Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Keine Ahnung vom Laptop (https://www.trojaner-board.de/113252-keine-ahnung-laptop.html)

Miz 06.04.2012 22:18
Keine Ahnung vom Laptop
 
Vor 3 Tagen hatte ich einen Rundll virus (spaware gen und stolen.data war noch dabei )
Beim start des Laptops verschwand nach einlogen die taskleiste und der desktop ich kontne nichts machen ausser wenn ich durch taskmanager(der auch nicht immer ging) auf abmelden ging und kurz vor abmelden auf abrechen drückte konnte ich auf sachen zugreifen
Antivire fand zu diesem zeitpunkt nichts!

Nach hin und her bin ich auf wiederherstellen(f4 bei meinem Samsung rv520 laptop) gegangen das ging nicht kamm wieder das selbe nach dem einlogen nach mehrer ein und auschalten kamm das der laptop repariert werden muss nach ca. 35 minuten kamm das es nicht repariert werden kann bzw. nicht weiß wie dann bekamm ich einen overflow bluescreen

danach ging es wieder ich konnte mich ohne probleme einlogen (wurden anscheinend einige dateien gelöscht)


nach dem ich antivire gestartet hab wieder nen bluescreen overflow

und beim starten kamm irgendein kontrollverfahren von windows wo er alle festplatte kontrollierte und ich glaub irgendetwas löschte

danach ging alles wieder gut ich hab dann antivire gestartet da wurde eines in quarantäne gesteckt und dann hab ich malwarebyte gestartet dieses stecke dan euch 2-4 sachen in quarantäne die ich löschte

jetzt bin ich mir nicht sicher ob ich diesen virus entfernt hab da ich nach dem start antivire neuinstallieren musste (Weil es anscheinend kaputt war)
maleware hab ich leider auch danach erst installiert und ich von daher nicht weiß ob es nicht vielleicht vom virus manipuliert wurde

aja der laptop hängt sich öfters mal kurz auf

Also meine Fragen:
wie kann ich mir sicher sein das es deinstalliert ist(damit ist der virus gemeint)?
was soll ich machen um es zu kontrolliern?
soll ich den laptop neu aufsetzen? wenn ja wie?
und was würdet ihr mir noch vorschlagen

Freundliche Grüße Miz

cosinus 08.04.2012 17:19
Ohne die Logs von Malwarebytes und Co wird das hier nichts. :glaskugel:
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Miz 08.04.2012 18:05
ok dann poste ich mal anti vire log

Code:

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 06. April 2012  15:14

Es wird nach 3596409 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Avira AntiVir Personal - Free Antivirus
Seriennummer  : 0000149996-ADJIE-0000001
Plattform      : Windows 7 x64
Windowsversion : (plain)  [6.1.7600]
Boot Modus    : Normal gebootet
Benutzername  : SYSTEM
Computername  : MIZ-PC

Versionsinformationen:
BUILD.DAT      : 12.0.0.898    41963 Bytes  31.01.2012 13:51:00
AVSCAN.EXE    : 12.1.0.20    492496 Bytes  15.02.2012 20:01:35
AVSCAN.DLL    : 12.1.0.18      65744 Bytes  15.02.2012 20:01:32
LUKE.DLL      : 12.1.0.19      68304 Bytes  15.02.2012 20:01:36
AVSCPLR.DLL    : 12.1.0.22    100048 Bytes  31.01.2012 06:55:52
AVREG.DLL      : 12.1.0.36    229128 Bytes  05.04.2012 19:29:05
VBASE000.VDF  : 7.10.0.0    19875328 Bytes  06.11.2009 18:18:34
VBASE001.VDF  : 7.11.0.0    13342208 Bytes  14.12.2010 09:07:39
VBASE002.VDF  : 7.11.19.170 14374912 Bytes  20.12.2011 15:56:25
VBASE003.VDF  : 7.11.21.238  4472832 Bytes  01.02.2012 03:20:30
VBASE004.VDF  : 7.11.26.44  4329472 Bytes  28.03.2012 03:20:42
VBASE005.VDF  : 7.11.26.45      2048 Bytes  28.03.2012 03:20:42
VBASE006.VDF  : 7.11.26.46      2048 Bytes  28.03.2012 03:20:42
VBASE007.VDF  : 7.11.26.47      2048 Bytes  28.03.2012 03:20:42
VBASE008.VDF  : 7.11.26.48      2048 Bytes  28.03.2012 03:20:43
VBASE009.VDF  : 7.11.26.49      2048 Bytes  28.03.2012 03:20:43
VBASE010.VDF  : 7.11.26.50      2048 Bytes  28.03.2012 03:20:43
VBASE011.VDF  : 7.11.26.51      2048 Bytes  28.03.2012 03:20:43
VBASE012.VDF  : 7.11.26.52      2048 Bytes  28.03.2012 03:20:43
VBASE013.VDF  : 7.11.26.53      2048 Bytes  28.03.2012 03:20:43
VBASE014.VDF  : 7.11.26.107  221696 Bytes  30.03.2012 03:20:43
VBASE015.VDF  : 7.11.26.179  224768 Bytes  02.04.2012 03:20:44
VBASE016.VDF  : 7.11.26.241  142336 Bytes  04.04.2012 03:20:44
VBASE017.VDF  : 7.11.26.242    2048 Bytes  04.04.2012 03:20:44
VBASE018.VDF  : 7.11.26.243    2048 Bytes  04.04.2012 03:20:44
VBASE019.VDF  : 7.11.26.244    2048 Bytes  04.04.2012 03:20:44
VBASE020.VDF  : 7.11.26.245    2048 Bytes  04.04.2012 03:20:45
VBASE021.VDF  : 7.11.26.246    2048 Bytes  04.04.2012 03:20:45
VBASE022.VDF  : 7.11.26.247    2048 Bytes  04.04.2012 03:20:45
VBASE023.VDF  : 7.11.26.248    2048 Bytes  04.04.2012 03:20:45
VBASE024.VDF  : 7.11.26.249    2048 Bytes  04.04.2012 03:20:45
VBASE025.VDF  : 7.11.26.250    2048 Bytes  04.04.2012 03:20:45
VBASE026.VDF  : 7.11.26.251    2048 Bytes  04.04.2012 03:20:45
VBASE027.VDF  : 7.11.26.252    2048 Bytes  04.04.2012 03:20:45
VBASE028.VDF  : 7.11.26.253    2048 Bytes  04.04.2012 03:20:45
VBASE029.VDF  : 7.11.26.254    2048 Bytes  04.04.2012 03:20:45
VBASE030.VDF  : 7.11.26.255    2048 Bytes  04.04.2012 03:20:45
VBASE031.VDF  : 7.11.27.28    181248 Bytes  05.04.2012 19:29:04
Engineversion  : 8.2.10.38
AEVDF.DLL      : 8.1.2.2      106868 Bytes  25.10.2011 13:46:57
AESCRIPT.DLL  : 8.1.4.16      446842 Bytes  05.04.2012 03:20:55
AESCN.DLL      : 8.1.8.2      131444 Bytes  05.04.2012 03:20:54
AESBX.DLL      : 8.2.5.5      606579 Bytes  05.04.2012 03:20:55
AERDL.DLL      : 8.1.9.15      639348 Bytes  08.09.2011 21:16:06
AEPACK.DLL    : 8.2.16.9      807287 Bytes  05.04.2012 03:20:54
AEOFFICE.DLL  : 8.1.2.27      201082 Bytes  05.04.2012 03:20:53
AEHEUR.DLL    : 8.1.4.12    4604278 Bytes  05.04.2012 03:20:52
AEHELP.DLL    : 8.1.19.1      254327 Bytes  05.04.2012 03:20:47
AEGEN.DLL      : 8.1.5.23      409973 Bytes  05.04.2012 03:20:46
AEEXP.DLL      : 8.1.0.28      82292 Bytes  05.04.2012 03:20:56
AEEMU.DLL      : 8.1.3.0      393589 Bytes  01.09.2011 21:46:01
AECORE.DLL    : 8.1.25.6      201078 Bytes  05.04.2012 03:20:46
AEBB.DLL      : 8.1.1.0        53618 Bytes  01.09.2011 21:46:01
AVWINLL.DLL    : 12.1.0.17      27344 Bytes  11.10.2011 12:59:41
AVPREF.DLL    : 12.1.0.17      51920 Bytes  11.10.2011 12:59:38
AVREP.DLL      : 12.1.0.17    179408 Bytes  11.10.2011 12:59:38
AVARKT.DLL    : 12.1.0.23    209360 Bytes  15.02.2012 20:01:32
AVEVTLOG.DLL  : 12.1.0.17    169168 Bytes  11.10.2011 12:59:37
SQLITE3.DLL    : 3.7.0.0      398288 Bytes  11.10.2011 12:59:51
AVSMTP.DLL    : 12.1.0.17      62928 Bytes  11.10.2011 12:59:39
NETNT.DLL      : 12.1.0.17      17104 Bytes  11.10.2011 12:59:47
RCIMAGE.DLL    : 12.1.0.17    4447952 Bytes  11.10.2011 13:00:00
RCTEXT.DLL    : 12.1.0.16      98512 Bytes  11.10.2011 13:00:00

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 06. April 2012  15:14

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'Q:\'
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'plugin-container.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUPBackground.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSCKbdHk.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'MovieColorEnhancer.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySpeedUpManager.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'Media+Player10Serv.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'WCScheduler.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'WifiManager.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmhkcore.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'YCMMirage.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesPDLR.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMB.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.EXE' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '42' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '691' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\Miz\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\5852c9e0-7f4b70dc
  [0] Archivtyp: ZIP
  --> ba/bb.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/JAVA.Loader.Gen
  --> ba/T.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507
Beginne mit der Suche in 'D:\'
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert

Beginne mit der Desinfektion:
C:\Users\Miz\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\5852c9e0-7f4b70dc
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '48b4a6e8.qua' verschoben!


Ende des Suchlaufs: Freitag, 06. April 2012  17:03
Benötigte Zeit:  1:48:46 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  39874 Verzeichnisse wurden überprüft
 1732472 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 1732470 Dateien ohne Befall
  8860 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
 731763 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden

hab den malware log gefunden

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.06.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Miz :: MIZ-PC [Administrator]

06.04.2012 17:10:34
mbam-log-2012-04-06 (17-10-34).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 417769
Laufzeit: 1 Stunde(n), 38 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Miz\Downloads\SoftonicDownloader_fuer_battlefield-2.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Miz\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
ich hoffe du meinst das damit

danke im voraus

cosinus 08.04.2012 18:23
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Zitat:
C:\Users\Miz\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

Miz 08.04.2012 21:26
puhh...

also ich hab nur solche logs...

von malwarebyte

Code:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8218

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.11.2011 19:15:40
mbam-log-2011-11-22 (19-15-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|)
Durchsuchte Objekte: 348588
Laufzeit: 50 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
c:\systemdrivers\winlogon.exe (Worm.BlackShades) -> 3308 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SystemDrivers (Worm.BlackShades) -> Value: SystemDrivers -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\systemdrivers\winlogon.exe (Worm.BlackShades) -> Quarantined and deleted successfully.
c:\program files (x86)\Ebner\steig ein! 9.8\media\imotorrad.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\program files (x86)\Ebner\steig ein! 9.8\media\iprotokoll.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Miz\AppData\Local\Temp\dclogs\2011-11-21-2.dc (Stolen.Data) -> Quarantined and deleted successfully.
c:\Users\Miz\AppData\Local\Temp\dclogs\2011-11-22-3.dc (Stolen.Data) -> Quarantined and deleted successfully.
Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.04.10

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Miz :: MIZ-PC [Administrator]

05.04.2012 03:13:38
mbam-log-2012-04-05 (03-13-38).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 38626
Laufzeit: 5 Minute(n), 51 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.04.10

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Miz :: MIZ-PC [limitiert]

Schutz: Aktiviert

05.04.2012 04:25:10
mbam-log-2012-04-05 (04-25-10).txt

Art des Suchlaufs: Benutzerdefinierter Suchlauf
Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P
Durchsuchte Objekte: 216
Laufzeit: 1 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

und halt die aktuellste die ich schon gepostet hab

dazu sollte vielleicht erwähnt werden das ih eine freeware version von malwarebyte habe..


Freundliche Grüße

PS: und werde nichts mehr von softonic laden

hab eigentlich eh über chip.de geladen aber es hat mich zu softonic weitergeleitet

cosinus 08.04.2012 21:52
Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Miz 09.04.2012 03:33
ok hier ziemlich spät aber dennoch

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=96e600cb5f19ca46bb83883505c95a0a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-09 02:23:05
# local_time=2012-04-09 04:23:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 14881144 14881144 0 0
# compatibility_mode=3588 16777214 85 80 11051 57504242 0 0
# compatibility_mode=5893 16776574 100 94 122819 85556797 0 0
# compatibility_mode=8192 67108863 100 0 170 170 0 0
# scanned=232877
# found=0
# cleaned=0
# scan_time=11238

cosinus 09.04.2012 16:14
Auch da keine Funde

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Miz 09.04.2012 20:18
also der normale modus geht aber ab und an gibt es ganz kurz leichte ruckler

und ich vermisse kein programm aber es kommt immer so ein samsung menü das programme fehlen die aber da sind ich instaliere diese auch und dann kommt aber die programme sind schon installier kann ein fehler sein


sollte ich den laptop neu aufsetzen?

cosinus 09.04.2012 21:45
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Miz 10.04.2012 02:01
ok. hier is der log


Code:
OTL logfile created on: 4/10/2012 2:09:35 AM - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Users\Miz\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.98 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.99% Memory free
7.96 Gb Paging File | 5.80 Gb Available in Paging File | 72.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 177.00 Gb Total Space | 42.47 Gb Free Space | 24.00% Space Free | Partition Type: NTFS
Drive D: | 265.31 Gb Total Space | 156.84 Gb Free Space | 59.12% Space Free | Partition Type: NTFS
 
Computer Name: MIZ-PC | User Name: Miz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/04/10 02:05:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Miz\Downloads\OTL.exe
PRC - [2012/03/13 06:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Miz\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/03/01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/15 20:27:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/04 08:07:40 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/12/20 15:52:04 | 002,783,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2011/10/11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/04/17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011/02/25 03:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/14 12:15:38 | 004,394,576 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011/02/07 11:55:24 | 001,757,264 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2011/01/04 15:06:42 | 007,060,560 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
PRC - [2010/12/23 08:07:58 | 000,945,232 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/12/21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/29 07:42:38 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
PRC - [2010/11/10 01:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/09/20 05:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/11/02 07:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/03/09 08:17:39 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\888be382c48887c830026806a9587e31\System.Management.ni.dll
MOD - [2012/03/09 08:16:17 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1378a1c9290882206f4d5a6561bfc5d7\System.Runtime.Remoting.ni.dll
MOD - [2012/03/09 08:16:09 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a07e3882af9ea368a54742fc19c86662\System.Xaml.ni.dll
MOD - [2012/03/08 07:40:52 | 018,019,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\54713c242f2029a417259a10b673873f\PresentationFramework.ni.dll
MOD - [2012/03/08 07:40:40 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f7283ec1c4b47c6b21777626a76d6611\System.Windows.Forms.ni.dll
MOD - [2012/03/08 07:40:38 | 011,469,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b761a3b6e5c751993ff65aafd7fe42b8\PresentationCore.ni.dll
MOD - [2012/03/08 07:40:30 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\22d54437cf1de9478f5c2c23f07eb9d6\System.Core.ni.dll
MOD - [2012/03/08 07:40:28 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b798dff0ec58f4c76d96bb656d8d04bd\System.Drawing.ni.dll
MOD - [2012/03/08 07:40:26 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\eaeaf5f980c23f6075820513748695d9\PresentationFramework.Aero.ni.dll
MOD - [2012/03/08 07:40:25 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\1084708d3872b8e64f7ec88145298b2d\System.Xml.ni.dll
MOD - [2012/03/08 07:40:23 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3ed9c2f173958ae6663134d302cc4f62\WindowsBase.ni.dll
MOD - [2012/03/08 07:40:18 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff7c4aa829c327b186ef85cff3289bdf\System.ni.dll
MOD - [2012/03/08 07:40:12 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\90842cf922c71c82718ba71d5801c30c\mscorlib.ni.dll
MOD - [2012/01/09 14:52:12 | 000,115,137 | ---- | M] () -- C:\Users\Miz\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll
MOD - [2012/01/04 08:07:40 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2010/07/05 12:42:58 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
MOD - [2010/05/07 16:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/02 07:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 07:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/02/08 01:41:16 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/09/22 11:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 21:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/04/01 11:59:40 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/28 17:31:29 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/03/01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/15 20:27:05 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe -- (NIS)
SRV - [2011/03/01 14:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 03:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/04/08 20:47:45 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/02/15 22:01:36 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/01/17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/11/21 15:50:33 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/10/27 03:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/10/27 03:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 03:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/10/27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/10/27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/10/11 15:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/10/11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/08/01 15:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/07/08 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 21:13:12 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/02/08 21:13:10 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/02/08 21:13:10 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/02/08 21:13:10 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/02/08 21:13:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/01/27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 07:35:26 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/11/13 00:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/10 01:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/07 04:59:00 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2010/09/13 11:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/29 02:23:08 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/04/08 16:37:01 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120409.001\EX64.SYS -- (NAVEX15)
DRV - [2012/04/08 16:37:01 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/04/08 16:37:01 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/04/08 16:37:01 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120409.001\ENG64.SYS -- (NAVENG)
DRV - [2012/04/06 12:43:04 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120406.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/03/17 02:15:00 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120317.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/08/06 10:51:38 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local>
 
 
========== FireFox ==========
 
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=2&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012/04/09 16:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2012/04/08 20:47:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/18 03:00:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/24 12:23:22 | 000,000,000 | ---D | M]
 
[2011/10/19 19:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\mozilla\Extensions
[2012/03/08 17:38:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions
[2012/03/08 17:38:33 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
[2012/02/28 05:30:20 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/02/28 05:30:23 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/03/24 12:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/03/24 12:23:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MIZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3WH2JLWS.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MIZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3WH2JLWS.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012/03/18 03:00:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/24 12:23:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/12 18:54:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/12 18:54:39 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/12 18:54:39 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/12 18:54:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/12 18:54:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/12 18:54:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1000..\Run: [Akamai NetSession Interface] C:\Users\Miz\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E420E3BF-C2A1-4233-BA32-746E24431A49}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\SystemDrivers\winlogon.exe) -  File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\SystemDrivers\winlogon.exe) -  File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\Shell - "" = AutoRun
O33 - MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: KiesHelper - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= -  File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 9.0
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 9.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/04/09 16:40:29 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symefa64.sys
[2012/04/09 16:40:29 | 000,386,168 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symnets.sys
[2012/04/09 16:40:28 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtsp64.sys
[2012/04/09 16:40:28 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symds64.sys
[2012/04/09 16:40:28 | 000,171,128 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\ironx64.sys
[2012/04/09 16:40:28 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtspx64.sys
[2012/04/09 16:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1207000.00D
[2012/04/09 01:12:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/08 20:47:41 | 000,386,168 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys
[2012/04/08 20:47:40 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys
[2012/04/08 20:47:40 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys
[2012/04/08 20:47:40 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys
[2012/04/08 20:47:40 | 000,171,128 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys
[2012/04/08 20:47:40 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys
[2012/04/08 20:47:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D
[2012/04/08 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/04/07 15:03:42 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/04/07 15:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/04/07 15:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/04/07 15:02:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2012/04/07 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/04/07 15:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/04/07 15:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/04/07 15:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/04/07 14:58:05 | 005,047,080 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2012/04/06 22:38:01 | 000,252,712 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\ETDUninst.dll
[2012/04/05 05:33:15 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/05 05:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/04/05 05:32:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/04/05 05:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/04/05 03:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/05 03:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/24 12:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/03/24 12:36:06 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/03/24 12:36:06 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/03/24 12:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/24 12:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/24 12:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/14 20:45:14 | 000,000,000 | ---D | C] -- C:\Users\Miz\Documents\My Games
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/04/10 01:59:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/10 01:30:44 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/04/10 01:30:44 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/04/10 01:30:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/04/09 16:25:56 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/09 16:25:56 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/09 16:23:01 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/09 16:23:01 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/04/09 16:23:01 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/09 16:23:01 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/04/09 16:23:01 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/09 16:18:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/09 16:17:53 | 4273,520,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/09 16:17:50 | 001,814,186 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2012/04/08 20:47:45 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/04/08 20:47:45 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/04/08 20:47:45 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/04/07 15:07:52 | 000,003,804 | ---- | M] () -- C:\Windows\HotFixList.ini
[2012/04/07 15:05:51 | 000,345,600 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Windows\SetLCDStretchMode.exe
[2012/04/07 15:05:00 | 000,407,040 | ---- | M] (Samsung Electronics) -- C:\Windows\HotfixChecker.exe
[2012/04/07 14:58:06 | 005,047,080 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2012/04/06 17:09:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/05 05:32:50 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/04/05 05:19:41 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/03/27 07:07:11 | 000,006,073 | ---- | M] () -- C:\Users\Miz\Desktop\Mirza Hausic.odt
[2012/03/26 18:44:25 | 000,044,648 | ---- | M] () -- C:\Users\Miz\Desktop\427850_370841519626129_100001008514158_976319_1290925932_n.jpg
[2012/03/25 17:26:25 | 000,057,423 | ---- | M] () -- C:\Users\Miz\Desktop\542975_328414060551902_100001499326767_930872_723551137_n.jpg
[2012/03/14 13:05:11 | 000,426,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/14 12:55:51 | 000,000,494 | ---- | M] () -- C:\Users\Miz\Desktop\Lokaler Datenträger (D) - Verknüpfung.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/04/09 16:40:29 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symefa64.cat
[2012/04/09 16:40:29 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symnet64.cat
[2012/04/09 16:40:29 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symefa.inf
[2012/04/09 16:40:29 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symnet.inf
[2012/04/09 16:40:28 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\iron.cat
[2012/04/09 16:40:28 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtspx64.cat
[2012/04/09 16:40:28 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtsp64.cat
[2012/04/09 16:40:28 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symds.inf
[2012/04/09 16:40:28 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtsp64.inf
[2012/04/09 16:40:28 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\srtspx64.inf
[2012/04/09 16:40:28 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\iron.inf
[2012/04/09 16:40:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\symds64.cat
[2012/04/09 16:40:10 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1207000.00D\isolate.ini
[2012/04/09 16:17:04 | 001,814,186 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2012/04/08 20:47:41 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnet64.cat
[2012/04/08 20:47:41 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnet.inf
[2012/04/08 20:47:40 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\iron.cat
[2012/04/08 20:47:40 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.cat
[2012/04/08 20:47:40 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.cat
[2012/04/08 20:47:40 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.cat
[2012/04/08 20:47:40 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa.inf
[2012/04/08 20:47:40 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds.inf
[2012/04/08 20:47:40 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.inf
[2012/04/08 20:47:40 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.inf
[2012/04/08 20:47:40 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\iron.inf
[2012/04/08 20:47:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.cat
[2012/04/08 20:47:19 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\isolate.ini
[2012/04/07 15:03:42 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/04/07 15:03:42 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/04/06 17:09:23 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/05 05:32:50 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/04/01 11:39:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/26 18:44:13 | 000,044,648 | ---- | C] () -- C:\Users\Miz\Desktop\427850_370841519626129_100001008514158_976319_1290925932_n.jpg
[2012/03/25 17:26:20 | 000,057,423 | ---- | C] () -- C:\Users\Miz\Desktop\542975_328414060551902_100001499326767_930872_723551137_n.jpg
[2012/03/24 12:36:03 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/03/14 12:55:51 | 000,000,494 | ---- | C] () -- C:\Users\Miz\Desktop\Lokaler Datenträger (D) - Verknüpfung.lnk
[2012/03/06 14:36:44 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/19 20:15:32 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/19 20:15:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/31 12:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/10/31 12:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 12:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 12:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 12:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/10/19 19:19:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/18 07:36:45 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2011/03/18 02:56:15 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2011/03/18 01:22:43 | 000,003,804 | ---- | C] () -- C:\Windows\HotFixList.ini
[2011/03/18 01:10:01 | 000,142,128 | ---- | C] () -- C:\Windows\wiainst64.exe
 
========== LOP Check ==========
 
[2012/04/05 05:35:31 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\BitTorrent
[2012/04/05 05:35:33 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DAEMON Tools Lite
[2011/12/18 14:04:58 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Dev-Cpp
[2012/02/27 02:20:03 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DVDVideoSoft
[2012/01/30 20:57:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/10/19 20:29:41 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Ebner
[2011/10/20 20:03:27 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\LolClient
[2012/01/19 19:16:25 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Origin
[2011/11/15 07:50:21 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Samsung
[2012/03/27 07:07:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\SoftGrid Client
[2011/11/17 07:19:44 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Temp
[2011/11/12 11:19:51 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Thinstall
[2012/03/06 14:45:53 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TP
[2012/04/05 05:35:31 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TS3Client
[2011/11/22 18:49:19 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TuneUp Software
[2012/02/10 06:58:26 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/11/03 22:58:04 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Adobe
[2012/01/30 21:00:10 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Apple Computer
[2011/10/19 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Avira
[2012/04/05 05:35:31 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\BitTorrent
[2011/11/08 15:44:48 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\CyberLink
[2012/04/05 05:35:33 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DAEMON Tools Lite
[2011/12/18 14:04:58 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Dev-Cpp
[2012/02/27 02:20:03 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DVDVideoSoft
[2012/01/30 20:57:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/10/19 20:29:41 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Ebner
[2011/10/20 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Identities
[2011/10/20 20:03:27 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\LolClient
[2011/10/19 19:14:49 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Macromedia
[2011/11/22 18:46:03 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Malwarebytes
[2011/03/18 07:57:00 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Media Center Programs
[2012/01/30 21:01:32 | 000,000,000 | --SD | M] -- C:\Users\Miz\AppData\Roaming\Microsoft
[2011/10/19 19:18:02 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Mozilla
[2012/01/19 19:16:25 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Origin
[2011/11/15 07:50:21 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Samsung
[2012/04/10 02:08:36 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Skype
[2011/12/05 22:29:57 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\skypePM
[2012/03/27 07:07:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\SoftGrid Client
[2011/11/17 07:19:44 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Temp
[2011/11/12 11:19:51 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Thinstall
[2012/03/06 14:45:53 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TP
[2012/04/05 05:35:31 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TS3Client
[2011/11/22 18:49:19 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TuneUp Software
[2011/10/19 20:12:38 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012/01/09 14:46:28 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe
[2011/11/02 17:51:52 | 000,928,656 | ---- | M] (Samsung) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011/11/02 17:51:56 | 000,278,928 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011/10/31 12:24:38 | 000,292,864 | ---- | M] (Samsung) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2011/11/02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011/10/31 12:23:28 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011/10/31 12:23:28 | 000,690,688 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011/10/31 12:23:28 | 000,110,080 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ErrorReport.exe
[2011/11/02 17:51:58 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011/10/31 12:23:12 | 000,106,408 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011/10/31 12:23:12 | 000,101,288 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011/11/02 17:52:04 | 000,131,984 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011/11/02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011/11/02 17:52:08 | 003,571,576 | ---- | M] (Freeware) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011/10/31 12:22:30 | 024,114,392 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011/11/02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/01/04 08:07:42 | 000,371,088 | ---- | M] (ml) -- C:\Users\Miz\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008/06/06 07:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2010/09/13 11:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/09/13 11:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/05/12 10:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010/05/12 10:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010/05/12 10:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010/05/12 10:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >

cosinus 10.04.2012 11:59
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local>
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=2&q="
[2012/03/08 17:38:33 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
[2012/02/28 05:30:20 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-336442205-827502387-1674173946-1000\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-336442205-827502387-1674173946-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O20:64bit: - HKLM Winlogon: UserInit - (C:\SystemDrivers\winlogon.exe) -  File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\SystemDrivers\winlogon.exe) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\Shell - "" = AutoRun
O33 - MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\Shell\AutoRun\command - "" = H:\SETUP.EXE
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Miz 10.04.2012 14:44
Code:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=2&q=" removed from keyword.URL
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\searchplugin folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\modules folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\META-INF folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\defaults folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\components folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\chrome folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Miz\AppData\Roaming\mozilla\Firefox\Profiles\3wh2jlws.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\ deleted successfully.
C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\ not found.
File C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-336442205-827502387-1674173946-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4}\ not found.
File C:\Program Files (x86)\BittorrentBar_DE\prxtbBitt.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-336442205-827502387-1674173946-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\SystemDrivers\winlogon.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\SystemDrivers\winlogon.exe deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{630d3626-1443-11e1-8de1-b4749ffcf59b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{630d3626-1443-11e1-8de1-b4749ffcf59b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{630d3626-1443-11e1-8de1-b4749ffcf59b}\ not found.
File H:\SETUP.EXE not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Miz
->Temp folder emptied: 33631413 bytes
->Temporary Internet Files folder emptied: 14773803 bytes
->Java cache emptied: 391621 bytes
->FireFox cache emptied: 868752409 bytes
->Flash cache emptied: 9913 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1562227 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 877.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Miz
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04102012_153532

Files\Folders moved on Reboot...
C:\Users\Miz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus 10.04.2012 15:21
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Miz 11.04.2012 16:45
Code:
17:40:20.0831 5220        TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
17:40:21.0294 5220        ============================================================
17:40:21.0294 5220        Current date / time: 2012/04/11 17:40:21.0294
17:40:21.0294 5220        SystemInfo:
17:40:21.0294 5220       
17:40:21.0294 5220        OS Version: 6.1.7600 ServicePack: 0.0
17:40:21.0294 5220        Product type: Workstation
17:40:21.0294 5220        ComputerName: MIZ-PC
17:40:21.0294 5220        UserName: Miz
17:40:21.0294 5220        Windows directory: C:\Windows
17:40:21.0294 5220        System windows directory: C:\Windows
17:40:21.0294 5220        Running under WOW64
17:40:21.0294 5220        Processor architecture: Intel x64
17:40:21.0294 5220        Number of processors: 4
17:40:21.0294 5220        Page size: 0x1000
17:40:21.0294 5220        Boot type: Normal boot
17:40:21.0294 5220        ============================================================
17:40:21.0762 5220        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:21.0775 5220        \Device\Harddisk0\DR0:
17:40:21.0775 5220        MBR used
17:40:21.0775 5220        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:40:21.0775 5220        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16200000
17:40:21.0799 5220        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16233000, BlocksNum 0x212A0800
17:40:21.0890 5220        Initialize success
17:40:21.0890 5220        ============================================================
17:40:54.0964 1836        =========================================================
17:42:11.0496 6816        Scan started
17:42:11.0496 6816        Mode: Manual; SigCheck; TDLFS;
17:42:11.0496 6816        ============================================================
17:42:11.0642 6816        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:42:11.0794 6816        1394ohci - ok
17:42:11.0820 6816        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:42:11.0836 6816        ACPI - ok
17:42:11.0861 6816        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:42:11.0928 6816        AcpiPmi - ok
17:42:12.0056 6816        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:42:12.0072 6816        AdobeFlashPlayerUpdateSvc - ok
17:42:12.0200 6816        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:42:12.0217 6816        adp94xx - ok
17:42:12.0311 6816        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:42:12.0327 6816        adpahci - ok
17:42:12.0356 6816        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:42:12.0374 6816        adpu320 - ok
17:42:12.0413 6816        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:42:12.0553 6816        AeLookupSvc - ok
17:42:12.0665 6816        AFD            (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:42:12.0704 6816        AFD - ok
17:42:12.0743 6816        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:42:12.0754 6816        agp440 - ok
17:42:12.0907 6816        Akamai          (1125c7d9fb8898015829c387c1bc87c7) c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll
17:42:12.0907 6816        Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
17:42:12.0912 6816        Akamai ( HiddenFile.Multi.Generic ) - warning
17:42:12.0912 6816        Akamai - detected HiddenFile.Multi.Generic (1)
17:42:12.0991 6816        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:42:13.0060 6816        ALG - ok
17:42:13.0132 6816        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:42:13.0156 6816        aliide - ok
17:42:13.0187 6816        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:42:13.0198 6816        amdide - ok
17:42:13.0225 6816        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:42:13.0265 6816        AmdK8 - ok
17:42:13.0287 6816        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:42:13.0302 6816        AmdPPM - ok
17:42:13.0352 6816        amdsata        (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:42:13.0363 6816        amdsata - ok
17:42:13.0389 6816        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:42:13.0401 6816        amdsbs - ok
17:42:13.0427 6816        amdxata        (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:42:13.0436 6816        amdxata - ok
17:42:13.0519 6816        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:42:13.0545 6816        AntiVirSchedulerService - ok
17:42:13.0571 6816        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:42:13.0583 6816        AntiVirService - ok
17:42:13.0601 6816        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:42:13.0695 6816        AppID - ok
17:42:13.0729 6816        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:42:13.0791 6816        AppIDSvc - ok
17:42:13.0819 6816        Appinfo        (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:42:13.0888 6816        Appinfo - ok
17:42:13.0969 6816        Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:42:13.0987 6816        Apple Mobile Device - ok
17:42:14.0046 6816        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:42:14.0070 6816        arc - ok
17:42:14.0100 6816        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:42:14.0123 6816        arcsas - ok
17:42:14.0149 6816        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:42:14.0214 6816        AsyncMac - ok
17:42:14.0234 6816        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:42:14.0243 6816        atapi - ok
17:42:14.0298 6816        AudioEndpointBuilder (4e7f607a185b2ffdcd0a60f9673c42a8) C:\Windows\System32\Audiosrv.dll
17:42:14.0367 6816        AudioEndpointBuilder - ok
17:42:14.0384 6816        AudioSrv        (4e7f607a185b2ffdcd0a60f9673c42a8) C:\Windows\System32\Audiosrv.dll
17:42:14.0405 6816        AudioSrv - ok
17:42:14.0439 6816        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
17:42:14.0476 6816        avgntflt - ok
17:42:14.0493 6816        avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
17:42:14.0503 6816        avipbb - ok
17:42:14.0527 6816        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
17:42:14.0534 6816        avkmgr - ok
17:42:14.0570 6816        AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:42:14.0659 6816        AxInstSV - ok
17:42:14.0715 6816        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:42:14.0765 6816        b06bdrv - ok
17:42:14.0797 6816        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:42:14.0815 6816        b57nd60a - ok
17:42:14.0918 6816        BBSvc          (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:42:14.0943 6816        BBSvc - ok
17:42:15.0036 6816        BCM43XX        (63dd9c990883709053dd2c427df0db6f) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:42:15.0097 6816        BCM43XX - ok
17:42:15.0178 6816        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:42:15.0248 6816        BDESVC - ok
17:42:15.0308 6816        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:42:15.0374 6816        Beep - ok
17:42:15.0410 6816        BFE            (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:42:15.0473 6816        BFE - ok
17:42:15.0675 6816        BHDrvx64        (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120402.001\BHDrvx64.sys
17:42:15.0710 6816        BHDrvx64 - ok
17:42:15.0816 6816        BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:42:15.0911 6816        BITS - ok
17:42:15.0968 6816        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:42:16.0002 6816        blbdrive - ok
17:42:16.0092 6816        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:42:16.0119 6816        Bonjour Service - ok
17:42:16.0163 6816        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:42:16.0227 6816        bowser - ok
17:42:16.0245 6816        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:42:16.0289 6816        BrFiltLo - ok
17:42:16.0328 6816        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:42:16.0410 6816        BrFiltUp - ok
17:42:16.0455 6816        Browser        (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:42:16.0498 6816        Browser - ok
17:42:16.0522 6816        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:42:16.0592 6816        Brserid - ok
17:42:16.0620 6816        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:42:16.0648 6816        BrSerWdm - ok
17:42:16.0675 6816        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:42:16.0706 6816        BrUsbMdm - ok
17:42:16.0730 6816        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:42:16.0746 6816        BrUsbSer - ok
17:42:16.0784 6816        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:42:16.0846 6816        BthEnum - ok
17:42:16.0884 6816        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:42:16.0903 6816        BTHMODEM - ok
17:42:16.0956 6816        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:42:16.0972 6816        BthPan - ok
17:42:17.0053 6816        BTHPORT        (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
17:42:17.0104 6816        BTHPORT - ok
17:42:17.0154 6816        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:42:17.0192 6816        bthserv - ok
17:42:17.0262 6816        BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
17:42:17.0308 6816        BTHUSB - ok
17:42:17.0349 6816        BTWAMPFL        (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
17:42:17.0364 6816        BTWAMPFL - ok
17:42:17.0383 6816        btwaudio        (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
17:42:17.0391 6816        btwaudio - ok
17:42:17.0426 6816        btwavdt        (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
17:42:17.0437 6816        btwavdt - ok
17:42:17.0515 6816        btwdins        (cc9dae7759ac2c0d19111c0d38ddd232) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:42:17.0546 6816        btwdins - ok
17:42:17.0624 6816        btwl2cap        (9ad0fa253ed531d39fb2d74fe12a5fa9) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:42:17.0640 6816        btwl2cap - ok
17:42:17.0671 6816        btwrchid        (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
17:42:17.0687 6816        btwrchid - ok
17:42:17.0718 6816        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:42:17.0858 6816        cdfs - ok
17:42:17.0889 6816        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:42:17.0936 6816        cdrom - ok
17:42:18.0030 6816        CertPropSvc    (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:42:18.0092 6816        CertPropSvc - ok
17:42:18.0108 6816        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:42:18.0264 6816        circlass - ok
17:42:18.0295 6816        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:42:18.0311 6816        CLFS - ok
17:42:18.0389 6816        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:18.0404 6816        clr_optimization_v2.0.50727_32 - ok
17:42:18.0451 6816        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:42:18.0467 6816        clr_optimization_v2.0.50727_64 - ok
17:42:18.0560 6816        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:18.0576 6816        clr_optimization_v4.0.30319_32 - ok
17:42:18.0638 6816        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:42:18.0654 6816        clr_optimization_v4.0.30319_64 - ok
17:42:18.0732 6816        clwvd          (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
17:42:18.0747 6816        clwvd - ok
17:42:18.0810 6816        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:18.0872 6816        CmBatt - ok
17:42:18.0903 6816        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:42:18.0903 6816        cmdide - ok
17:42:18.0997 6816        CNG            (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:42:19.0044 6816        CNG - ok
17:42:19.0059 6816        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:42:19.0075 6816        Compbatt - ok
17:42:19.0091 6816        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:42:19.0137 6816        CompositeBus - ok
17:42:19.0153 6816        COMSysApp - ok
17:42:19.0184 6816        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:42:19.0184 6816        crcdisk - ok
17:42:19.0262 6816        CryptSvc        (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
17:42:19.0325 6816        CryptSvc - ok
17:42:19.0481 6816        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:42:19.0512 6816        cvhsvc - ok
17:42:19.0621 6816        dc3d            (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
17:42:19.0699 6816        dc3d - ok
17:42:19.0746 6816        DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:42:19.0824 6816        DcomLaunch - ok
17:42:19.0855 6816        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:42:19.0902 6816        defragsvc - ok
17:42:19.0933 6816        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:42:19.0980 6816        DfsC - ok
17:42:20.0011 6816        Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:42:20.0105 6816        Dhcp - ok
17:42:20.0136 6816        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:42:20.0198 6816        discache - ok
17:42:20.0229 6816        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:42:20.0245 6816        Disk - ok
17:42:20.0292 6816        Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:42:20.0354 6816        Dnscache - ok
17:42:20.0401 6816        dot3svc        (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:42:20.0463 6816        dot3svc - ok
17:42:20.0495 6816        DPS            (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:42:20.0557 6816        DPS - ok
17:42:20.0619 6816        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:42:20.0651 6816        drmkaud - ok
17:42:20.0697 6816        dtsoftbus01    (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:42:20.0713 6816        dtsoftbus01 - ok
17:42:20.0791 6816        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:42:20.0838 6816        DXGKrnl - ok
17:42:20.0869 6816        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:42:20.0900 6816        EapHost - ok
17:42:21.0009 6816        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:42:21.0056 6816        ebdrv - ok
17:42:21.0134 6816        eeCtrl          (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:42:21.0150 6816        eeCtrl - ok
17:42:21.0243 6816        EFS            (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:42:21.0290 6816        EFS - ok
17:42:21.0384 6816        ehRecvr        (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:42:21.0446 6816        ehRecvr - ok
17:42:21.0477 6816        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:42:21.0524 6816        ehSched - ok
17:42:21.0587 6816        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:42:21.0618 6816        elxstor - ok
17:42:21.0665 6816        EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:42:21.0696 6816        EraserUtilRebootDrv - ok
17:42:21.0727 6816        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:42:21.0758 6816        ErrDev - ok
17:42:21.0805 6816        ETD            (9d8739a2a2173c9d27c499a3fc6eda3f) C:\Windows\system32\DRIVERS\ETD.sys
17:42:21.0821 6816        ETD - ok
17:42:21.0852 6816        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:42:21.0914 6816        EventSystem - ok
17:42:21.0945 6816        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:42:21.0977 6816        exfat - ok
17:42:22.0023 6816        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:42:22.0070 6816        fastfat - ok
17:42:22.0101 6816        Fax            (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:42:22.0133 6816        Fax - ok
17:42:22.0148 6816        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:42:22.0195 6816        fdc - ok
17:42:22.0226 6816        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:42:22.0273 6816        fdPHost - ok
17:42:22.0289 6816        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:42:22.0320 6816        FDResPub - ok
17:42:22.0335 6816        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:42:22.0351 6816        FileInfo - ok
17:42:22.0382 6816        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:42:22.0413 6816        Filetrace - ok
17:42:22.0445 6816        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:42:22.0460 6816        flpydisk - ok
17:42:22.0476 6816        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:42:22.0491 6816        FltMgr - ok
17:42:22.0569 6816        FontCache      (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
17:42:22.0647 6816        FontCache - ok
17:42:22.0757 6816        FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:42:22.0772 6816        FontCache3.0.0.0 - ok
17:42:22.0835 6816        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:42:22.0866 6816        FsDepends - ok
17:42:22.0881 6816        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:42:22.0897 6816        Fs_Rec - ok
17:42:22.0944 6816        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:42:22.0975 6816        fvevol - ok
17:42:22.0991 6816        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:42:23.0006 6816        gagp30kx - ok
17:42:23.0069 6816        GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
17:42:23.0100 6816        GameConsoleService - ok
17:42:23.0131 6816        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:42:23.0147 6816        GEARAspiWDM - ok
17:42:23.0178 6816        gpsvc          (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:42:23.0240 6816        gpsvc - ok
17:42:23.0287 6816        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:42:23.0318 6816        hcw85cir - ok
17:42:23.0349 6816        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:42:23.0381 6816        HdAudAddService - ok
17:42:23.0396 6816        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:42:23.0412 6816        HDAudBus - ok
17:42:23.0427 6816        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:42:23.0474 6816        HidBatt - ok
17:42:23.0505 6816        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:42:23.0537 6816        HidBth - ok
17:42:23.0552 6816        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:42:23.0583 6816        HidIr - ok
17:42:23.0615 6816        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:42:23.0646 6816        hidserv - ok
17:42:23.0677 6816        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:42:23.0677 6816        HidUsb - ok
17:42:23.0724 6816        hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:42:23.0755 6816        hkmsvc - ok
17:42:23.0771 6816        HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:42:23.0817 6816        HomeGroupListener - ok
17:42:23.0849 6816        HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:42:23.0880 6816        HomeGroupProvider - ok
17:42:23.0927 6816        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:42:23.0958 6816        HpSAMD - ok
17:42:23.0989 6816        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:42:24.0036 6816        HTTP - ok
17:42:24.0067 6816        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:42:24.0067 6816        hwpolicy - ok
17:42:24.0098 6816        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:42:24.0098 6816        i8042prt - ok
17:42:24.0145 6816        iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
17:42:24.0161 6816        iaStor - ok
17:42:24.0192 6816        iaStorV        (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:42:24.0207 6816        iaStorV - ok
17:42:24.0285 6816        idsvc          (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:42:24.0332 6816        idsvc - ok
17:42:24.0504 6816        IDSVia64        (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120410.002\IDSvia64.sys
17:42:24.0535 6816        IDSVia64 - ok
17:42:24.0722 6816        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:42:24.0816 6816        igfx - ok
17:42:24.0909 6816        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:42:24.0925 6816        iirsp - ok
17:42:24.0987 6816        IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:42:25.0065 6816        IKEEXT - ok
17:42:25.0175 6816        IntcAzAudAddService (404561d4ee0cae109379a40247046b03) C:\Windows\system32\drivers\RTKVHD64.sys
17:42:25.0221 6816        IntcAzAudAddService - ok
17:42:25.0315 6816        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:42:25.0331 6816        intelide - ok
17:42:25.0346 6816        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:42:25.0377 6816        intelppm - ok
17:42:25.0424 6816        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:42:25.0502 6816        IPBusEnum - ok
17:42:25.0533 6816        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:42:25.0565 6816        IpFilterDriver - ok
17:42:25.0596 6816        iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:42:25.0643 6816        iphlpsvc - ok
17:42:25.0658 6816        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:42:25.0674 6816        IPMIDRV - ok
17:42:25.0689 6816        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:42:25.0752 6816        IPNAT - ok
17:42:25.0861 6816        iPod Service    (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
17:42:25.0892 6816        iPod Service - ok
17:42:25.0970 6816        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:42:26.0079 6816        IRENUM - ok
17:42:26.0111 6816        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:42:26.0126 6816        isapnp - ok
17:42:26.0142 6816        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:42:26.0173 6816        iScsiPrt - ok
17:42:26.0189 6816        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:42:26.0204 6816        kbdclass - ok
17:42:26.0220 6816        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:42:26.0235 6816        kbdhid - ok
17:42:26.0282 6816        KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:42:26.0313 6816        KeyIso - ok
17:42:26.0345 6816        KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:42:26.0360 6816        KSecDD - ok
17:42:26.0391 6816        KSecPkg        (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:42:26.0391 6816        KSecPkg - ok
17:42:26.0423 6816        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:42:26.0485 6816        ksthunk - ok
17:42:26.0563 6816        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:42:26.0641 6816        KtmRm - ok
17:42:26.0672 6816        LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:42:26.0703 6816        LanmanServer - ok
17:42:26.0735 6816        LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:42:26.0797 6816        LanmanWorkstation - ok
17:42:26.0906 6816        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:42:26.0969 6816        lltdio - ok
17:42:27.0000 6816        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:42:27.0140 6816        lltdsvc - ok
17:42:27.0156 6816        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:42:27.0296 6816        lmhosts - ok
17:42:27.0437 6816        LMS            (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:42:27.0452 6816        LMS - ok
17:42:27.0499 6816        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:42:27.0515 6816        LSI_FC - ok
17:42:27.0530 6816        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:42:27.0546 6816        LSI_SAS - ok
17:42:27.0561 6816        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:42:27.0577 6816        LSI_SAS2 - ok
17:42:27.0593 6816        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:42:27.0608 6816        LSI_SCSI - ok
17:42:27.0624 6816        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:42:27.0702 6816        luafv - ok
17:42:27.0717 6816        MBAMProtector  (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
17:42:27.0733 6816        MBAMProtector - ok
17:42:27.0811 6816        MBAMService    (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:42:27.0842 6816        MBAMService - ok
17:42:27.0920 6816        Mcx2Svc        (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:42:27.0967 6816        Mcx2Svc - ok
17:42:28.0014 6816        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:42:28.0029 6816        megasas - ok
17:42:28.0061 6816        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:42:28.0076 6816        MegaSR - ok
17:42:28.0107 6816        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:42:28.0123 6816        MEIx64 - ok
17:42:28.0154 6816        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:42:28.0217 6816        MMCSS - ok
17:42:28.0232 6816        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:42:28.0295 6816        Modem - ok
17:42:28.0326 6816        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:42:28.0341 6816        monitor - ok
17:42:28.0357 6816        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:42:28.0373 6816        mouclass - ok
17:42:28.0388 6816        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:42:28.0404 6816        mouhid - ok
17:42:28.0435 6816        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:42:28.0451 6816        mountmgr - ok
17:42:28.0482 6816        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:42:28.0482 6816        mpio - ok
17:42:28.0513 6816        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:42:28.0544 6816        mpsdrv - ok
17:42:28.0591 6816        MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:42:28.0700 6816        MpsSvc - ok
17:42:28.0716 6816        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:42:28.0731 6816        MRxDAV - ok
17:42:28.0763 6816        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:28.0794 6816        mrxsmb - ok
17:42:28.0825 6816        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:28.0856 6816        mrxsmb10 - ok
17:42:28.0872 6816        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:28.0919 6816        mrxsmb20 - ok
17:42:28.0950 6816        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:42:28.0965 6816        msahci - ok
17:42:28.0997 6816        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:42:29.0012 6816        msdsm - ok
17:42:29.0043 6816        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:42:29.0075 6816        MSDTC - ok
17:42:29.0106 6816        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:42:29.0137 6816        Msfs - ok
17:42:29.0168 6816        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:42:29.0199 6816        mshidkmdf - ok
17:42:29.0231 6816        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:42:29.0246 6816        msisadrv - ok
17:42:29.0277 6816        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:42:29.0324 6816        MSiSCSI - ok
17:42:29.0324 6816        msiserver - ok
17:42:29.0355 6816        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:42:29.0402 6816        MSKSSRV - ok
17:42:29.0449 6816        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:29.0480 6816        MSPCLOCK - ok
17:42:29.0496 6816        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:42:29.0543 6816        MSPQM - ok
17:42:29.0574 6816        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:42:29.0589 6816        MsRPC - ok
17:42:29.0605 6816        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:42:29.0621 6816        mssmbios - ok
17:42:29.0636 6816        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:42:29.0667 6816        MSTEE - ok
17:42:29.0699 6816        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:42:29.0730 6816        MTConfig - ok
17:42:29.0745 6816        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:42:29.0761 6816        Mup - ok
17:42:29.0792 6816        napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:42:29.0870 6816        napagent - ok
17:42:29.0901 6816        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:42:29.0948 6816        NativeWifiP - ok
17:42:30.0104 6816        NAVENG          (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120410.020\ENG64.SYS
17:42:30.0120 6816        NAVENG - ok
17:42:30.0182 6816        NAVEX15        (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120410.020\EX64.SYS
17:42:30.0229 6816        NAVEX15 - ok
17:42:30.0338 6816        NDIS            (a3151b3463eea7e47f618f115d0d142e) C:\Windows\system32\drivers\ndis.sys
17:42:30.0385 6816        NDIS - ok
17:42:30.0463 6816        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:42:30.0525 6816        NdisCap - ok
17:42:30.0541 6816        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:30.0572 6816        NdisTapi - ok
17:42:30.0603 6816        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:30.0650 6816        Ndisuio - ok
17:42:30.0681 6816        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:30.0713 6816        NdisWan - ok
17:42:30.0728 6816        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:42:30.0759 6816        NDProxy - ok
17:42:30.0775 6816        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:42:30.0837 6816        NetBIOS - ok
17:42:30.0869 6816        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:42:30.0931 6816        NetBT - ok
17:42:30.0962 6816        Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:42:30.0978 6816        Netlogon - ok
17:42:31.0025 6816        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:42:31.0071 6816        Netman - ok
17:42:31.0103 6816        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:42:31.0165 6816        netprofm - ok
17:42:31.0243 6816        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:42:31.0259 6816        NetTcpPortSharing - ok
17:42:31.0321 6816        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:42:31.0337 6816        nfrd960 - ok
17:42:31.0508 6816        NIS            (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
17:42:31.0539 6816        NIS - ok
17:42:31.0602 6816        NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:42:31.0649 6816        NlaSvc - ok
17:42:31.0711 6816        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:42:31.0789 6816        Npfs - ok
17:42:31.0820 6816        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:42:31.0883 6816        nsi - ok
17:42:31.0914 6816        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:42:31.0945 6816        nsiproxy - ok
17:42:32.0023 6816        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:42:32.0070 6816        Ntfs - ok
17:42:32.0132 6816        NuidFltr        (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
17:42:32.0163 6816        NuidFltr - ok
17:42:32.0179 6816        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:42:32.0241 6816        Null - ok
17:42:32.0273 6816        NVHDA          (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
17:42:32.0288 6816        NVHDA - ok
17:42:32.0538 6816        nvlddmkm        (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:42:32.0756 6816        nvlddmkm - ok
17:42:32.0865 6816        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:42:32.0881 6816        nvraid - ok
17:42:32.0897 6816        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:42:32.0912 6816        nvstor - ok
17:42:32.0959 6816        nvsvc          (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:42:32.0975 6816        nvsvc - ok
17:42:33.0115 6816        nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:42:33.0162 6816        nvUpdatusService - ok
17:42:33.0255 6816        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:42:33.0287 6816        nv_agp - ok
17:42:33.0302 6816        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:42:33.0318 6816        ohci1394 - ok
17:42:33.0396 6816        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:42:33.0411 6816        ose - ok
17:42:33.0599 6816        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:42:33.0677 6816        osppsvc - ok
17:42:33.0770 6816        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:42:33.0833 6816        p2pimsvc - ok
17:42:33.0864 6816        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:42:33.0895 6816        p2psvc - ok
17:42:33.0942 6816        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:42:33.0973 6816        Parport - ok
17:42:34.0004 6816        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:42:34.0004 6816        partmgr - ok
17:42:34.0020 6816        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:42:34.0067 6816        PcaSvc - ok
17:42:34.0082 6816        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:42:34.0098 6816        pci - ok
17:42:34.0129 6816        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:42:34.0145 6816        pciide - ok
17:42:34.0176 6816        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:42:34.0191 6816        pcmcia - ok
17:42:34.0207 6816        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:42:34.0207 6816        pcw - ok
17:42:34.0269 6816        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:42:34.0332 6816        PEAUTH - ok
17:42:34.0410 6816        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:42:34.0457 6816        PerfHost - ok
17:42:34.0519 6816        pla            (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:42:34.0581 6816        pla - ok
17:42:34.0675 6816        PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:42:34.0737 6816        PlugPlay - ok
17:42:34.0737 6816        PnkBstrA - ok
17:42:34.0769 6816        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:42:34.0815 6816        PNRPAutoReg - ok
17:42:34.0847 6816        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:42:34.0878 6816        PNRPsvc - ok
17:42:34.0925 6816        Point64        (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
17:42:34.0940 6816        Point64 - ok
17:42:34.0987 6816        PolicyAgent    (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:42:35.0065 6816        PolicyAgent - ok
17:42:35.0112 6816        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:42:35.0159 6816        Power - ok
17:42:35.0190 6816        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:42:35.0268 6816        PptpMiniport - ok
17:42:35.0299 6816        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:42:35.0315 6816        Processor - ok
17:42:35.0346 6816        ProfSvc        (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
17:42:35.0408 6816        ProfSvc - ok
17:42:35.0455 6816        ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:42:35.0471 6816        ProtectedStorage - ok
17:42:35.0486 6816        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:42:35.0533 6816        Psched - ok
17:42:35.0595 6816        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:42:35.0627 6816        ql2300 - ok
17:42:35.0658 6816        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:42:35.0673 6816        ql40xx - ok
17:42:35.0689 6816        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:42:35.0720 6816        QWAVE - ok
17:42:35.0736 6816        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:42:35.0751 6816        QWAVEdrv - ok
17:42:35.0767 6816        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:42:35.0845 6816        RasAcd - ok
17:42:35.0876 6816        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:42:35.0939 6816        RasAgileVpn - ok
17:42:35.0970 6816        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:42:36.0001 6816        RasAuto - ok
17:42:36.0017 6816        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:36.0063 6816        Rasl2tp - ok
17:42:36.0095 6816        RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:42:36.0141 6816        RasMan - ok
17:42:36.0157 6816        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:36.0204 6816        RasPppoe - ok
17:42:36.0235 6816        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:42:36.0266 6816        RasSstp - ok
17:42:36.0282 6816        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:42:36.0329 6816        rdbss - ok
17:42:36.0344 6816        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:42:36.0375 6816        rdpbus - ok
17:42:36.0407 6816        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:36.0469 6816        RDPCDD - ok
17:42:36.0485 6816        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:42:36.0516 6816        RDPENCDD - ok
17:42:36.0531 6816        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:42:36.0563 6816        RDPREFMP - ok
17:42:36.0594 6816        RDPWD          (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
17:42:36.0672 6816        RDPWD - ok
17:42:36.0703 6816        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:42:36.0719 6816        rdyboost - ok
17:42:36.0750 6816        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:42:36.0781 6816        RemoteAccess - ok
17:42:36.0812 6816        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:42:36.0890 6816        RemoteRegistry - ok
17:42:36.0937 6816        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:42:36.0968 6816        RFCOMM - ok
17:42:37.0062 6816        RichVideo      (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:42:37.0093 6816        RichVideo - ok
17:42:37.0124 6816        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:42:37.0171 6816        RpcEptMapper - ok
17:42:37.0202 6816        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:42:37.0249 6816        RpcLocator - ok
17:42:37.0280 6816        RpcSs          (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:42:37.0327 6816        RpcSs - ok
17:42:37.0389 6816        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:42:37.0483 6816        rspndr - ok
17:42:37.0514 6816        RTL8167        (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:42:37.0561 6816        RTL8167 - ok
17:42:37.0655 6816        rtport          (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
17:42:37.0670 6816        rtport - ok
17:42:37.0717 6816        SABI            (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
17:42:37.0748 6816        SABI - ok
17:42:37.0779 6816        SamSs          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:42:37.0795 6816        SamSs - ok
17:42:37.0873 6816        Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
17:42:37.0889 6816        Samsung UPD Service - ok
17:42:37.0935 6816        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:42:37.0967 6816        sbp2port - ok
17:42:37.0998 6816        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:42:38.0045 6816        SCardSvr - ok
17:42:38.0076 6816        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:42:38.0107 6816        scfilter - ok
17:42:38.0169 6816        Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:42:38.0232 6816        Schedule - ok
17:42:38.0325 6816        SCPolicySvc    (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:42:38.0403 6816        SCPolicySvc - ok
17:42:38.0435 6816        SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:42:38.0466 6816        SDRSVC - ok
17:42:38.0559 6816        SeaPort        (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:42:38.0591 6816        SeaPort - ok
17:42:38.0684 6816        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:42:38.0762 6816        secdrv - ok
17:42:38.0793 6816        seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:42:38.0840 6816        seclogon - ok
17:42:38.0856 6816        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:42:38.0903 6816        SENS - ok
17:42:38.0918 6816        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:42:38.0949 6816        SensrSvc - ok
17:42:39.0012 6816        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:42:39.0027 6816        Serenum - ok
17:42:39.0074 6816        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:42:39.0105 6816        Serial - ok
17:42:39.0137 6816        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:42:39.0152 6816        sermouse - ok
17:42:39.0199 6816        SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:42:39.0230 6816        SessionEnv - ok
17:42:39.0261 6816        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:42:39.0324 6816        sffdisk - ok
17:42:39.0355 6816        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:42:39.0386 6816        sffp_mmc - ok
17:42:39.0417 6816        sffp_sd        (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:42:39.0464 6816        sffp_sd - ok
17:42:39.0511 6816        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:42:39.0542 6816        sfloppy - ok
17:42:39.0605 6816        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:42:39.0651 6816        Sftfs - ok
17:42:39.0807 6816        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:42:39.0839 6816        sftlist - ok
17:42:39.0932 6816        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:42:39.0963 6816        Sftplay - ok
17:42:39.0995 6816        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:42:40.0010 6816        Sftredir - ok
17:42:40.0026 6816        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:42:40.0041 6816        Sftvol - ok
17:42:40.0135 6816        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:42:40.0166 6816        sftvsa - ok
17:42:40.0213 6816        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:42:40.0260 6816        SharedAccess - ok
17:42:40.0307 6816        ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:42:40.0322 6816        ShellHWDetection - ok
17:42:40.0385 6816        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:42:40.0416 6816        SiSRaid2 - ok
17:42:40.0431 6816        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:42:40.0447 6816        SiSRaid4 - ok
17:42:40.0478 6816        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:42:40.0509 6816        Smb - ok
17:42:40.0556 6816        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:42:40.0603 6816        SNMPTRAP - ok
17:42:40.0634 6816        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:42:40.0650 6816        spldr - ok
17:42:40.0697 6816        Spooler        (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:42:40.0759 6816        Spooler - ok
17:42:40.0837 6816        sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:42:40.0931 6816        sppsvc - ok
17:42:41.0024 6816        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:42:41.0102 6816        sppuinotify - ok
17:42:41.0211 6816        SRTSP          (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS
17:42:41.0227 6816        SRTSP - ok
17:42:41.0258 6816        SRTSPX          (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
17:42:41.0274 6816        SRTSPX - ok
17:42:41.0321 6816        srv            (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:42:41.0383 6816        srv - ok
17:42:41.0414 6816        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:42:41.0445 6816        srv2 - ok
17:42:41.0461 6816        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:42:41.0477 6816        srvnet - ok
17:42:41.0523 6816        ssadbus        (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
17:42:41.0570 6816        ssadbus - ok
17:42:41.0617 6816        ssadmdfl        (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:42:41.0648 6816        ssadmdfl - ok
17:42:41.0695 6816        ssadmdm        (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
17:42:41.0726 6816        ssadmdm - ok
17:42:41.0789 6816        sscdbus        (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
17:42:41.0804 6816        sscdbus - ok
17:42:41.0851 6816        sscdmdfl        (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:42:41.0882 6816        sscdmdfl - ok
17:42:41.0898 6816        sscdmdm        (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
17:42:41.0913 6816        sscdmdm - ok
17:42:41.0960 6816        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:42:42.0038 6816        SSDPSRV - ok
17:42:42.0054 6816        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:42:42.0101 6816        SstpSvc - ok
17:42:42.0132 6816        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:42:42.0147 6816        stexstor - ok
17:42:42.0179 6816        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:42:42.0225 6816        StillCam - ok
17:42:42.0272 6816        stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:42:42.0303 6816        stisvc - ok
17:42:42.0335 6816        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:42:42.0335 6816        swenum - ok
17:42:42.0381 6816        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:42:42.0459 6816        swprv - ok
17:42:42.0537 6816        SymDS          (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
17:42:42.0569 6816        SymDS - ok
17:42:42.0615 6816        SymEFA          (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
17:42:42.0647 6816        SymEFA - ok
17:42:42.0693 6816        SymEvent        (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:42:42.0709 6816        SymEvent - ok
17:42:42.0740 6816        SymIRON        (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
17:42:42.0756 6816        SymIRON - ok
17:42:42.0787 6816        SymNetS        (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS
17:42:42.0803 6816        SymNetS - ok
17:42:42.0881 6816        SysMain        (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:42:42.0927 6816        SysMain - ok
17:42:43.0005 6816        TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:42:43.0052 6816        TabletInputService - ok
17:42:43.0083 6816        TapiSrv        (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:42:43.0146 6816        TapiSrv - ok
17:42:43.0177 6816        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:42:43.0255 6816        TBS - ok
17:42:43.0349 6816        Tcpip          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
17:42:43.0395 6816        Tcpip - ok
17:42:43.0536 6816        TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
17:42:43.0567 6816        TCPIP6 - ok
17:42:43.0661 6816        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:42:43.0739 6816        tcpipreg - ok
17:42:43.0754 6816        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:42:43.0817 6816        TDPIPE - ok
17:42:43.0848 6816        TDTCP          (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:42:43.0895 6816        TDTCP - ok
17:42:43.0926 6816        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:42:43.0988 6816        tdx - ok
17:42:44.0035 6816        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:42:44.0051 6816        TermDD - ok
17:42:44.0097 6816        TermService    (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:42:44.0144 6816        TermService - ok
17:42:44.0160 6816        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:42:44.0175 6816        Themes - ok
17:42:44.0207 6816        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:42:44.0238 6816        THREADORDER - ok
17:42:44.0253 6816        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:42:44.0316 6816        TrkWks - ok
17:42:44.0363 6816        TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:42:44.0425 6816        TrustedInstaller - ok
17:42:44.0487 6816        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:42:44.0534 6816        tssecsrv - ok
17:42:44.0581 6816        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:42:44.0675 6816        tunnel - ok
17:42:44.0706 6816        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:42:44.0706 6816        uagp35 - ok
17:42:44.0753 6816        udfs            (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
17:42:44.0768 6816        udfs - ok
17:42:44.0816 6816        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:42:44.0832 6816        UI0Detect - ok
17:42:44.0878 6816        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:42:44.0878 6816        uliagpkx - ok
17:42:44.0910 6816        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:42:44.0925 6816        umbus - ok
17:42:44.0972 6816        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:42:45.0019 6816        UmPass - ok
17:42:45.0190 6816        UNS            (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:42:45.0237 6816        UNS - ok
17:42:45.0315 6816        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:42:45.0393 6816        upnphost - ok
17:42:45.0471 6816        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:42:45.0534 6816        USBAAPL64 - ok
17:42:45.0580 6816        usbccgp        (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
17:42:45.0627 6816        usbccgp - ok
17:42:45.0674 6816        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:42:45.0736 6816        usbcir - ok
17:42:45.0752 6816        usbehci        (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
17:42:45.0799 6816        usbehci - ok
17:42:45.0862 6816        usbhub          (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
17:42:45.0878 6816        usbhub - ok
17:42:45.0893 6816        usbohci        (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
17:42:45.0925 6816        usbohci - ok
17:42:45.0971 6816        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:42:46.0034 6816        usbprint - ok
17:42:46.0065 6816        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:42:46.0081 6816        usbscan - ok
17:42:46.0127 6816        USBSTOR        (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:42:46.0143 6816        USBSTOR - ok
17:42:46.0174 6816        usbuhci        (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
17:42:46.0190 6816        usbuhci - ok
17:42:46.0221 6816        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
17:42:46.0268 6816        usbvideo - ok
17:42:46.0299 6816        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:42:46.0346 6816        UxSms - ok
17:42:46.0377 6816        VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:42:46.0393 6816        VaultSvc - ok
17:42:46.0424 6816        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:42:46.0455 6816        vdrvroot - ok
17:42:46.0486 6816        vds            (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:42:46.0533 6816        vds - ok
17:42:46.0564 6816        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:42:46.0580 6816        vga - ok
17:42:46.0611 6816        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:42:46.0642 6816        VgaSave - ok
17:42:46.0673 6816        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:42:46.0689 6816        vhdmp - ok
17:42:46.0689 6816        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:42:46.0705 6816        viaide - ok
17:42:46.0720 6816        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:42:46.0736 6816        volmgr - ok
17:42:46.0751 6816        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:42:46.0767 6816        volmgrx - ok
17:42:46.0814 6816        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:42:46.0830 6816        volsnap - ok
17:42:46.0877 6816        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:42:46.0877 6816        vsmraid - ok
17:42:46.0955 6816        VSS            (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:42:47.0002 6816        VSS - ok
17:42:47.0111 6816        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:42:47.0158 6816        vwifibus - ok
17:42:47.0236 6816        vwififlt        (33cec36f6f6219fcb554f61370efbdbc) C:\Windows\system32\DRIVERS\vwififlt.sys
17:42:47.0252 6816        vwififlt - ok
17:42:47.0298 6816        vwifimp        (008f261e8db17e1c77289012905e0e15) C:\Windows\system32\DRIVERS\vwifimp.sys
17:42:47.0330 6816        vwifimp - ok
17:42:47.0392 6816        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:42:47.0454 6816        W32Time - ok
17:42:47.0486 6816        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:42:47.0501 6816        WacomPen - ok
17:42:47.0532 6816        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:47.0579 6816        WANARP - ok
17:42:47.0579 6816        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:42:47.0610 6816        Wanarpv6 - ok
17:42:47.0735 6816        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:42:47.0766 6816        WatAdminSvc - ok
17:42:47.0876 6816        wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:42:47.0938 6816        wbengine - ok
17:42:48.0032 6816        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:42:48.0063 6816        WbioSrvc - ok
17:42:48.0110 6816        wcncsvc        (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:42:48.0156 6816        wcncsvc - ok
17:42:48.0172 6816        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:42:48.0234 6816        WcsPlugInService - ok
17:42:48.0297 6816        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:42:48.0312 6816        Wd - ok
17:42:48.0328 6816        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:42:48.0359 6816        Wdf01000 - ok
17:42:48.0375 6816        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:42:48.0406 6816        WdiServiceHost - ok
17:42:48.0406 6816        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:42:48.0422 6816        WdiSystemHost - ok
17:42:48.0468 6816        WebClient      (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:42:48.0531 6816        WebClient - ok
17:42:48.0562 6816        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:42:48.0609 6816        Wecsvc - ok
17:42:48.0640 6816        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:42:48.0718 6816        wercplsupport - ok
17:42:48.0749 6816        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:42:48.0796 6816        WerSvc - ok
17:42:48.0858 6816        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:42:48.0905 6816        WfpLwf - ok
17:42:48.0936 6816        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:42:48.0936 6816        WIMMount - ok
17:42:48.0983 6816        WinDefend - ok
17:42:48.0983 6816        WinHttpAutoProxySvc - ok
17:42:49.0061 6816        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:42:49.0124 6816        Winmgmt - ok
17:42:49.0186 6816        WinRM          (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:42:49.0264 6816        WinRM - ok
17:42:49.0389 6816        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:42:49.0420 6816        WinUsb - ok
17:42:49.0482 6816        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:42:49.0545 6816        Wlansvc - ok
17:42:49.0623 6816        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:42:49.0654 6816        wlcrasvc - ok
17:42:49.0732 6816        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:42:49.0794 6816        wlidsvc - ok
17:42:49.0872 6816        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:42:49.0888 6816        WmiAcpi - ok
17:42:49.0966 6816        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:42:50.0013 6816        wmiApSrv - ok
17:42:50.0060 6816        WMPNetworkSvc - ok
17:42:50.0122 6816        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:42:50.0169 6816        WPCSvc - ok
17:42:50.0184 6816        WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:42:50.0231 6816        WPDBusEnum - ok
17:42:50.0278 6816        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:42:50.0356 6816        ws2ifsl - ok
17:42:50.0403 6816        wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
17:42:50.0434 6816        wscsvc - ok
17:42:50.0450 6816        WSearch - ok
17:42:50.0543 6816        wuauserv        (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
17:42:50.0668 6816        wuauserv - ok
17:42:50.0762 6816        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:42:50.0840 6816        WudfPf - ok
17:42:50.0871 6816        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:42:50.0918 6816        WUDFRd - ok
17:42:50.0949 6816        wudfsvc        (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:42:51.0042 6816        wudfsvc - ok
17:42:51.0074 6816        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:42:51.0089 6816        WwanSvc - ok
17:42:51.0120 6816        MBR (0x1B8)    (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
17:42:51.0448 6816        \Device\Harddisk0\DR0 - ok
17:42:51.0464 6816        Boot (0x1200)  (a71f9d4598d239d26ca108ec7b2813b3) \Device\Harddisk0\DR0\Partition0
17:42:51.0464 6816        \Device\Harddisk0\DR0\Partition0 - ok
17:42:51.0495 6816        Boot (0x1200)  (14565775b50cbcb3040d634f2ca1c12d) \Device\Harddisk0\DR0\Partition1
17:42:51.0495 6816        \Device\Harddisk0\DR0\Partition1 - ok
17:42:51.0526 6816        Boot (0x1200)  (f9f9ea87478cddbac1521ca5f15ba8d0) \Device\Harddisk0\DR0\Partition2
17:42:51.0526 6816        \Device\Harddisk0\DR0\Partition2 - ok
17:42:51.0526 6816        ============================================================
17:42:51.0526 6816        Scan finished
17:42:51.0526 6816        ============================================================
17:42:51.0557 6408        Detected object count: 1
17:42:51.0557 6408        Actual detected object count: 1
17:42:59.0529 6408        Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:42:59.0529 6408        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:45 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131