Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Live Security Platinum Virus (https://www.trojaner-board.de/119769-live-security-platinum-virus.html)

TorPedetor 17.07.2012 21:34
Live Security Platinum Virus
 
Hallo,

auf meinem Laptop hat sich am Wochenende (15.07) das Virus "Live Security Platinum" eingeschleust. Dieses Virus ist ja bereits bekannt, dutzende Fehlermeldungen, Anwendungen funktionieren nicht mehr (Anti-Virus, CCleaner, Internet-Browser... etc) und die Aufforderung, irgendwelche Programme zu erwerben. Ich habe mich auf meinem Handy darüber informiert (Internet ging ja auf Laptop nicht) und irgendwo gelesen, dass man mit einer Systemwiederherstellung den Mist wieder los wird. Das habe ich dann auch gemacht, im Safe-Modus den Recovery Manager gestartet (Ich besitze ein HP Pavilion dv7 mit Windows 7 64 Bit) und den Rechner auf einen früheren Zeitpunkt (11.07) zurückgesetzt. Das ganze war in 5 Min. erledigt und jetzt geht alles wieder. Keine Fehlermeldung, kein Virus oder ähnliches, alles läuft. Ich habe im Nachhinein Malwarebytes Anti-Malware geladen und ausgeführt (im normalen Modus). Folgendes wurde gefunden und in Quarantäne gesetzt:

http://www.workupload.com/image/OGEXiTz

Hier der Log dazu:

Code:
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.03.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-HP [limited]

Protection: Enabled

16.07.2012 00:35:09
mbam-log-2012-07-16 (00-35-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 176463
Time elapsed: 6 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\$Recycle.Bin\S-1-5-21-625476035-1192893045-2691204042-1001\$R0A9LUY.exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-625476035-1192893045-2691204042-1001\$R0RB5WR.exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.

(end)
Wie gesagt, seitdem läuft alles gut.

Um aber sicher zu gehen, dass wirklich alles sauber ist, möchte ich gerne die Meinung eines Profis lesen :crazy:

Hier der OTL-Text:

Code:
OTL logfile created on: 17.07.2012 20:24:28 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 5,67 Gb Available Physical Memory | 71,32% Memory free
15,90 Gb Paging File | 13,09 Gb Available in Paging File | 82,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,13 Gb Total Space | 602,02 Gb Free Space | 88,26% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 152,81 Gb Free Space | 21,87% Space Free | Partition Type: NTFS
Drive E: | 16,21 Gb Total Space | 1,70 Gb Free Space | 10,47% Space Free | Partition Type: NTFS
 
Computer Name: ***-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.17 20:11:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.04.04 07:53:56 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012.04.04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.13 13:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.12.10 23:02:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010.12.07 06:06:00 | 000,249,672 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2010.12.07 06:05:52 | 000,634,696 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2010.12.07 06:05:38 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010.11.25 07:26:40 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.11.23 20:26:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.11.23 20:26:44 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.11.03 17:12:54 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.07.29 19:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.10.22 20:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2009.10.22 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2009.08.25 16:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009.08.25 16:00:00 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2009.08.25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012.07.10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012.07.10 06:07:39 | 000,554,520 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012.07.10 06:07:37 | 000,117,784 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012.07.10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012.07.10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012.07.10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012.07.10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012.07.10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\***\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2012.06.14 14:51:50 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012.06.14 14:51:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012.06.14 14:49:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.06.14 14:49:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 14:49:32 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 14:49:22 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.06.14 14:49:18 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.06.14 14:49:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.06.14 14:49:14 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.06.14 14:49:04 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.04.04 07:54:04 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010.11.22 14:00:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010.11.22 14:00:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010.11.22 14:00:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2005.08.22 16:38:16 | 003,264,512 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.12.31 03:10:00 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.10.22 20:07:00 | 000,079,504 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV - [2012.07.16 09:52:53 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.12.07 06:06:00 | 000,249,672 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010.12.02 06:44:08 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.11.24 21:26:42 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010.11.23 20:26:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.11.23 20:26:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.11.03 17:12:54 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.08.05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010.07.29 19:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.10.22 20:07:00 | 000,178,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe -- (McShield)
SRV - [2009.10.22 20:07:00 | 000,066,896 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2009.10.22 20:07:00 | 000,019,720 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe -- (McAfeeEngineService)
SRV - [2009.08.25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.05.09 17:00:24 | 000,013,184 | ---- | M] (Fengtao Software Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvdfabio.sys -- (dvdfabio)
DRV:64bit: - [2012.05.09 17:00:18 | 000,045,952 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vdrive.sys -- (vdrive)
DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.10.14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.04.09 16:00:59 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.12 08:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.31 03:39:22 | 008,281,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.12.31 02:33:06 | 000,292,864 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.17 03:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.12.17 03:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.12.10 23:03:46 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.12.02 06:44:08 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.19 20:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 20:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.19 21:56:44 | 000,406,632 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.10.15 10:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.20 23:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.07.20 23:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.07.20 23:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.07.14 16:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.03 00:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.10.22 20:07:00 | 000,469,144 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,119,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,097,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2009.10.22 20:07:00 | 000,083,784 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009.10.22 20:07:00 | 000,077,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 19:38:32 | 000,116,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.06.22 19:26:38 | 000,113,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKCU\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.04.09 16:13:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.04.09 16:13:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.04.09 16:13:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.07.01 03:17:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.07.05 21:06:58 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012.07.05 15:40:12 | 000,002,243 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        activate.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1        activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1        ereg.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip2.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1        ereg.wip4.adobe.com
O1 - Hosts: 127.0.0.1        practivate.adobe
O1 - Hosts: 127.0.0.1        practivate.adobe.com
O1 - Hosts: 127.0.0.1        practivate.adobe.ipp
O1 - Hosts: 127.0.0.1        practivate.adobe.newoa
O1 - Hosts: 127.0.0.1        practivate.adobe.ntp
O1 - Hosts: 127.0.0.1        wip.adobe.com
O1 - Hosts: 127.0.0.1        wip1.adobe.com
O1 - Hosts: 127.0.0.1        wip2.adobe.com
O1 - Hosts: 127.0.0.1        wip3.adobe.com
O1 - Hosts: 127.0.0.1        wip3.adobe.com
O1 - Hosts: 127.0.0.1        wip4.adobe.com
O1 - Hosts: 21 more lines...
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [DVDFab VDrive] C:\Program Files\DVDFab Virtual Drive\vdrive.exe (Fengtao Software Inc.)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [!BingBar] C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\MUExe\7.1.361.0\BingBarSetup-Partner.EXE (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F6321DC-BBE1-4A81-8529-E0EE22F452C3}: DhcpNameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1DA77A2-2321-4DE8-8CCB-68DDD88BEF97}: DhcpNameServer = 192.168.4.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4F4E212-966C-48D4-BB8A-0584CD101A04}: DhcpNameServer = 10.0.0.38 10.0.0.40
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.16 00:31:31 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2012.07.16 00:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.16 00:31:20 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.16 00:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.15 00:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\225932FD027865E6C6F46C5BF875F002
[2012.07.06 16:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2012.07.06 16:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.05 16:38:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2012.07.05 16:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012.07.05 16:17:18 | 000,000,000 | ---D | C] -- C:\Users\admin\Adobe Flash Builder 4.6
[2012.07.05 16:10:17 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2012.07.05 16:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012.07.05 16:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2012.07.05 16:07:19 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2012.07.05 15:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2012.07.05 14:49:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.07.04 21:44:08 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.04 21:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.04 21:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.07.04 12:57:29 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.04 12:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.04 12:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.07.04 12:54:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\WinRAR
[2012.07.01 18:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012.07.01 18:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.07.01 18:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.07.01 03:16:42 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\DivX
[2012.07.01 03:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.07.01 03:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.07.01 03:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.07.01 03:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.07.01 03:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.07.01 03:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.06.27 12:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012.06.27 12:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012.06.27 12:48:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Adobe
[2012.06.26 21:54:22 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\CrashDumps
[2012.06.26 10:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.06.24 00:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2012.06.21 20:31:23 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Apple Computer
[2012.06.21 20:27:01 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\wargaming.net
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.17 20:14:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001UA.job
[2012.07.17 20:09:22 | 000,000,000 | ---- | M] () -- C:\Users\admin\defogger_reenable
[2012.07.17 19:52:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.17 18:28:30 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.17 18:28:30 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.17 18:28:01 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.17 18:28:01 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.17 18:28:01 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.17 18:28:01 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.17 18:28:01 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.07.17 18:20:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.17 18:20:43 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.16 23:23:45 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWIN-RS8RTOFVIIM$.job
[2012.07.16 23:23:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor***.job
[2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012.07.16 13:48:14 | 005,035,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.16 13:46:06 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001Core.job
[2012.07.16 00:33:27 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.06 16:26:04 | 000,073,830 | ---- | M] () -- C:\Users\admin\Documents\cc_20120706_162539.reg
[2012.07.05 21:07:11 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012.07.04 21:44:09 | 000,001,007 | ---- | M] () -- C:\Users\admin\Desktop\SpeedFan.lnk
[2012.07.04 21:44:07 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.01 03:17:07 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.07.01 03:17:07 | 000,001,610 | ---- | M] () -- C:\Users\admin\Desktop\DivX Movies.lnk
[2012.07.01 03:16:40 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.06.19 20:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
 
========== Files Created - No Company Name ==========
 
[2012.07.17 20:09:22 | 000,000,000 | ---- | C] () -- C:\Users\admin\defogger_reenable
[2012.07.16 00:31:25 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.06 16:25:49 | 000,073,830 | ---- | C] () -- C:\Users\admin\Documents\cc_20120706_162539.reg
[2012.07.05 16:38:53 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012.07.05 16:38:53 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012.07.05 16:38:53 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012.07.05 16:10:59 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2012.07.05 16:03:42 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.07.05 14:50:25 | 000,000,824 | ---- | C] () -- C:\Users\admin\Desktop\hosts
[2012.07.05 14:49:17 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.04 21:44:09 | 000,001,007 | ---- | C] () -- C:\Users\admin\Desktop\SpeedFan.lnk
[2012.07.04 21:44:07 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.01 18:21:50 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012.07.01 18:21:10 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2012.07.01 18:20:20 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012.07.01 18:19:53 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012.07.01 18:17:52 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012.07.01 18:17:48 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012.07.01 03:17:07 | 000,001,610 | ---- | C] () -- C:\Users\admin\Desktop\DivX Movies.lnk
[2012.07.01 03:16:40 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.07.01 03:16:17 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.06.27 12:48:22 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012.06.26 10:12:16 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.06.19 20:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2012.06.14 21:01:14 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.04.09 16:05:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.09 15:49:35 | 000,003,028 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.04.09 15:48:37 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.04.09 15:48:37 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.04.09 15:48:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.09 15:48:35 | 000,003,028 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.09 15:39:30 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.27 17:38:29 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2011.01.27 17:32:15 | 000,009,644 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010.09.24 15:41:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
 
========== LOP Check ==========
 
[2012.06.14 13:33:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PictureMover
[2012.06.14 13:32:05 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Synaptics
[2012.06.24 10:59:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\wargaming.net
[2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2009.07.14 07:08:49 | 000,023,050 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Und im Anhang der Rest.


Ich danke Euch im Voraus für Eure Hilfe!!!

t'john 18.07.2012 21:16
:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O32 - HKLM CDRom: AutoRun - 1

[2012.07.17 20:14:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001UA.job
[2012.07.17 19:52:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.07.16 23:23:45 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWIN-RS8RTOFVIIM$.job
[2012.07.16 23:23:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor***.job
[2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2012.07.16 13:46:06 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001Core.job
[2012.07.05 14:49:17 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

TorPedetor 18.07.2012 22:20
Danke für die Hilfe!

Neustart wurde verlangt und ausgeführt, hier das Logfile:

Code:
All processes killed
Error: Unable to interpret <:OTL PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe  IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}  IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF  IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF  IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}  IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}  IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox  IE - HKLM\..\S> in the current context!
Error: Unable to interpret <earchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}  IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF  IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF  IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}  IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}  IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox  IE - HKCU\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}  IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0  IE - HKCU\Software\> in the current context!
Error: Unable to interpret <Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local  O4 - HKLM..\Run: [] File not found  O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()  O4 - HKCU..\Run: [AdobeBridge] File not found  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1  O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3  O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)  O32 - HKLM CDRom: AutoRun - 1  [2012.07.17 20:14:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001UA.job  [2012.07.17 19:52:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job  [2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:> in the current context!
Error: Unable to interpret <\Windows\tasks\AutoKMS.job  [2012.07.17 18:20:55 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job  [2012.07.16 23:23:45 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWIN-RS8RTOFVIIM$.job  [2012.07.16 23:23:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor***.job  [2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job  [2012.07.16 23:23:43 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job  [2012.07.16 13:46:06 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001Core.job  [2012.07.05 14:49:17 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job  :Files  ipconfig /flushdns /c :Commands [purity] [emptytemp] [emptyflash]> in the current context!
 
OTL by OldTimer - Version 3.2.54.0 log created on 07182012_230354
Ich nehme an, nach jedem Fix-Prozess kann ich wieder meine Scanner einschalten?

Windows Firewall und Defender auch?

Übrigens, obwohl ich am 17.07 defogger ausgeführt habe, konnte ich heute einen Film (Miniso-Datei) mit dvdfab ausführen und sehen. Ich dachte defogger hätte dieses unterbunden?!

t'john 18.07.2012 23:16
So kam das Logfile raus?

Bitte wiederholen und Anleitung beachten.

TorPedetor 18.07.2012 23:42
Ok.
Ich glaube, davor habe ich erst OTL.exe ausgeführt und dann die Scanner ausgeschaltet... mein Fehler :headbang:

Hier das neue Logfile:

Code:
All processes killed
========== OTL ==========
No active process named DivXUpdate.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001UA.job moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
File C:\Windows\Tasks\AutoKMS.job not found.
C:\Windows\Tasks\HPCeeScheduleForWIN-RS8RTOFVIIM$.job moved successfully.
File C:\Windows\tasks\HPCeeScheduleFor***.job not found.
C:\Windows\Tasks\AutoKMSDaily.job moved successfully.
File C:\Windows\Tasks\AutoKMSDaily.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-625476035-1192893045-2691204042-1001Core.job moved successfully.
File C:\Windows\tasks\Adobe Flash Player Updater.job not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: admin
->Temp folder emptied: 7710653 bytes
->Temporary Internet Files folder emptied: 10576900 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1012 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes
 
User: Default User
 
User: ***
->Temp folder emptied: 41296258 bytes
->Temporary Internet Files folder emptied: 51134029 bytes
->Java cache emptied: 51256 bytes
->Google Chrome cache emptied: 64242416 bytes
->Flash cache emptied: 57497 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8687762 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36028538 bytes
RecycleBin emptied: 4259 bytes
 
Total Files Cleaned = 210,00 mb
 
 
[EMPTYFLASH]
 
User: admin
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
 
User: ***
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07192012_003030

t'john 19.07.2012 09:14
Sehr gut! :daumenhoc

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

TorPedetor 19.07.2012 19:37
Hier das Log:

Code:
# AdwCleaner v1.702 - Logfile created 07/19/2012 at 20:32:20
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : admin - ***-HP
# Running from : C:\Users\***\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Folder Found : C:\Users\***\AppData\LocalLow\boost_interprocess
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****


***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [880 octets] - [19/07/2012 20:32:20]

########## EOF - \AdwCleaner[R1].txt - [1007 octets] ##########

t'john 19.07.2012 20:37
Sehr gut! :daumenhoc

  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.



dann:


Malware mit Combofix beseitigen

Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:

  • Windows XP (nur 32-bit)
  • Windows Vista (32-bit/64-bit)
  • Windows 7 (32-bit/64-bit)



Vorbereitung und wichtige Hinweise

  • Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
  • Liste der zu deaktivierenden Programme.
    Bei Unklarheiten bitte fragen.




  • ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
  • Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
  • Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
  • Teile uns das mit und warte auf unsere Anweisungen.




  • Starte die Combofix.exe mit Rechtsklick => Als Administrator ausführen und folge den Anweisungen.
  • Während des Laufs von Combofix nichts anderes am Computer machen!
  • Akzeptiere die Bedingungen (Disclaimer) mit "Ja".



  • Sollte Combofix eine aktuellere Version anbieten, Downlaod erlauben.
  • Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.
  • Es erscheint eine blaue Eingabeaufforderung, Combofix wird für den Suchlauf vorbereitet.
  • Bitte nicht in dieses Combofix-Fenster klicken.
  • Das könnte Dein System einfrieren oder hängen bleiben lassen.
  • Es wird ein Backup Deiner Registry erstellt.
  • Nun werden die einzelnen Stufen des Programms abgearbeitet, das kann eine Weile dauern.



  • Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
  • Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
  • Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.



  • Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
  • Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.



Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!

TorPedetor 19.07.2012 20:51
Hier das AdwCleaner Logfile:

Zitat:
# AdwCleaner v1.702 - Logfile created 07/19/2012 at 21:44:49
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : admin - ***-HP
# Running from : C:\Users\***\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Folder Deleted : C:\Users\***\AppData\LocalLow\boost_interprocess
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [888 octets] - [19/07/2012 21:44:49]
AdwCleaner[R1].txt - [1006 octets] - [19/07/2012 20:32:20]

########## EOF - \AdwCleaner[S1].txt - [1075 octets] ##########

t'john 19.07.2012 20:59
Noch Combofix?

TorPedetor 19.07.2012 22:08
Fertig mit ComboFix, hier die Logs:

ComboFix:

Code:
ComboFix 12-07-19.02 - admin 19.07.2012  22:35:34.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8140.6179 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-19 bis 2012-07-19  ))))))))))))))))))))))))))))))
.
.
2012-07-19 20:42 . 2012-07-19 20:42        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-19 20:42 . 2012-07-19 20:42        --------        d-----w-        c:\users\admin\AppData\Local\temp
2012-07-18 21:03 . 2012-07-18 21:03        --------        d-----w-        C:\_OTL
2012-07-17 16:27 . 2012-06-29 10:04        9133488        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD8B41B7-D6CC-43AA-8F7C-017C8DB44F51}\mpengine.dll
2012-07-16 11:45 . 2012-06-12 03:08        3148800        ----a-w-        c:\windows\system32\win32k.sys
2012-07-16 11:38 . 2012-05-04 11:00        366592        ----a-w-        c:\windows\system32\qdvd.dll
2012-07-16 11:38 . 2012-05-04 09:59        514560        ----a-w-        c:\windows\SysWow64\qdvd.dll
2012-07-16 07:52 . 2012-06-06 06:06        2004480        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-16 07:52 . 2012-06-06 06:06        1881600        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-16 07:52 . 2012-06-06 05:05        1390080        ----a-w-        c:\windows\SysWow64\msxml6.dll
2012-07-16 07:52 . 2012-06-06 05:05        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll
2012-07-16 07:52 . 2010-06-26 03:55        2048        ----a-w-        c:\windows\system32\msxml3r.dll
2012-07-16 07:52 . 2010-06-26 03:24        2048        ----a-w-        c:\windows\SysWow64\msxml3r.dll
2012-07-16 07:52 . 2012-06-09 05:43        14172672        ----a-w-        c:\windows\system32\shell32.dll
2012-07-15 22:34 . 2012-07-15 22:34        --------        d-----w-        c:\users\***\AppData\Roaming\Malwarebytes
2012-07-15 22:31 . 2012-07-15 22:31        --------        d-----w-        c:\users\admin\AppData\Roaming\Malwarebytes
2012-07-15 22:31 . 2012-07-15 22:31        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-15 22:31 . 2012-07-15 22:33        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-15 22:31 . 2012-07-03 11:46        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-07-14 22:41 . 2012-07-15 14:45        --------        d-----w-        c:\programdata\225932FD027865E6C6F46C5BF875F002
2012-07-06 14:29 . 2012-07-06 14:29        --------        d-----w-        c:\users\***\AppData\Roaming\PACE Anti-Piracy
2012-07-06 14:29 . 2012-07-06 14:29        --------        d-----w-        c:\users\***\AppData\Local\PACE Anti-Piracy
2012-07-06 14:29 . 2012-07-06 14:29        --------        d-----w-        c:\programdata\PACE Anti-Piracy
2012-07-06 14:21 . 2012-07-06 14:21        --------        d-----w-        c:\program files\CCleaner
2012-07-06 08:44 . 2012-07-06 08:44        --------        d-----w-        c:\users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-07-05 21:13 . 2012-07-05 21:13        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2012-07-05 14:23 . 2012-07-05 14:23        --------        d-----w-        c:\programdata\ALM
2012-07-05 14:17 . 2012-07-05 14:17        --------        d-----w-        c:\users\admin\Adobe Flash Builder 4.6
2012-07-05 14:10 . 2011-11-03 01:01        56208        ------w-        c:\windows\system32\drivers\PxHlpa64.sys
2012-07-05 14:10 . 2011-10-17 01:00        10224        ------w-        c:\windows\system32\drivers\cdralw2k.sys
2012-07-05 14:10 . 2011-10-17 01:00        10224        ------w-        c:\windows\system32\drivers\cdr4_xp.sys
2012-07-05 14:10 . 2012-07-05 14:10        --------        d-----w-        c:\program files (x86)\Common Files\Sonic Shared
2012-07-05 14:10 . 2012-07-05 14:10        --------        d-----w-        c:\program files (x86)\My Company Name
2012-07-05 12:49 . 2012-07-16 07:52        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-05 12:49 . 2012-07-16 07:52        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-05 12:49 . 2012-07-05 12:49        --------        d-----w-        c:\windows\system32\Macromed
2012-07-04 19:44 . 2012-07-04 19:45        --------        d-----w-        c:\program files (x86)\SpeedFan
2012-07-04 10:57 . 2012-07-04 10:57        --------        d-----w-        c:\program files\WinRAR
2012-07-01 16:21 . 2012-07-05 18:14        --------        d-----w-        c:\programdata\regid.1986-12.com.adobe
2012-07-01 16:20 . 2012-07-18 22:07        --------        d-----w-        c:\program files\Adobe
2012-07-01 16:15 . 2012-07-18 22:14        --------        d-----w-        c:\program files\Common Files\Adobe
2012-07-01 01:17 . 2012-07-01 01:17        --------        d-----w-        c:\users\***\AppData\Local\DDMSettings
2012-07-01 01:16 . 2012-07-01 01:16        --------        d-----w-        c:\users\admin\AppData\Roaming\DivX
2012-07-01 01:16 . 2012-07-05 14:10        --------        d-----w-        c:\program files (x86)\Common Files\PX Storage Engine
2012-07-01 01:16 . 2012-07-01 01:16        --------        d-----w-        c:\program files\DivX
2012-07-01 01:15 . 2012-07-01 01:16        --------        d-----w-        c:\program files (x86)\Common Files\DivX Shared
2012-07-01 01:13 . 2012-07-01 01:17        --------        d-----w-        c:\program files (x86)\DivX
2012-07-01 01:12 . 2012-07-01 01:17        --------        d-----w-        c:\programdata\DivX
2012-06-27 10:48 . 2012-06-27 10:48        --------        d-----w-        c:\users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-06-27 10:48 . 2012-06-27 10:48        --------        d-----w-        c:\program files (x86)\Adobe Download Assistant
2012-06-27 10:48 . 2012-06-27 10:48        --------        d-----w-        c:\program files (x86)\Common Files\Adobe AIR
2012-06-27 10:48 . 2012-07-05 14:29        --------        d-----w-        c:\users\admin\AppData\Local\Adobe
2012-06-26 19:54 . 2012-07-18 17:10        --------        d-----w-        c:\users\admin\AppData\Local\CrashDumps
2012-06-26 14:36 . 2012-07-18 22:07        --------        d-----w-        c:\users\***\AppData\Local\Adobe
2012-06-26 08:12 . 2012-06-26 08:12        --------        d-----w-        c:\users\***\AppData\Local\fontconfig
2012-06-26 08:12 . 2012-06-27 11:08        --------        d-----w-        c:\users\***\.gimp-2.8
2012-06-26 08:12 . 2012-06-26 08:12        --------        d-----w-        c:\users\***\AppData\Local\gegl-0.2
2012-06-26 08:11 . 2012-06-26 08:12        --------        d-----w-        c:\program files\GIMP 2
2012-06-23 22:17 . 2012-06-23 22:17        --------        d-----w-        c:\users\***\AppData\Local\Diagnostics
2012-06-21 18:31 . 2012-06-21 18:31        --------        d-----w-        c:\users\admin\AppData\Roaming\Apple Computer
2012-06-21 18:28 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-21 18:28 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll
2012-06-21 18:28 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-21 18:28 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-21 18:27 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll
2012-06-21 18:27 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-21 18:27 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-21 18:27 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-21 18:27 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-21 18:27 . 2012-06-24 08:59        --------        d-----w-        c:\users\admin\AppData\Roaming\wargaming.net
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 11:41 . 2012-06-12 19:55        59701280        ----a-w-        c:\windows\system32\MRT.exe
2012-06-12 20:10 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll
2012-06-12 20:10 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll
2012-06-10 20:04 . 2012-06-10 20:04        476960        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll
2012-06-10 20:04 . 2011-01-27 15:33        472864        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-06-10 11:16 . 2012-06-10 11:16        91648        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2012-06-10 11:16 . 2012-06-10 11:16        89088        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe
2012-06-10 11:16 . 2012-06-10 11:16        89088        ----a-w-        c:\windows\system32\ie4uinit.exe
2012-06-10 11:16 . 2012-06-10 11:16        86528        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2012-06-10 11:16 . 2012-06-10 11:16        85504        ----a-w-        c:\windows\system32\iesetup.dll
2012-06-10 11:16 . 2012-06-10 11:16        82432        ----a-w-        c:\windows\system32\icardie.dll
2012-06-10 11:16 . 2012-06-10 11:16        76800        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2012-06-10 11:16 . 2012-06-10 11:16        76800        ----a-w-        c:\windows\system32\tdc.ocx
2012-06-10 11:16 . 2012-06-10 11:16        74752        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-06-10 11:16 . 2012-06-10 11:16        74752        ----a-w-        c:\windows\SysWow64\iesetup.dll
2012-06-10 11:16 . 2012-06-10 11:16        697344        ----a-w-        c:\windows\system32\msfeeds.dll
2012-06-10 11:16 . 2012-06-10 11:16        65024        ----a-w-        c:\windows\system32\pngfilt.dll
2012-06-10 11:16 . 2012-06-10 11:16        63488        ----a-w-        c:\windows\SysWow64\tdc.ocx
2012-06-10 11:16 . 2012-06-10 11:16        603648        ----a-w-        c:\windows\system32\vbscript.dll
2012-06-10 11:16 . 2012-06-10 11:16        55296        ----a-w-        c:\windows\system32\msfeedsbs.dll
2012-06-10 11:16 . 2012-06-10 11:16        534528        ----a-w-        c:\windows\system32\ieapfltr.dll
2012-06-10 11:16 . 2012-06-10 11:16        49664        ----a-w-        c:\windows\system32\imgutil.dll
2012-06-10 11:16 . 2012-06-10 11:16        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2012-06-10 11:16 . 2012-06-10 11:16        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2012-06-10 11:16 . 2012-06-10 11:16        452608        ----a-w-        c:\windows\system32\dxtmsft.dll
2012-06-10 11:16 . 2012-06-10 11:16        448512        ----a-w-        c:\windows\system32\html.iec
2012-06-10 11:16 . 2012-06-10 11:16        420864        ----a-w-        c:\windows\SysWow64\vbscript.dll
2012-06-10 11:16 . 2012-06-10 11:16        403248        ----a-w-        c:\windows\system32\iedkcs32.dll
2012-06-10 11:16 . 2012-06-10 11:16        39936        ----a-w-        c:\windows\system32\iernonce.dll
2012-06-10 11:16 . 2012-06-10 11:16        3695416        ----a-w-        c:\windows\system32\ieapfltr.dat
2012-06-10 11:16 . 2012-06-10 11:16        367104        ----a-w-        c:\windows\SysWow64\html.iec
2012-06-10 11:16 . 2012-06-10 11:16        35840        ----a-w-        c:\windows\SysWow64\imgutil.dll
2012-06-10 11:16 . 2012-06-10 11:16        30720        ----a-w-        c:\windows\system32\licmgr10.dll
2012-06-10 11:16 . 2012-06-10 11:16        282112        ----a-w-        c:\windows\system32\dxtrans.dll
2012-06-10 11:16 . 2012-06-10 11:16        267776        ----a-w-        c:\windows\system32\ieaksie.dll
2012-06-10 11:16 . 2012-06-10 11:16        249344        ----a-w-        c:\windows\system32\webcheck.dll
2012-06-10 11:16 . 2012-06-10 11:16        23552        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2012-06-10 11:16 . 2012-06-10 11:16        222208        ----a-w-        c:\windows\system32\msls31.dll
2012-06-10 11:16 . 2012-06-10 11:16        197120        ----a-w-        c:\windows\system32\msrating.dll
2012-06-10 11:16 . 2012-06-10 11:16        165888        ----a-w-        c:\windows\system32\iexpress.exe
2012-06-10 11:16 . 2012-06-10 11:16        163840        ----a-w-        c:\windows\system32\ieakui.dll
2012-06-10 11:16 . 2012-06-10 11:16        161792        ----a-w-        c:\windows\SysWow64\msls31.dll
2012-06-10 11:16 . 2012-06-10 11:16        160256        ----a-w-        c:\windows\system32\wextract.exe
2012-06-10 11:16 . 2012-06-10 11:16        160256        ----a-w-        c:\windows\system32\ieakeng.dll
2012-06-10 11:16 . 2012-06-10 11:16        152064        ----a-w-        c:\windows\SysWow64\wextract.exe
2012-06-10 11:16 . 2012-06-10 11:16        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2012-06-10 11:16 . 2012-06-10 11:16        149504        ----a-w-        c:\windows\system32\occache.dll
2012-06-10 11:16 . 2012-06-10 11:16        145920        ----a-w-        c:\windows\system32\iepeers.dll
2012-06-10 11:16 . 2012-06-10 11:16        135168        ----a-w-        c:\windows\system32\IEAdvpack.dll
2012-06-10 11:16 . 2012-06-10 11:16        12288        ----a-w-        c:\windows\system32\mshta.exe
2012-06-10 11:16 . 2012-06-10 11:16        11776        ----a-w-        c:\windows\SysWow64\mshta.exe
2012-06-10 11:16 . 2012-06-10 11:16        114176        ----a-w-        c:\windows\system32\admparse.dll
2012-06-10 11:16 . 2012-06-10 11:16        111616        ----a-w-        c:\windows\system32\iesysprep.dll
2012-06-10 11:16 . 2012-06-10 11:16        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2012-06-10 11:16 . 2012-06-10 11:16        10752        ----a-w-        c:\windows\system32\msfeedssync.exe
2012-06-10 11:16 . 2012-06-10 11:16        103936        ----a-w-        c:\windows\system32\inseng.dll
2012-06-10 11:16 . 2012-06-10 11:16        101888        ----a-w-        c:\windows\SysWow64\admparse.dll
2012-06-09 18:52 . 2012-06-09 18:52        163048        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-31 10:25 . 2012-06-11 19:29        279656        ------w-        c:\windows\system32\MpSigStub.exe
2012-05-23 22:15 . 2010-06-24 10:33        19736        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-09 15:00 . 2012-06-14 18:41        13184        ----a-w-        c:\windows\system32\drivers\dvdfabio.sys
2012-05-09 15:00 . 2012-06-14 18:41        45952        ----a-w-        c:\windows\system32\drivers\vdrive.sys
2012-05-04 11:06 . 2012-06-12 19:32        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-12 19:32        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-12 19:32        3913072        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-12 19:31        209920        ----a-w-        c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-12 19:31        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-12 19:32        77312        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-12 19:32        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-12 19:32        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe
2012-04-25 10:11 . 2012-04-25 10:11        52736        ----a-w-        c:\windows\system32\drivers\usbaapl64.sys
2012-04-25 10:11 . 2012-04-25 10:11        4547944        ----a-w-        c:\windows\system32\usbaaplrc.dll
2012-04-24 05:37 . 2012-06-12 19:32        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-12 19:32        140288        ----a-w-        c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-12 19:32        1462272        ----a-w-        c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-12 19:32        1158656        ----a-w-        c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-12 19:32        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-12 19:32        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-11-22 2736128]
"DVDFab VDrive"="c:\program files\DVDFab Virtual Drive\vdrive.exe" [2012-05-09 412032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-30 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-25 75048]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-12-13 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 318520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"McAfeeUpdaterUI"="c:\program files (x86)\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-10-22 124240]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"!BingBar"="c:\program files (x86)\Microsoft\BingBar\7.1.361.0\MUExe\7.1.361.0\BingBarSetup-Partner.EXE" [2012-02-10 6191616]
"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"OTL"="c:\users\***\Desktop\OTL.exe" [2012-07-17 596480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-11-18 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/04/09 16:09;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-24 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 250056]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 113792]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-10-22 77104]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 dvdfabio;dvdfabio;c:\windows\system32\drivers\dvdfabio.sys [2012-05-09 13184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-12-31 203776]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-07 249672]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-11-03 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [2009-10-22 19720]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-10-22 79504]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-23 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-12-31 8281600]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-12-31 292864]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-10 31088]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-12-17 12256512]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-19 406632]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys [2012-05-09 45952]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 12:18        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-19 c:\windows\Tasks\HPCeeScheduleFor***.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32        2240000        ----a-w-        c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32        2240000        ----a-w-        c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32        2240000        ----a-w-        c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32        2240000        ----a-w-        c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32        2240000        ----a-w-        c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-17 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-17 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-17 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-02 524800]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 296960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.4.2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4} - c:\program files (x86)\InstallShield Installation Information\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-19  22:44:11
ComboFix-quarantined-files.txt  2012-07-19 20:44
.
Vor Suchlauf: 11 Verzeichnis(se), 644.715.601.920 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 644.567.224.320 Bytes frei
.
- - End Of File - - 4F2FCC46E365504A2113BDEABE9B7842
und hier Add-Remove Programs:

Code:
ActiveCheck component for HP Active Support Library
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Help Manager
Adobe Photoshop CS6
Adobe Reader 9.5.1 MUI
Adobe Shockwave Player 11.5
Adobe Widget Browser
Adobe® Content Viewer
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Bing Bar
Bing Bar Platform
bl
Blasterball 3
Bounce Symphony
Build-a-Lot - The Elizabethan Era
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
Chuzzle Deluxe
CyberLink DVD Suite
CyberLink PowerDVD 10
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
DivX-Setup
DVDFab 8.1.8.5 (24/05/2012) Qt
Energy Star Digital Logo
ESU for Microsoft Windows 7
Farm Frenzy
FATE
HP CloudDrive
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass 2011
HP Software Framework
HP Support Assistant
HPAsset component for HP Active Support Library
IDT Audio
Insaniquarium Deluxe
Intel(R) Display Audio Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 32
Jewel Quest II
Jewel Quest Solitaire
John Deere Drive Green
Junk Mail filter update
LabelPrint
LightScribe System Software
Magic Desktop
Malwarebytes Anti-Malware Version 1.62.0.1300
McAfee Agent
McAfee VirusScan Enterprise
Mesh Runtime
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Word MUI (German) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mobile Partner
MSVCRT
MSVCRT_amd64
PDF Settings CS6
Penguins!
ph
PictureMover
Plants vs. Zombies
Polar Bowler
Power2Go
PX Profile Update
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recovery Manager
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Skype™ 4.2
Slingo Deluxe
SpeedFan (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
Virtual Villagers - The Secret City
Wedding Dash
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Tanks
Zuma Deluxe

TorPedetor 21.07.2012 12:33
Hallo t'John, ich habe die ComboFix Log's oben gepostet.

Ist mein Laptop jetzt gereinigt? Oder fehlt noch was?

Kann ich jetzt meine CD-Emulatoren (dvdfab) wieder aktivieren? Einige meiner Spiele gehen nicht mehr... z.B. WOT. Liegt es daran?

Danke für deine Hilfe!

t'john 21.07.2012 17:33
TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.


Zitat:
Kann ich jetzt meine CD-Emulatoren (dvdfab) wieder aktivieren?
kannst du.

TorPedetor 21.07.2012 21:50
Danke, hier das Logfile von TDSSKiller

Code:
22:39:57.0101 3708        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
22:39:57.0600 3708        ============================================================
22:39:57.0600 3708        Current date / time: 2012/07/21 22:39:57.0600
22:39:57.0600 3708        SystemInfo:
22:39:57.0600 3708       
22:39:57.0600 3708        OS Version: 6.1.7601 ServicePack: 1.0
22:39:57.0600 3708        Product type: Workstation
22:39:57.0600 3708        ComputerName: ***-HP
22:39:57.0600 3708        UserName: admin
22:39:57.0600 3708        Windows directory: C:\Windows
22:39:57.0600 3708        System windows directory: C:\Windows
22:39:57.0600 3708        Running under WOW64
22:39:57.0600 3708        Processor architecture: Intel x64
22:39:57.0600 3708        Number of processors: 8
22:39:57.0600 3708        Page size: 0x1000
22:39:57.0600 3708        Boot type: Normal boot
22:39:57.0600 3708        ============================================================
22:39:57.0944 3708        Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:39:58.0287 3708        Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:39:58.0287 3708        ============================================================
22:39:58.0287 3708        \Device\Harddisk0\DR0:
22:39:58.0302 3708        MBR partitions:
22:39:58.0302 3708        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:39:58.0302 3708        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55445000
22:39:58.0302 3708        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x554A9000, BlocksNum 0x2069800
22:39:58.0302 3708        \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
22:39:58.0302 3708        \Device\Harddisk1\DR1:
22:39:58.0302 3708        MBR partitions:
22:39:58.0302 3708        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
22:39:58.0302 3708        ============================================================
22:39:58.0318 3708        C: <-> \Device\Harddisk0\DR0\Partition1
22:39:58.0334 3708        D: <-> \Device\Harddisk1\DR1\Partition0
22:39:58.0396 3708        E: <-> \Device\Harddisk0\DR0\Partition2
22:39:58.0396 3708        ============================================================
22:39:58.0396 3708        Initialize success
22:39:58.0396 3708        ============================================================
22:40:15.0696 7196        ============================================================
22:40:15.0696 7196        Scan started
22:40:15.0696 7196        Mode: Manual;
22:40:15.0696 7196        ============================================================
22:40:16.0102 7196        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:40:16.0118 7196        1394ohci - ok
22:40:16.0164 7196        Accelerometer  (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
22:40:16.0164 7196        Accelerometer - ok
22:40:16.0211 7196        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:40:16.0227 7196        ACPI - ok
22:40:16.0242 7196        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:40:16.0242 7196        AcpiPmi - ok
22:40:16.0367 7196        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:40:16.0383 7196        AdobeFlashPlayerUpdateSvc - ok
22:40:16.0461 7196        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:40:16.0476 7196        adp94xx - ok
22:40:16.0539 7196        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:40:16.0539 7196        adpahci - ok
22:40:16.0570 7196        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:40:16.0570 7196        adpu320 - ok
22:40:16.0601 7196        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:40:16.0617 7196        AeLookupSvc - ok
22:40:16.0679 7196        AESTFilters    (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
22:40:16.0679 7196        AESTFilters - ok
22:40:16.0773 7196        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:40:16.0773 7196        AFD - ok
22:40:16.0820 7196        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:40:16.0835 7196        agp440 - ok
22:40:16.0866 7196        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:40:16.0866 7196        ALG - ok
22:40:16.0913 7196        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:40:16.0913 7196        aliide - ok
22:40:16.0960 7196        AMD External Events Utility (263570714ac4cf41208e647c77bd2a63) C:\Windows\system32\atiesrxx.exe
22:40:16.0976 7196        AMD External Events Utility - ok
22:40:16.0991 7196        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:40:16.0991 7196        amdide - ok
22:40:17.0038 7196        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:40:17.0038 7196        AmdK8 - ok
22:40:17.0444 7196        amdkmdag        (0eeafb005d334910bb0aee1941351b1e) C:\Windows\system32\DRIVERS\atikmdag.sys
22:40:17.0600 7196        amdkmdag - ok
22:40:17.0740 7196        amdkmdap        (65f58cfb0bfdcebeae0164bb037545a8) C:\Windows\system32\DRIVERS\atikmpag.sys
22:40:17.0756 7196        amdkmdap - ok
22:40:17.0787 7196        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:40:17.0787 7196        AmdPPM - ok
22:40:17.0834 7196        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:40:17.0849 7196        amdsata - ok
22:40:17.0880 7196        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:40:17.0880 7196        amdsbs - ok
22:40:17.0912 7196        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:40:17.0912 7196        amdxata - ok
22:40:17.0958 7196        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:40:17.0958 7196        AppID - ok
22:40:17.0990 7196        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:40:17.0990 7196        AppIDSvc - ok
22:40:18.0036 7196        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:40:18.0036 7196        Appinfo - ok
22:40:18.0130 7196        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:40:18.0130 7196        Apple Mobile Device - ok
22:40:18.0208 7196        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:40:18.0208 7196        arc - ok
22:40:18.0224 7196        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:40:18.0224 7196        arcsas - ok
22:40:18.0239 7196        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:18.0255 7196        AsyncMac - ok
22:40:18.0286 7196        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:40:18.0286 7196        atapi - ok
22:40:18.0395 7196        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:40:18.0411 7196        AudioEndpointBuilder - ok
22:40:18.0426 7196        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:40:18.0442 7196        AudioSrv - ok
22:40:18.0489 7196        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:40:18.0489 7196        AxInstSV - ok
22:40:18.0567 7196        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:40:18.0582 7196        b06bdrv - ok
22:40:18.0614 7196        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:40:18.0629 7196        b57nd60a - ok
22:40:18.0832 7196        BCM43XX        (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:40:18.0879 7196        BCM43XX - ok
22:40:19.0004 7196        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:40:19.0004 7196        BDESVC - ok
22:40:19.0066 7196        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:40:19.0066 7196        Beep - ok
22:40:19.0175 7196        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:40:19.0191 7196        BFE - ok
22:40:19.0284 7196        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
22:40:19.0300 7196        BITS - ok
22:40:19.0362 7196        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:40:19.0362 7196        blbdrive - ok
22:40:19.0472 7196        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:40:19.0487 7196        Bonjour Service - ok
22:40:19.0534 7196        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:40:19.0534 7196        bowser - ok
22:40:19.0565 7196        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:40:19.0581 7196        BrFiltLo - ok
22:40:19.0596 7196        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:40:19.0596 7196        BrFiltUp - ok
22:40:19.0659 7196        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:40:19.0659 7196        BridgeMP - ok
22:40:19.0721 7196        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:40:19.0721 7196        Browser - ok
22:40:19.0752 7196        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:40:19.0768 7196        Brserid - ok
22:40:19.0799 7196        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:40:19.0799 7196        BrSerWdm - ok
22:40:19.0815 7196        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:40:19.0815 7196        BrUsbMdm - ok
22:40:19.0862 7196        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:40:19.0862 7196        BrUsbSer - ok
22:40:19.0908 7196        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
22:40:19.0908 7196        BthEnum - ok
22:40:19.0924 7196        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:40:19.0924 7196        BTHMODEM - ok
22:40:19.0971 7196        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:40:19.0971 7196        BthPan - ok
22:40:20.0018 7196        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
22:40:20.0033 7196        BTHPORT - ok
22:40:20.0064 7196        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:40:20.0064 7196        bthserv - ok
22:40:20.0096 7196        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
22:40:20.0096 7196        BTHUSB - ok
22:40:20.0158 7196        btwampfl        (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
22:40:20.0174 7196        btwampfl - ok
22:40:20.0189 7196        btwaudio        (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
22:40:20.0189 7196        btwaudio - ok
22:40:20.0220 7196        btwavdt        (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys
22:40:20.0236 7196        btwavdt - ok
22:40:20.0345 7196        btwdins        (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:40:20.0361 7196        btwdins - ok
22:40:20.0392 7196        btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
22:40:20.0392 7196        btwl2cap - ok
22:40:20.0408 7196        btwrchid        (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
22:40:20.0408 7196        btwrchid - ok
22:40:20.0454 7196        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:40:20.0454 7196        cdfs - ok
22:40:20.0517 7196        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:40:20.0517 7196        cdrom - ok
22:40:20.0564 7196        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:40:20.0564 7196        CertPropSvc - ok
22:40:20.0626 7196        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:40:20.0626 7196        circlass - ok
22:40:20.0704 7196        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:40:20.0720 7196        CLFS - ok
22:40:20.0844 7196        CLKMSVC10_38F51D56 (524dc3807cb1746225f9d26add19c319) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
22:40:20.0844 7196        CLKMSVC10_38F51D56 - ok
22:40:20.0922 7196        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:20.0922 7196        clr_optimization_v2.0.50727_32 - ok
22:40:20.0969 7196        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:40:20.0969 7196        clr_optimization_v2.0.50727_64 - ok
22:40:21.0032 7196        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:21.0032 7196        clr_optimization_v4.0.30319_32 - ok
22:40:21.0078 7196        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:40:21.0094 7196        clr_optimization_v4.0.30319_64 - ok
22:40:21.0203 7196        clwvd          (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
22:40:21.0203 7196        clwvd - ok
22:40:21.0234 7196        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:21.0234 7196        CmBatt - ok
22:40:21.0266 7196        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:40:21.0266 7196        cmdide - ok
22:40:21.0344 7196        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:40:21.0344 7196        CNG - ok
22:40:21.0390 7196        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:40:21.0390 7196        Compbatt - ok
22:40:21.0437 7196        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:40:21.0453 7196        CompositeBus - ok
22:40:21.0453 7196        COMSysApp - ok
22:40:21.0484 7196        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:40:21.0484 7196        crcdisk - ok
22:40:21.0546 7196        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:40:21.0546 7196        CryptSvc - ok
22:40:21.0609 7196        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:40:21.0624 7196        DcomLaunch - ok
22:40:21.0671 7196        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:40:21.0671 7196        defragsvc - ok
22:40:21.0718 7196        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:40:21.0718 7196        DfsC - ok
22:40:21.0796 7196        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:40:21.0796 7196        Dhcp - ok
22:40:21.0827 7196        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:40:21.0827 7196        discache - ok
22:40:21.0858 7196        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:40:21.0858 7196        Disk - ok
22:40:21.0905 7196        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:40:21.0905 7196        Dnscache - ok
22:40:21.0952 7196        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:40:21.0968 7196        dot3svc - ok
22:40:21.0999 7196        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:40:21.0999 7196        DPS - ok
22:40:22.0046 7196        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:40:22.0046 7196        drmkaud - ok
22:40:22.0092 7196        dvdfabio        (4b42f9dcfa4e72c51578262fd721ce99) C:\Windows\system32\drivers\dvdfabio.sys
22:40:22.0092 7196        dvdfabio - ok
22:40:22.0217 7196        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:40:22.0233 7196        DXGKrnl - ok
22:40:22.0264 7196        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:40:22.0280 7196        EapHost - ok
22:40:22.0576 7196        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:40:22.0607 7196        ebdrv - ok
22:40:22.0732 7196        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:40:22.0732 7196        EFS - ok
22:40:22.0857 7196        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:40:22.0872 7196        ehRecvr - ok
22:40:22.0904 7196        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:40:22.0904 7196        ehSched - ok
22:40:23.0013 7196        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:40:23.0028 7196        elxstor - ok
22:40:23.0044 7196        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:40:23.0044 7196        ErrDev - ok
22:40:23.0138 7196        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:40:23.0153 7196        EventSystem - ok
22:40:23.0216 7196        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:40:23.0216 7196        exfat - ok
22:40:23.0231 7196        ezSharedSvc - ok
22:40:23.0262 7196        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:40:23.0278 7196        fastfat - ok
22:40:23.0372 7196        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:40:23.0387 7196        Fax - ok
22:40:23.0418 7196        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:40:23.0418 7196        fdc - ok
22:40:23.0465 7196        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:40:23.0465 7196        fdPHost - ok
22:40:23.0496 7196        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:40:23.0496 7196        FDResPub - ok
22:40:23.0528 7196        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:40:23.0528 7196        FileInfo - ok
22:40:23.0543 7196        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:40:23.0543 7196        Filetrace - ok
22:40:23.0574 7196        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:23.0574 7196        flpydisk - ok
22:40:23.0637 7196        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:40:23.0637 7196        FltMgr - ok
22:40:23.0762 7196        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:40:23.0777 7196        FontCache - ok
22:40:23.0855 7196        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:40:23.0855 7196        FontCache3.0.0.0 - ok
22:40:23.0964 7196        FPLService      (cdc54db949d1e2bbf86b0c7ab86b912e) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
22:40:23.0964 7196        FPLService - ok
22:40:24.0074 7196        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:40:24.0089 7196        FsDepends - ok
22:40:24.0120 7196        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:40:24.0120 7196        Fs_Rec - ok
22:40:24.0183 7196        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:40:24.0183 7196        fvevol - ok
22:40:24.0230 7196        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:40:24.0230 7196        gagp30kx - ok
22:40:24.0323 7196        GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
22:40:24.0323 7196        GameConsoleService - ok
22:40:24.0370 7196        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:40:24.0370 7196        GEARAspiWDM - ok
22:40:24.0495 7196        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:40:24.0510 7196        gpsvc - ok
22:40:24.0542 7196        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:40:24.0542 7196        hcw85cir - ok
22:40:24.0620 7196        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:40:24.0635 7196        HdAudAddService - ok
22:40:24.0666 7196        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:40:24.0666 7196        HDAudBus - ok
22:40:24.0698 7196        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:40:24.0698 7196        HidBatt - ok
22:40:24.0729 7196        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:40:24.0729 7196        HidBth - ok
22:40:24.0776 7196        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:40:24.0776 7196        HidIr - ok
22:40:24.0807 7196        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
22:40:24.0807 7196        hidserv - ok
22:40:24.0854 7196        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:40:24.0854 7196        HidUsb - ok
22:40:24.0900 7196        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:40:24.0900 7196        hkmsvc - ok
22:40:24.0963 7196        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:40:24.0963 7196        HomeGroupListener - ok
22:40:25.0010 7196        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:40:25.0025 7196        HomeGroupProvider - ok
22:40:25.0134 7196        HP Health Check Service (7a24ad37416b91e4b5e5b46bd25c075f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:40:25.0134 7196        HP Health Check Service - ok
22:40:25.0181 7196        HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
22:40:25.0181 7196        HP Wireless Assistant Service - ok
22:40:25.0212 7196        HPClientSvc    (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
22:40:25.0228 7196        HPClientSvc - ok
22:40:25.0290 7196        HPDrvMntSvc.exe (2a047e7e0f1018e3134a4065636f2025) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
22:40:25.0290 7196        HPDrvMntSvc.exe - ok
22:40:25.0322 7196        hpdskflt        (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
22:40:25.0322 7196        hpdskflt - ok
22:40:25.0415 7196        hpqwmiex        (59cb6a1ca093edc2881598a45518857d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
22:40:25.0431 7196        hpqwmiex - ok
22:40:25.0478 7196        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:40:25.0478 7196        HpSAMD - ok
22:40:25.0524 7196        hpsrv          (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
22:40:25.0524 7196        hpsrv - ok
22:40:25.0571 7196        HPWMISVC        (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
22:40:25.0571 7196        HPWMISVC - ok
22:40:25.0680 7196        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:40:25.0696 7196        HTTP - ok
22:40:25.0743 7196        hwdatacard      (d96a290f699081ae737390c0fe329d7c) C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:40:25.0743 7196        hwdatacard - ok
22:40:25.0774 7196        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:40:25.0774 7196        hwpolicy - ok
22:40:25.0805 7196        hwusbdev        (e0c7255498640fc64b19aae17fd6f965) C:\Windows\system32\DRIVERS\ewusbdev.sys
22:40:25.0805 7196        hwusbdev - ok
22:40:25.0868 7196        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:40:25.0883 7196        i8042prt - ok
22:40:25.0930 7196        iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
22:40:25.0930 7196        iaStor - ok
22:40:26.0024 7196        IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:40:26.0024 7196        IAStorDataMgrSvc - ok
22:40:26.0102 7196        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:40:26.0117 7196        iaStorV - ok
22:40:26.0242 7196        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:40:26.0258 7196        idsvc - ok
22:40:27.0287 7196        igfx            (8cb8667f5a3b5515f2585f3254f3aaf7) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:40:27.0521 7196        igfx - ok
22:40:27.0646 7196        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:40:27.0646 7196        iirsp - ok
22:40:27.0755 7196        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:40:27.0771 7196        IKEEXT - ok
22:40:27.0849 7196        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:40:27.0849 7196        IntcDAud - ok
22:40:27.0911 7196        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:40:27.0911 7196        intelide - ok
22:40:28.0410 7196        intelkmd        (8cb8667f5a3b5515f2585f3254f3aaf7) C:\Windows\system32\DRIVERS\igdpmd64.sys
22:40:28.0644 7196        intelkmd - ok
22:40:28.0769 7196        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:40:28.0769 7196        intelppm - ok
22:40:28.0800 7196        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:40:28.0816 7196        IPBusEnum - ok
22:40:28.0863 7196        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:28.0863 7196        IpFilterDriver - ok
22:40:28.0941 7196        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:40:28.0956 7196        iphlpsvc - ok
22:40:28.0988 7196        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:40:28.0988 7196        IPMIDRV - ok
22:40:29.0034 7196        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:40:29.0034 7196        IPNAT - ok
22:40:29.0190 7196        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:40:29.0206 7196        iPod Service - ok
22:40:29.0237 7196        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:40:29.0237 7196        IRENUM - ok
22:40:29.0284 7196        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:40:29.0284 7196        isapnp - ok
22:40:29.0331 7196        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:40:29.0331 7196        iScsiPrt - ok
22:40:29.0378 7196        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:40:29.0378 7196        kbdclass - ok
22:40:29.0409 7196        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:40:29.0409 7196        kbdhid - ok
22:40:29.0440 7196        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:40:29.0440 7196        KeyIso - ok
22:40:29.0471 7196        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:40:29.0471 7196        KSecDD - ok
22:40:29.0518 7196        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:40:29.0518 7196        KSecPkg - ok
22:40:29.0549 7196        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:40:29.0549 7196        ksthunk - ok
22:40:29.0612 7196        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:40:29.0612 7196        KtmRm - ok
22:40:29.0674 7196        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
22:40:29.0674 7196        LanmanServer - ok
22:40:29.0736 7196        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:40:29.0752 7196        LanmanWorkstation - ok
22:40:29.0830 7196        LightScribeService (fa4a45c179ab0e0f1a31b9751d4b18d7) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:40:29.0830 7196        LightScribeService - ok
22:40:29.0861 7196        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:40:29.0861 7196        lltdio - ok
22:40:29.0924 7196        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:40:29.0924 7196        lltdsvc - ok
22:40:29.0955 7196        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:40:29.0970 7196        lmhosts - ok
22:40:30.0048 7196        LMS            (c463a25f01c6237295917417c5e9e344) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:40:30.0048 7196        LMS - ok
22:40:30.0095 7196        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:40:30.0095 7196        LSI_FC - ok
22:40:30.0126 7196        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:40:30.0126 7196        LSI_SAS - ok
22:40:30.0158 7196        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:40:30.0158 7196        LSI_SAS2 - ok
22:40:30.0173 7196        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:40:30.0173 7196        LSI_SCSI - ok
22:40:30.0204 7196        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:40:30.0204 7196        luafv - ok
22:40:30.0251 7196        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
22:40:30.0251 7196        MBAMProtector - ok
22:40:30.0376 7196        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:40:30.0376 7196        MBAMService - ok
22:40:30.0470 7196        McAfeeEngineService (639da8f468552785e15f0f2fd8db44b3) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
22:40:30.0470 7196        McAfeeEngineService - ok
22:40:30.0532 7196        McAfeeFramework (1b963d79740b187795407cd03e2f7b4d) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
22:40:30.0548 7196        McAfeeFramework - ok
22:40:30.0610 7196        McShield        (4e09d8c4c861348a7f1c12a5aa9c4de7) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
22:40:30.0610 7196        McShield - ok
22:40:30.0641 7196        McTaskManager  (3774aad155f31d58d932861d0a4fd641) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
22:40:30.0641 7196        McTaskManager - ok
22:40:30.0704 7196        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:40:30.0704 7196        Mcx2Svc - ok
22:40:30.0735 7196        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:40:30.0735 7196        megasas - ok
22:40:30.0782 7196        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:40:30.0797 7196        MegaSR - ok
22:40:30.0828 7196        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
22:40:30.0828 7196        MEIx64 - ok
22:40:30.0875 7196        mfeapfk        (e2d642a38a8dc4722f859092f731b6a3) C:\Windows\system32\drivers\mfeapfk.sys
22:40:30.0875 7196        mfeapfk - ok
22:40:30.0891 7196        mfeavfk        (ae23ed41216e160f54e5ef1a5ee325f7) C:\Windows\system32\drivers\mfeavfk.sys
22:40:30.0891 7196        mfeavfk - ok
22:40:30.0953 7196        mfehidk        (bc76bc7129b2206098ac220b656f15b7) C:\Windows\system32\drivers\mfehidk.sys
22:40:30.0953 7196        mfehidk - ok
22:40:30.0984 7196        mferkdet        (c7c15d125aa697be97087d197c9fad08) C:\Windows\system32\drivers\mferkdet.sys
22:40:30.0984 7196        mferkdet - ok
22:40:31.0016 7196        mfetdik        (41ca4c4292004486d004d357b9c19718) C:\Windows\system32\drivers\mfetdik.sys
22:40:31.0016 7196        mfetdik - ok
22:40:31.0047 7196        mfevtp          (c39855495e82ec6b02e6190c34a1b752) C:\Windows\system32\mfevtps.exe
22:40:31.0062 7196        mfevtp - ok
22:40:31.0140 7196        Microsoft SharePoint Workspace Audit Service - ok
22:40:31.0187 7196        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:40:31.0187 7196        MMCSS - ok
22:40:31.0234 7196        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:40:31.0234 7196        Modem - ok
22:40:31.0265 7196        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:40:31.0265 7196        monitor - ok
22:40:31.0328 7196        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:40:31.0328 7196        mouclass - ok
22:40:31.0359 7196        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:40:31.0359 7196        mouhid - ok
22:40:31.0421 7196        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:40:31.0421 7196        mountmgr - ok
22:40:31.0452 7196        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:40:31.0452 7196        mpio - ok
22:40:31.0484 7196        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:40:31.0484 7196        mpsdrv - ok
22:40:31.0577 7196        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:40:31.0593 7196        MpsSvc - ok
22:40:31.0624 7196        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:40:31.0624 7196        MRxDAV - ok
22:40:31.0671 7196        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:31.0686 7196        mrxsmb - ok
22:40:31.0718 7196        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:31.0718 7196        mrxsmb10 - ok
22:40:31.0749 7196        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:31.0764 7196        mrxsmb20 - ok
22:40:31.0796 7196        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:40:31.0796 7196        msahci - ok
22:40:31.0842 7196        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:40:31.0842 7196        msdsm - ok
22:40:31.0889 7196        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:40:31.0889 7196        MSDTC - ok
22:40:31.0936 7196        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:40:31.0936 7196        Msfs - ok
22:40:31.0967 7196        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:40:31.0967 7196        mshidkmdf - ok
22:40:31.0983 7196        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:40:31.0983 7196        msisadrv - ok
22:40:32.0030 7196        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:40:32.0030 7196        MSiSCSI - ok
22:40:32.0045 7196        msiserver - ok
22:40:32.0092 7196        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:40:32.0092 7196        MSKSSRV - ok
22:40:32.0123 7196        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:32.0123 7196        MSPCLOCK - ok
22:40:32.0123 7196        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:40:32.0139 7196        MSPQM - ok
22:40:32.0186 7196        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:40:32.0186 7196        MsRPC - ok
22:40:32.0217 7196        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:40:32.0217 7196        mssmbios - ok
22:40:32.0248 7196        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:40:32.0248 7196        MSTEE - ok
22:40:32.0264 7196        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:40:32.0279 7196        MTConfig - ok
22:40:32.0295 7196        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:40:32.0295 7196        Mup - ok
22:40:32.0342 7196        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:40:32.0357 7196        napagent - ok
22:40:32.0420 7196        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:40:32.0435 7196        NativeWifiP - ok
22:40:32.0560 7196        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:40:32.0576 7196        NDIS - ok
22:40:32.0607 7196        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:32.0607 7196        NdisCap - ok
22:40:32.0638 7196        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:32.0638 7196        NdisTapi - ok
22:40:32.0716 7196        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:32.0716 7196        Ndisuio - ok
22:40:32.0763 7196        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:32.0763 7196        NdisWan - ok
22:40:32.0810 7196        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:40:32.0825 7196        NDProxy - ok
22:40:32.0856 7196        Netaapl        (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
22:40:32.0856 7196        Netaapl - ok
22:40:32.0903 7196        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:40:32.0903 7196        NetBIOS - ok
22:40:32.0950 7196        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:40:32.0966 7196        NetBT - ok
22:40:32.0997 7196        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:40:32.0997 7196        Netlogon - ok
22:40:33.0059 7196        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:40:33.0075 7196        Netman - ok
22:40:33.0122 7196        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:40:33.0122 7196        netprofm - ok
22:40:33.0200 7196        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:40:33.0200 7196        NetTcpPortSharing - ok
22:40:33.0480 7196        netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
22:40:33.0605 7196        netw5v64 - ok
22:40:33.0714 7196        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:40:33.0730 7196        nfrd960 - ok
22:40:33.0792 7196        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:40:33.0808 7196        NlaSvc - ok
22:40:33.0824 7196        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:40:33.0824 7196        Npfs - ok
22:40:33.0855 7196        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:40:33.0855 7196        nsi - ok
22:40:33.0870 7196        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:40:33.0870 7196        nsiproxy - ok
22:40:34.0058 7196        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:40:34.0073 7196        Ntfs - ok
22:40:34.0198 7196        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:40:34.0198 7196        Null - ok
22:40:34.0245 7196        nusb3hub        (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
22:40:34.0245 7196        nusb3hub - ok
22:40:34.0276 7196        nusb3xhc        (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:40:34.0292 7196        nusb3xhc - ok
22:40:34.0338 7196        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:40:34.0338 7196        nvraid - ok
22:40:34.0370 7196        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:40:34.0370 7196        nvstor - ok
22:40:34.0416 7196        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:40:34.0416 7196        nv_agp - ok
22:40:34.0448 7196        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:40:34.0448 7196        ohci1394 - ok
22:40:34.0557 7196        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:40:34.0557 7196        ose - ok
22:40:34.0931 7196        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:40:34.0994 7196        osppsvc - ok
22:40:35.0134 7196        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:40:35.0134 7196        p2pimsvc - ok
22:40:35.0181 7196        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:40:35.0181 7196        p2psvc - ok
22:40:35.0228 7196        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:40:35.0228 7196        Parport - ok
22:40:35.0274 7196        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:40:35.0274 7196        partmgr - ok
22:40:35.0321 7196        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:40:35.0321 7196        PcaSvc - ok
22:40:35.0368 7196        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:40:35.0368 7196        pci - ok
22:40:35.0399 7196        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:40:35.0399 7196        pciide - ok
22:40:35.0446 7196        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:40:35.0446 7196        pcmcia - ok
22:40:35.0477 7196        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:40:35.0477 7196        pcw - ok
22:40:35.0540 7196        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:40:35.0555 7196        PEAUTH - ok
22:40:35.0664 7196        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:40:35.0664 7196        PerfHost - ok
22:40:35.0820 7196        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:40:35.0852 7196        pla - ok
22:40:35.0945 7196        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:40:35.0961 7196        PlugPlay - ok
22:40:35.0992 7196        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:40:35.0992 7196        PNRPAutoReg - ok
22:40:36.0039 7196        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:40:36.0054 7196        PNRPsvc - ok
22:40:36.0117 7196        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:40:36.0132 7196        PolicyAgent - ok
22:40:36.0179 7196        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:40:36.0179 7196        Power - ok
22:40:36.0273 7196        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:40:36.0273 7196        PptpMiniport - ok
22:40:36.0304 7196        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:40:36.0304 7196        Processor - ok
22:40:36.0351 7196        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:40:36.0351 7196        ProfSvc - ok
22:40:36.0382 7196        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:40:36.0382 7196        ProtectedStorage - ok
22:40:36.0444 7196        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:40:36.0444 7196        Psched - ok
22:40:36.0491 7196        PxHlpa64        (bc08f7f3c53cbee68670ed1314e290fd) C:\Windows\system32\Drivers\PxHlpa64.sys
22:40:36.0491 7196        PxHlpa64 - ok
22:40:36.0647 7196        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:40:36.0678 7196        ql2300 - ok
22:40:36.0834 7196        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:36.0834 7196        ql40xx - ok
22:40:36.0881 7196        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:40:36.0897 7196        QWAVE - ok
22:40:36.0912 7196        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:40:36.0912 7196        QWAVEdrv - ok
22:40:36.0928 7196        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:40:36.0944 7196        RasAcd - ok
22:40:36.0990 7196        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:36.0990 7196        RasAgileVpn - ok
22:40:37.0037 7196        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:40:37.0037 7196        RasAuto - ok
22:40:37.0084 7196        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:37.0084 7196        Rasl2tp - ok
22:40:37.0162 7196        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:40:37.0162 7196        RasMan - ok
22:40:37.0209 7196        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:37.0209 7196        RasPppoe - ok
22:40:37.0224 7196        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:40:37.0224 7196        RasSstp - ok
22:40:37.0287 7196        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:40:37.0287 7196        rdbss - ok
22:40:37.0318 7196        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:37.0318 7196        rdpbus - ok
22:40:37.0349 7196        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:37.0349 7196        RDPCDD - ok
22:40:37.0349 7196        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:40:37.0349 7196        RDPENCDD - ok
22:40:37.0365 7196        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:40:37.0380 7196        RDPREFMP - ok
22:40:37.0412 7196        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:40:37.0427 7196        RDPWD - ok
22:40:37.0490 7196        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:40:37.0490 7196        rdyboost - ok
22:40:37.0521 7196        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:40:37.0521 7196        RemoteAccess - ok
22:40:37.0583 7196        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:40:37.0583 7196        RemoteRegistry - ok
22:40:37.0630 7196        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:40:37.0630 7196        RFCOMM - ok
22:40:37.0661 7196        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:40:37.0661 7196        RpcEptMapper - ok
22:40:37.0677 7196        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:40:37.0692 7196        RpcLocator - ok
22:40:37.0755 7196        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:40:37.0770 7196        RpcSs - ok
22:40:37.0833 7196        RSPCIESTOR      (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
22:40:37.0833 7196        RSPCIESTOR - ok
22:40:37.0880 7196        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:40:37.0880 7196        rspndr - ok
22:40:37.0942 7196        RTL8167        (5d6a444bd37b52ff846387c87dcdf98a) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:40:37.0942 7196        RTL8167 - ok
22:40:37.0973 7196        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:40:37.0973 7196        SamSs - ok
22:40:38.0004 7196        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:40:38.0004 7196        sbp2port - ok
22:40:38.0051 7196        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:40:38.0051 7196        SCardSvr - ok
22:40:38.0098 7196        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:40:38.0098 7196        scfilter - ok
22:40:38.0192 7196        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:40:38.0207 7196        Schedule - ok
22:40:38.0238 7196        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:40:38.0254 7196        SCPolicySvc - ok
22:40:38.0285 7196        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
22:40:38.0301 7196        sdbus - ok
22:40:38.0332 7196        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:40:38.0348 7196        SDRSVC - ok
22:40:38.0426 7196        SeaPort        (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:40:38.0426 7196        SeaPort - ok
22:40:38.0457 7196        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:40:38.0457 7196        secdrv - ok
22:40:38.0504 7196        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:40:38.0504 7196        seclogon - ok
22:40:38.0550 7196        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
22:40:38.0550 7196        SENS - ok
22:40:38.0566 7196        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:40:38.0566 7196        SensrSvc - ok
22:40:38.0597 7196        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:40:38.0597 7196        Serenum - ok
22:40:38.0644 7196        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:40:38.0644 7196        Serial - ok
22:40:38.0691 7196        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:40:38.0691 7196        sermouse - ok
22:40:38.0753 7196        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:40:38.0753 7196        SessionEnv - ok
22:40:38.0784 7196        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:40:38.0784 7196        sffdisk - ok
22:40:38.0816 7196        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:40:38.0816 7196        sffp_mmc - ok
22:40:38.0816 7196        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:40:38.0816 7196        sffp_sd - ok
22:40:38.0862 7196        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:38.0862 7196        sfloppy - ok
22:40:38.0925 7196        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:40:38.0925 7196        SharedAccess - ok
22:40:38.0987 7196        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:40:39.0003 7196        ShellHWDetection - ok
22:40:39.0050 7196        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:39.0050 7196        SiSRaid2 - ok
22:40:39.0081 7196        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:39.0081 7196        SiSRaid4 - ok
22:40:39.0096 7196        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:40:39.0096 7196        Smb - ok
22:40:39.0143 7196        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:40:39.0143 7196        SNMPTRAP - ok
22:40:39.0268 7196        speedfan        (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
22:40:39.0284 7196        speedfan - ok
22:40:39.0299 7196        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:40:39.0299 7196        spldr - ok
22:40:39.0362 7196        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:40:39.0377 7196        Spooler - ok
22:40:39.0564 7196        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:40:39.0596 7196        sppsvc - ok
22:40:39.0720 7196        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:40:39.0720 7196        sppuinotify - ok
22:40:39.0798 7196        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:40:39.0814 7196        srv - ok
22:40:39.0876 7196        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:40:39.0892 7196        srv2 - ok
22:40:39.0939 7196        SrvHsfHDA      (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:40:39.0954 7196        SrvHsfHDA - ok
22:40:40.0095 7196        SrvHsfV92      (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:40:40.0126 7196        SrvHsfV92 - ok
22:40:40.0298 7196        SrvHsfWinac    (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:40:40.0313 7196        SrvHsfWinac - ok
22:40:40.0376 7196        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:40:40.0376 7196        srvnet - ok
22:40:40.0438 7196        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:40:40.0438 7196        SSDPSRV - ok
22:40:40.0469 7196        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:40:40.0469 7196        SstpSvc - ok
22:40:40.0547 7196        STacSV          (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe
22:40:40.0547 7196        STacSV - ok
22:40:40.0578 7196        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:40:40.0578 7196        stexstor - ok
22:40:40.0641 7196        STHDA          (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
22:40:40.0641 7196        STHDA - ok
22:40:40.0703 7196        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:40:40.0719 7196        stisvc - ok
22:40:40.0750 7196        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:40:40.0750 7196        swenum - ok
22:40:40.0906 7196        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:40:40.0922 7196        SwitchBoard - ok
22:40:40.0984 7196        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:40:41.0000 7196        swprv - ok
22:40:41.0078 7196        SynTP          (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
22:40:41.0078 7196        SynTP - ok
22:40:41.0249 7196        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:40:41.0280 7196        SysMain - ok
22:40:41.0374 7196        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:40:41.0390 7196        TabletInputService - ok
22:40:41.0421 7196        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:40:41.0436 7196        TapiSrv - ok
22:40:41.0468 7196        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:40:41.0468 7196        TBS - ok
22:40:41.0624 7196        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:40:41.0655 7196        Tcpip - ok
22:40:41.0951 7196        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:40:41.0982 7196        TCPIP6 - ok
22:40:42.0107 7196        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:40:42.0107 7196        tcpipreg - ok
22:40:42.0138 7196        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:40:42.0154 7196        TDPIPE - ok
22:40:42.0185 7196        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:40:42.0185 7196        TDTCP - ok
22:40:42.0248 7196        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:40:42.0248 7196        tdx - ok
22:40:42.0279 7196        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:40:42.0279 7196        TermDD - ok
22:40:42.0357 7196        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:40:42.0372 7196        TermService - ok
22:40:42.0404 7196        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:40:42.0404 7196        Themes - ok
22:40:42.0435 7196        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:40:42.0435 7196        THREADORDER - ok
22:40:42.0466 7196        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:40:42.0466 7196        TrkWks - ok
22:40:42.0544 7196        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:40:42.0560 7196        TrustedInstaller - ok
22:40:42.0591 7196        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:42.0606 7196        tssecsrv - ok
22:40:42.0653 7196        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:40:42.0653 7196        TsUsbFlt - ok
22:40:42.0700 7196        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:40:42.0716 7196        tunnel - ok
22:40:42.0747 7196        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:40:42.0747 7196        uagp35 - ok
22:40:42.0809 7196        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:40:42.0809 7196        udfs - ok
22:40:42.0856 7196        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:40:42.0856 7196        UI0Detect - ok
22:40:42.0903 7196        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:40:42.0903 7196        uliagpkx - ok
22:40:42.0950 7196        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:40:42.0950 7196        umbus - ok
22:40:42.0996 7196        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:40:42.0996 7196        UmPass - ok
22:40:43.0308 7196        UNS            (3a1ecef8d49fc1a786a6ccd5a86a8878) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:43.0324 7196        UNS - ok
22:40:43.0480 7196        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:40:43.0480 7196        upnphost - ok
22:40:43.0542 7196        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:40:43.0542 7196        USBAAPL64 - ok
22:40:43.0589 7196        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:43.0589 7196        usbccgp - ok
22:40:43.0636 7196        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:40:43.0636 7196        usbcir - ok
22:40:43.0667 7196        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:40:43.0667 7196        usbehci - ok
22:40:43.0714 7196        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:40:43.0730 7196        usbhub - ok
22:40:43.0745 7196        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:40:43.0745 7196        usbohci - ok
22:40:43.0792 7196        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:40:43.0792 7196        usbprint - ok
22:40:43.0823 7196        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:43.0823 7196        USBSTOR - ok
22:40:43.0854 7196        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:40:43.0854 7196        usbuhci - ok
22:40:43.0901 7196        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:40:43.0917 7196        usbvideo - ok
22:40:43.0948 7196        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:40:43.0948 7196        UxSms - ok
22:40:43.0979 7196        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:40:43.0979 7196        VaultSvc - ok
22:40:44.0026 7196        vdrive          (c4c2644516e569f98ffe362c22c4011c) C:\Windows\system32\DRIVERS\vdrive.sys
22:40:44.0026 7196        vdrive - ok
22:40:44.0073 7196        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:40:44.0088 7196        vdrvroot - ok
22:40:44.0166 7196        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:40:44.0182 7196        vds - ok
22:40:44.0213 7196        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:44.0213 7196        vga - ok
22:40:44.0229 7196        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:40:44.0244 7196        VgaSave - ok
22:40:44.0276 7196        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:40:44.0291 7196        vhdmp - ok
22:40:44.0307 7196        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:40:44.0322 7196        viaide - ok
22:40:44.0354 7196        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:40:44.0354 7196        volmgr - ok
22:40:44.0432 7196        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:40:44.0432 7196        volmgrx - ok
22:40:44.0494 7196        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:40:44.0494 7196        volsnap - ok
22:40:44.0572 7196        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:44.0588 7196        vsmraid - ok
22:40:44.0759 7196        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:40:44.0790 7196        VSS - ok
22:40:44.0915 7196        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:40:44.0915 7196        vwifibus - ok
22:40:44.0946 7196        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:40:44.0946 7196        vwififlt - ok
22:40:45.0024 7196        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:40:45.0024 7196        W32Time - ok
22:40:45.0056 7196        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:40:45.0071 7196        WacomPen - ok
22:40:45.0134 7196        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:40:45.0134 7196        WANARP - ok
22:40:45.0149 7196        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:40:45.0149 7196        Wanarpv6 - ok
22:40:45.0305 7196        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:40:45.0336 7196        wbengine - ok
22:40:45.0477 7196        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:40:45.0477 7196        WbioSrvc - ok
22:40:45.0539 7196        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:40:45.0555 7196        wcncsvc - ok
22:40:45.0570 7196        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:40:45.0586 7196        WcsPlugInService - ok
22:40:45.0633 7196        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:40:45.0633 7196        Wd - ok
22:40:45.0695 7196        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:40:45.0711 7196        Wdf01000 - ok
22:40:45.0742 7196        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:40:45.0742 7196        WdiServiceHost - ok
22:40:45.0742 7196        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:40:45.0758 7196        WdiSystemHost - ok
22:40:45.0789 7196        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:40:45.0804 7196        WebClient - ok
22:40:45.0836 7196        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:40:45.0836 7196        Wecsvc - ok
22:40:45.0867 7196        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:40:45.0867 7196        wercplsupport - ok
22:40:45.0945 7196        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:40:45.0945 7196        WerSvc - ok
22:40:45.0992 7196        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:45.0992 7196        WfpLwf - ok
22:40:46.0023 7196        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:40:46.0023 7196        WIMMount - ok
22:40:46.0070 7196        WinDefend - ok
22:40:46.0085 7196        WinHttpAutoProxySvc - ok
22:40:46.0148 7196        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:40:46.0163 7196        Winmgmt - ok
22:40:46.0319 7196        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:40:46.0350 7196        WinRM - ok
22:40:46.0506 7196        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
22:40:46.0506 7196        WinUsb - ok
22:40:46.0569 7196        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:40:46.0600 7196        Wlansvc - ok
22:40:46.0647 7196        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:40:46.0647 7196        wlcrasvc - ok
22:40:46.0865 7196        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:40:46.0881 7196        wlidsvc - ok
22:40:47.0006 7196        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:40:47.0006 7196        WmiAcpi - ok
22:40:47.0099 7196        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:40:47.0099 7196        wmiApSrv - ok
22:40:47.0146 7196        WMPNetworkSvc - ok
22:40:47.0177 7196        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:40:47.0193 7196        WPCSvc - ok
22:40:47.0224 7196        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:40:47.0240 7196        WPDBusEnum - ok
22:40:47.0255 7196        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:40:47.0255 7196        ws2ifsl - ok
22:40:47.0302 7196        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
22:40:47.0302 7196        wscsvc - ok
22:40:47.0318 7196        WSearch - ok
22:40:47.0458 7196        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:40:47.0474 7196        wuauserv - ok
22:40:47.0614 7196        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:40:47.0614 7196        WudfPf - ok
22:40:47.0645 7196        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:40:47.0645 7196        WUDFRd - ok
22:40:47.0692 7196        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:40:47.0692 7196        wudfsvc - ok
22:40:47.0739 7196        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:40:47.0739 7196        WwanSvc - ok
22:40:47.0817 7196        yukonw7        (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
22:40:47.0832 7196        yukonw7 - ok
22:40:47.0895 7196        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:40:48.0082 7196        \Device\Harddisk0\DR0 - ok
22:40:50.0500 7196        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
22:40:50.0516 7196        \Device\Harddisk1\DR1 - ok
22:40:50.0594 7196        Boot (0x1200)  (2164d0924c8b2f01aa0c53b2ec672e42) \Device\Harddisk0\DR0\Partition0
22:40:50.0594 7196        \Device\Harddisk0\DR0\Partition0 - ok
22:40:50.0625 7196        Boot (0x1200)  (0ca335f5908b0c04d90672fed90c5e8a) \Device\Harddisk0\DR0\Partition1
22:40:50.0625 7196        \Device\Harddisk0\DR0\Partition1 - ok
22:40:50.0656 7196        Boot (0x1200)  (d104f88d37821a7d6a1fd6b903497080) \Device\Harddisk0\DR0\Partition2
22:40:50.0656 7196        \Device\Harddisk0\DR0\Partition2 - ok
22:40:50.0672 7196        Boot (0x1200)  (ce8c4ada90184a2c21d6e9b79509d6b3) \Device\Harddisk0\DR0\Partition3
22:40:50.0672 7196        \Device\Harddisk0\DR0\Partition3 - ok
22:40:50.0687 7196        Boot (0x1200)  (f168cd0a5462f42e135035775938b31c) \Device\Harddisk1\DR1\Partition0
22:40:50.0687 7196        \Device\Harddisk1\DR1\Partition0 - ok
22:40:50.0703 7196        ============================================================
22:40:50.0703 7196        Scan finished
22:40:50.0703 7196        ============================================================
22:40:50.0718 6136        Detected object count: 0
22:40:50.0718 6136        Actual detected object count: 0
22:41:01.0872 3380        Deinitialize success

t'john 21.07.2012 22:04
Sehr gut! :daumenhoc

ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55