2,59MB        3.5.5692.0 notwendig

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        03.08.2009        251KB        8.0.50727.4053 unbekannt

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        29.06.2011        294KB        8.0.56336 unbekannt

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        27.12.2009        199KB        9.0.30729.4148 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        24.12.2009        590KB        9.0.30729 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        23.08.2010        589KB        9.0.30729.4148 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        01.07.2011        594KB        9.0.30729.6161 unbekannt

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        14.03.2012        15,0MB        10.0.40219 unbekannt

Microsoft Works        Microsoft Corporation        13.10.2012        378MB        9.7.0621 notwendig

Mozilla Firefox 20.0.1 (x86 de)        Mozilla        16.04.2013        46,3MB        20.0.1 notwendig

Mozilla Maintenance Service        Mozilla        16.04.2013        204KB        20.0.1 notwendig

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        25.11.2008        1,27MB        4.20.9870.0 unbekannt

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        30.11.2009        1,33MB        4.20.9876.0 unbekannt

My HP Games        WildTangent        14.10.2008        375MB        1.0.0.43 unbekannt

NetWaiting        BVRP Software, Inc        14.10.2008        5,23MB        2.5.52 unbekannt

Paint.NET v3.5.8        dotPDN LLC        14.09.2011        10,4MB        3.58.0 notwendig

PaperPort Image Printer        Nuance Communications, Inc.        30.01.2013        521KB        1.00.0000 notwendig

PHOTOfunSTUDIO 5.0        Panasonic Corporation        23.08.2010        76,7MB        5.00.012notwendig

Picasa 3        Google, Inc.        26.03.2013        79,4MB        3.9 notwendig

Power2Go        CyberLink Corp.        14.10.2008        163MB        5.6.3919 notwendig

PowerDirector        CyberLink Corp.        01.08.2008        353MB        6.5.2719 notwendig

PowerDVD                22.11.2008        30,5MB        notwendig

QuickPlay SlingPlayer 0.4.6        SlingMedia        14.10.2008        178MB        0.4.6 notwendig

QuickTime        Apple Inc.        23.08.2010        77,3MB        7.65.17.80 notwendig

Realtek 8169 8168 8101E 8102E Ethernet Driver        Realtek        14.10.2008        1,54MB        1.00.0000 notwendig

Realtek USB 2.0 Card Reader        Realtek Semiconductor Corp.        14.10.2008        3,99MB        notwendig 

ScanSoft PaperPort 11        Nuance Communications, Inc.        30.01.2013        147MB        11.2.0000 notwendig

Skype™ 6.3        Skype Technologies S.A.        06.04.2013        21,1MB        6.3.105 notwendig

Synaptics Pointing Device Driver        Synaptics        14.10.2008        14,0MB        11.1.3.0 notwendig

Total Commander (Remove or Repair)        Ghisler Software GmbH        11.06.2012        6,43MB        8.0 unbekannt

Viewpoint Media Player                11.11.2008        7,29MB        notwendig

VLC media player 1.1.11        VideoLAN        28.12.2011        82,3MB        1.1.11 notwendig

Windows Live Messenger        Microsoft Corporation        01.08.2008        29,0MB        8.1.0178.00 notwendig

Danke, dass du dir das alles ansiehst :)
Habe vorhin anscheinend geschusselt, weil nun die zweite Seite aufging...ehem.

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Java: alle.
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Total Commander
Viewpoint : würde ich deinstalieren.
VLC updaten bitte:
VideoLAN - Official page for VLC media player, the Open Source video framework!

Öffne bitte CCleaner, analysieren, starten, Pc neustarten.
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Ich kann einen flash player nicht deinstallieren und auch den neuen nicht installieren - da kommt immer, beenden sie zuerst brccmctl. Mer steht da nicht. Hilfe :(

Vielleicht im abgesicherten Modus versuchen?

Ha! Habs raus, war der dumme brother!

Uff, das war eine Menge, aber here goes :)
Viewpoint habe ich vorerst drauf gelassen, aber versuche mich noch in Überredungskünsten ;)

Code:

# AdwCleaner v2.301 - Datei am 27/05/2013 um 21:17:26 erstellt

# Aktualisiert am 16/05/2013 von Xplode

# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)

# Benutzer : beyer - BEYER-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\beyer\Downloads\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

Datei Gelöscht : C:\Users\beyer\AppData\Roaming\Mozilla\Firefox\Profiles\nyg2vab8.default\searchplugins\Askcom.xml

Ordner Gelöscht : C:\Program Files\Viewpoint

Ordner Gelöscht : C:\ProgramData\Viewpoint
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Schlüssel Gelöscht : HKLM\Software\MetaStream

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Schlüssel Gelöscht : HKLM\Software\Viewpoint
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16483
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v20.0.1 (de)
 

Datei : C:\Users\beyer\AppData\Roaming\Mozilla\Firefox\Profiles\nyg2vab8.default\prefs.js
 

C:\Users\beyer\AppData\Roaming\Mozilla\Firefox\Profiles\nyg2vab8.default\user.js ... Gelöscht !
 

Gelöscht : user_pref("browser.search.order.1", "Ask.com");
 

*************************
 

AdwCleaner[S1].txt - [2997 octets] - [27/05/2013 21:17:26]
 

########## EOF - C:\AdwCleaner[S1].txt - [3057 octets] ##########

Vielen, vielen Dank! Hoffe ich habe bald wieder einen sauberen PC vorzuweisen :)

Viewpoint Media Player - Wikipedia, the free encyclopedia
etwas über den player.
Lade Hitmanpro:
Hitman Pro - Download - Filepony

Doppelklick, Scan, nichts löschen.
Auf weiter, Log speichern unter, bzw als XML exportieren, dann posten bzw packen und anhängen

Huhu!
Hier die Datei:

Code:



        Code:


        
HitmanPro 3.7.5.199

www.hitmanpro.com
 

   Computer name . . . . : BEYER-PC

   Windows . . . . . . . : 6.0.2.6002.X86/2

   User name . . . . . . : beyer-PC\beyer

   UAC . . . . . . . . . : Enabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2013-05-28 11:51:27

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 5m 2s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 0

   Traces  . . . . . . . : 0
 

   Objects scanned . . . : 1.649.183

   Files scanned . . . . : 18.257

   Remnants scanned  . . : 363.976 files / 1.266.950 keys

Darf ich denn schon jubeln? Sieht alles schon so schööööööööön aus :)
Heute ist allerdings das Laptop mega langsam und macht Internetseiten nach eienr gefühlten Ewigkeit auf. Kann das an einer unserer Änderungen liegen? Ist erst aufgetreten, nachdem die Änderungen in Adobe Reader gemacht waren - aber daran dürfte es ja eigentlich nicht hängen...

Ach so, viewpoint ist übrigens nicht mehr bei den Programmen zu finden - hatte das nicht eines der Programme gelöscht? Ich meine mich zu erinnern, dass da was von viewpoint deleted stand... Ist übrigens wirklich besser, wenn es runter ist! Vielen Dank für den Tip :)