Trojaner-Board - install_0_msi.exe nicht gefunden

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - install_0_msi.exe nicht gefunden (https://www.trojaner-board.de/125975-install_0_msi-exe-gefunden.html)

install_0_msi.exe nicht gefunden

Hallo!
Jedes Mal wenn ich meinen Laptop starte (Windows 7, 64 bit) kommt nach dem Hochfahren die Meldung "install_0_msi.exe nicht gefunden". Ab und zu kommt einige Zeit später auch die Meldung "RunDLL error:Abnormal Program Termination". Hab McAffee mit einem Full Scan durchlaufen lassen, hat aber nichts gefunden. Anschließend hab ich ein OTL Logfile erstellt.

Zitat:

Anschließend hab ich ein OTL Logfile erstellt.

Schön und wo ist das? :confused:

OTL.txtOTL Logfile:

Code:

OTL logfile created on: 21.10.2012 23:04:12 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anna\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

 

3,86 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 66,57% Memory free

7,73 Gb Paging File | 5,83 Gb Available in Paging File | 75,44% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283,40 Gb Total Space | 184,16 Gb Free Space | 64,98% Space Free | Partition Type: NTFS

 

Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.21 11:46:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe

PRC - [2012.08.27 06:21:12 | 026,924,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.08.21 16:09:28 | 000,034,816 | ---- | M] (Accelrys, Inc) -- C:\Program Files (x86)\Accelrys\Accelrys Draw 4.1\AccelrysDraw.exe

PRC - [2011.01.13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

PRC - [2011.01.13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

PRC - [2011.01.13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

PRC - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

PRC - [2009.06.24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe

PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.10.09 21:42:36 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SandDock\3.0.6.1__75b7ec17dd7c14c3\SandDock.dll

MOD - [2012.10.09 21:42:35 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SandBar\1.4.3.1__75b7ec17dd7c14c3\SandBar.dll

MOD - [2012.10.09 21:42:34 | 000,652,288 | ---- | M] () -- C:\Windows\assembly\GAC_32\MDL.Draw.Renderer\4.1.1.4__e922e3fd683b3777\MDL.Draw.Renderer.dll

MOD - [2012.10.09 21:42:34 | 000,130,048 | ---- | M] () -- C:\Windows\assembly\GAC_32\MDL.Draw.TextServicesWrapper\4.1.1.4__e922e3fd683b3777\MDL.Draw.TextServicesWrapper.dll

MOD - [2012.10.09 21:42:32 | 002,691,584 | ---- | M] () -- C:\Windows\assembly\GAC_32\MDL.Draw.Foundation\4.1.1.4__e922e3fd683b3777\MDL.Draw.Foundation.dll

MOD - [2012.10.09 21:42:31 | 003,520,512 | ---- | M] () -- C:\Windows\assembly\GAC_32\MDL.Draw.Editor\4.1.1.4__e922e3fd683b3777\MDL.Draw.Editor.dll

MOD - [2012.10.09 21:42:30 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC\MDL.CsInline\3.0.0.3__e922e3fd683b3777\MDL.CsInline.dll

MOD - [2012.10.09 21:42:30 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC_32\MDL.Draw.Clipboard\4.1.1.4__e922e3fd683b3777\MDL.Draw.Clipboard.dll

MOD - [2012.10.09 21:42:09 | 003,747,840 | ---- | M] () -- C:\Windows\assembly\GAC\MDL.CheshireLic\5.1.0.22__24416aa791a97180\ccatlib.5.1.0.0.22.dll

MOD - [2012.10.09 21:42:09 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC\MDL.CheshireLic\5.1.0.22__24416aa791a97180\MSVCR71.dll

MOD - [2012.10.09 21:42:08 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC\MDL.Cheshire\5.1.0.22__24416aa791a97180\MDL.Cheshire.dll

MOD - [2012.10.09 21:42:08 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC\MDL.CheshireLic\5.1.0.22__24416aa791a97180\MDL.CheshireLic.dll

MOD - [2012.07.24 12:34:08 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll

MOD - [2012.07.24 12:32:56 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll

MOD - [2012.07.24 10:52:43 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll

MOD - [2012.07.24 10:52:33 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\675c8bd801698993255d100c3b350d4b\System.Web.Services.ni.dll

MOD - [2012.07.24 10:52:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll

MOD - [2012.07.24 10:52:15 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll

MOD - [2012.07.24 10:52:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll

MOD - [2012.07.24 10:51:54 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll

MOD - [2012.07.24 10:51:52 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll

MOD - [2012.07.24 10:51:42 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll

MOD - [2012.07.24 10:51:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll

MOD - [2012.07.24 10:51:32 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll

MOD - [2012.07.24 10:51:31 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012.07.24 10:51:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2011.01.13 20:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll

MOD - [2011.01.13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

MOD - [2011.01.13 20:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2011.01.13 20:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2011.01.13 20:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2011.01.13 20:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2011.01.13 20:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2011.01.13 20:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2011.01.13 20:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll

MOD - [2011.01.13 20:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

MOD - [2010.02.09 20:34:00 | 000,365,888 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll

MOD - [2010.02.09 20:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll

MOD - [2010.02.09 20:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll

MOD - [2010.02.09 20:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll

MOD - [2010.02.09 20:34:00 | 000,062,784 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll

MOD - [2010.02.09 20:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll

MOD - [2010.02.09 20:34:00 | 000,046,400 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll

MOD - [2010.02.09 20:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll

MOD - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

MOD - [2009.07.14 19:58:16 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.resources.dll

MOD - [2009.07.14 19:58:13 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll

MOD - [2009.07.14 19:58:13 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll

MOD - [2009.07.14 19:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2012.06.22 07:34:52 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2012.06.22 07:33:12 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2010.01.20 22:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009.12.16 15:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009.11.18 07:45:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)

SRV - [2012.10.15 02:04:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.09.10 17:47:50 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.06.22 07:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)

SRV - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.20 22:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe -- (STacSV)

SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.11.02 19:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009.06.23 23:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)

SRV - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.06.22 07:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2012.06.22 07:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012.06.22 07:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2012.06.22 07:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2012.06.22 07:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2012.06.22 07:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012.06.22 07:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012.04.20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.01.20 22:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009.12.16 15:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2009.12.16 15:16:12 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009.11.18 08:21:20 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009.11.02 19:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2009.10.12 13:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009.09.30 03:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009.08.24 05:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009.07.24 08:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Acceler.sys -- (Acceler)

DRV:64bit: - [2009.07.23 19:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdflt.sys -- (stdflt)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.09 10:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009.07.04 13:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpe64.sys -- (rixdpcie)

DRV:64bit: - [2009.07.02 02:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspe64.sys -- (rimspci)

DRV:64bit: - [2009.07.01 12:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\risdpe64.sys -- (risdpcie)

DRV:64bit: - [2009.06.25 11:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk)

DRV:64bit: - [2009.06.25 10:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp)

DRV:64bit: - [2009.06.25 10:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk)

DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = DELL - Offizielle Seite | Dell Österreich

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 14:36:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2012.10.14 14:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Extensions

[2012.10.14 14:36:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SF862.tmp" /EF "HKCU" File not found

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)

O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found

O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D47E6CC-43B2-4317-9622-A9A956C66F26}: DhcpNameServer = 195.34.133.21 212.186.211.21

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9C1301C-A55F-437F-8629-554BD47D828A}: DhcpNameServer = 13.36.0.1 13.36.0.2

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.21 11:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe

[2012.10.15 02:04:33 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Macromedia

[2012.10.14 14:36:42 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Mozilla

[2012.10.14 14:36:42 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Mozilla

[2012.10.14 14:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012.10.14 14:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012.10.14 14:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012.10.09 21:45:01 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\IsolatedStorage

[2012.10.09 21:44:59 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Accelrys

[2012.10.09 21:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelrys

[2012.10.09 21:42:02 | 000,000,000 | ---D | C] -- C:\ISISBASEDIR

[2012.10.09 21:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Accelrys

[2012.10.09 21:32:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Downloaded Installations

[2012.10.09 21:20:27 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\EPSON

[2012.10.07 12:44:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2012.09.30 02:55:03 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.21 22:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.10.21 21:42:42 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.21 21:42:42 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.21 21:35:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.21 21:35:14 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.21 13:39:38 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.10.21 13:39:38 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.10.21 13:39:38 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.10.21 13:39:38 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.10.21 13:39:38 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.10.21 11:46:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Desktop\OTL.exe

[2012.10.09 21:43:01 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Accelrys Draw 4.1.lnk

[2012.10.06 20:15:45 | 000,001,002 | ---- | M] () -- C:\Users\Anna\Desktop\Dropbox.lnk

[2012.10.06 19:42:14 | 000,001,012 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

 
 ========== Files Created - No Company Name ==========

 

[2012.10.14 14:36:35 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.10.09 21:43:01 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Accelrys Draw 4.1.lnk

[2012.10.07 12:44:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.10.06 20:15:45 | 000,001,002 | ---- | C] () -- C:\Users\Anna\Desktop\Dropbox.lnk

[2012.10.06 19:42:14 | 000,001,012 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.08.31 15:46:50 | 000,193,401 | ---- | C] () -- C:\Users\Anna\3e4e088b-1189-468c-9c14-a762f915efa5.jpg

[2012.08.29 19:26:55 | 083,023,306 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.10.09 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Accelrys

[2012.10.21 22:23:14 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dropbox

[2012.10.09 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\EPSON

[2012.10.09 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\IsolatedStorage

[2012.07.04 00:47:31 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\PCDr

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---
Extras.txtOTL Logfile:

Code:

OTL Extras logfile created on: 21.10.2012 21:38:35 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anna\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

 

3,86 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 62,88% Memory free

7,73 Gb Paging File | 6,07 Gb Available in Paging File | 78,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283,40 Gb Total Space | 184,42 Gb Free Space | 65,07% Space Free | Partition Type: NTFS

 

Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1E792BB4-014C-4B79-A2F2-58B5040F0124}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1344B500-8D45-47C9-A9D8-81D2F96D1BD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{236BA4B8-BBDD-44CF-A511-F00E78AFF022}" = protocol=17 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe | 

"{4CDCFD8A-9BF3-489D-B325-74A729DC88AF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{724C3B9A-28E2-4E0D-B250-1E8297CB28AF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{800FB6B8-5925-4FFE-BC6D-D2951D9F565B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{B03D2C8D-0A1D-4583-B29F-61C48D575E01}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{DE487F88-02EA-405F-BA70-669B988EFECC}" = protocol=6 | dir=in | app=c:\users\anna\appdata\roaming\dropbox\bin\dropbox.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)

"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64

"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock

"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"DW WLAN Card Utility" = DW WLAN Card Utility

"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"SynTPDeinstKey" = Dell Touchpad

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online

"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20

"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German

"{44653096-3E44-402E-B68E-37D77240BFA8}" = Accelrys Draw 4.1

"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian

"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins

"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package

"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding

"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish

"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All

"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch

"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static

"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New

"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional

"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish

"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing

"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista

"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy

"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation

"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean

"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish

"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English

"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese

"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Dell Dock" = Dell Dock

"Dell Webcam Central" = Dell Webcam Central

"EPSON Scanner" = EPSON Scan

"EPSON SX125 Series Manual" = EPSON SX125 Series Handbuch

"McAfee Virtual Technician" = McAfee Virtual Technician

"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package

"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSC" = McAfee SecurityCenter

"Office14.SingleImage" = Microsoft Office Home and Business 2010

"VLC media player" = VLC media player 2.0.2

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 09.10.2012 03:02:56 | Computer Name = Anna-PC | Source = EventSystem | ID = 4622

Description = 

 

Error - 09.10.2012 19:21:04 | Computer Name = Anna-PC | Source = EventSystem | ID = 4621

Description = 

 

Error - 10.10.2012 15:07:33 | Computer Name = Anna-PC | Source = EventSystem | ID = 4622

Description = 

 

Error - 11.10.2012 15:20:36 | Computer Name = Anna-PC | Source = EventSystem | ID = 4621

Description = 

 

Error - 11.10.2012 17:48:25 | Computer Name = Anna-PC | Source = EventSystem | ID = 4621

Description = 

 

Error - 13.10.2012 15:17:57 | Computer Name = Anna-PC | Source = EventSystem | ID = 4621

Description = 

 

Error - 14.10.2012 15:40:03 | Computer Name = Anna-PC | Source = Application Hang | ID = 1002

Description = Programm Skype.exe, Version 5.10.0.116 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: c64    Startzeit: 

01cdaa072e3d162c    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
 

Berichts-ID:

   

 

Error - 14.10.2012 16:00:45 | Computer Name = Anna-PC | Source = EventSystem | ID = 4622

Description = 

 

Error - 14.10.2012 18:32:12 | Computer Name = Anna-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: mcagent.exe, Version: 11.6.434.0,

 Zeitstempel: 0x5050b565  Name des fehlerhaften Moduls: mcagent.exe, Version: 11.6.434.0,

 Zeitstempel: 0x5050b565  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000065668

ID

 des fehlerhaften Prozesses: 0x1974  Startzeit der fehlerhaften Anwendung: 0x01cdaa50d452bc4a

Pfad

 der fehlerhaften Anwendung: C:\Program Files\mcafee.com\agent\mcagent.exe  Pfad des

 fehlerhaften Moduls: C:\Program Files\mcafee.com\agent\mcagent.exe  Berichtskennung:

 feb27d26-164e-11e2-996a-b8ac6f7a4441

 

Error - 15.10.2012 14:13:12 | Computer Name = Anna-PC | Source = EventSystem | ID = 4622

Description = 

 

[ Broadcom Wireless LAN Events ]

Error - 26.09.2012 09:59:14 | Computer Name = Anna-PC | Source = WLAN-Tray | ID = 0

Description = 15:59:08, Wed, Sep 26, 12 Error - Unable to gain access to user store
 

 

[ Dell Events ]

Error - 29.09.2012 19:08:40 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 12.10.2012 11:03:52 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 12.10.2012 11:03:52 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 12.10.2012 11:12:26 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 12.10.2012 11:12:26 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 14.10.2012 08:38:14 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 14.10.2012 08:38:14 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 14.10.2012 10:53:13 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 14.10.2012 10:53:13 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

Error - 15.10.2012 12:34:46 | Computer Name = Anna-PC | Source = DataSafe | ID = 17

Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.

 

[ System Events ]

Error - 14.10.2012 10:52:25 | Computer Name = Anna-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

 

Error - 14.10.2012 10:52:26 | Computer Name = Anna-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

 

Error - 14.10.2012 10:52:26 | Computer Name = Anna-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

 

Error - 14.10.2012 10:52:27 | Computer Name = Anna-PC | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.

 

Error - 17.10.2012 04:24:26 | Computer Name = Anna-PC | Source = VDS Basic Provider | ID = 33554433

Description = 

 

Error - 17.10.2012 04:24:26 | Computer Name = Anna-PC | Source = VDS Basic Provider | ID = 33554433

Description = 

 

Error - 17.10.2012 22:03:07 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst SftService erreicht.

 

Error - 17.10.2012 22:03:07 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst Browser erreicht.

 

Error - 17.10.2012 22:03:07 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Computerbrowser" wurde aufgrund folgenden Fehlers nicht

 gestartet:   %%1053

 

Error - 18.10.2012 09:30:01 | Computer Name = Anna-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Personal Firewall Service" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1083

 

 

< End of report >

--- --- ---

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

log von malwarebytes:

Code:

Malwarebytes Anti-Malware (Test) 1.65.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.10.22.03
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Anna :: ANNA-PC [Administrator]
 

Schutz: Aktiviert
 

22.10.2012 16:11:02

mbam-log-2012-10-22 (16-11-02).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|Y:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 398043

Laufzeit: 51 Minute(n), 4 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 1

C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Habs eigentlich erst seit heute. Den ersten Scan hab ich abgebrochen, weil ich Laufwerk D versehentlich auch ausgewählt hab.

Code:

2012/10/22 16:04:47 +0200        ANNA-PC        Anna        MESSAGE        Executing scheduled update:  Daily

2012/10/22 16:04:47 +0200        ANNA-PC        Anna        ERROR        Scheduled update failed:  No address found failed with error code 0

2012/10/22 16:04:51 +0200        ANNA-PC        Anna        MESSAGE        Starting protection

2012/10/22 16:04:51 +0200        ANNA-PC        Anna        MESSAGE        Protection started successfully

2012/10/22 16:04:51 +0200        ANNA-PC        Anna        MESSAGE        Starting IP protection

2012/10/22 16:04:53 +0200        ANNA-PC        Anna        MESSAGE        IP Protection started successfully

2012/10/22 16:06:57 +0200        ANNA-PC        Anna        MESSAGE        Starting database refresh

2012/10/22 16:06:57 +0200        ANNA-PC        Anna        MESSAGE        Stopping IP protection

2012/10/22 16:06:57 +0200        ANNA-PC        Anna        MESSAGE        IP Protection stopped successfully

2012/10/22 16:06:59 +0200        ANNA-PC        Anna        MESSAGE        Database refreshed successfully

2012/10/22 16:06:59 +0200        ANNA-PC        Anna        MESSAGE        Starting IP protection

2012/10/22 16:07:00 +0200        ANNA-PC        Anna        MESSAGE        IP Protection started successfully

2012/10/22 21:39:49 +0200        ANNA-PC        Anna        MESSAGE        Starting protection

2012/10/22 21:39:50 +0200        ANNA-PC        Anna        MESSAGE        Protection started successfully

2012/10/22 21:39:50 +0200        ANNA-PC        Anna        MESSAGE        Starting IP protection

2012/10/22 21:39:51 +0200        ANNA-PC        Anna        MESSAGE        IP Protection started successfully

Code:

Malwarebytes Anti-Malware (Test) 1.65.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.10.22.03
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Anna :: ANNA-PC [Administrator]
 

Schutz: Aktiviert
 

22.10.2012 16:11:02

mbam-log-2012-10-22 (16-11-02).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|Y:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 398043

Laufzeit: 51 Minute(n), 4 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 1

C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Code:

Malwarebytes Anti-Malware (Test) 1.65.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.10.22.03
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Anna :: ANNA-PC [Administrator]
 

Schutz: Aktiviert
 

22.10.2012 16:10:14

mbam-log-2012-10-22 (16-10-14).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|Y:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 28434

Laufzeit: 31 Sekunde(n) [Abgebrochen]
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Code:

# AdwCleaner v2.005 - Datei am 24/10/2012 um 01:35:00 erstellt

# Aktualisiert am 14/10/2012 von Xplode

# Betriebssystem : Windows 7 Home Premium  (64 bits)

# Benutzer : Anna - ANNA-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Anna\Downloads\adwcleaner.exe

# Option [Suche]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gefunden : HKU\S-1-5-21-425219210-1282217665-2191771485-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v16.0.1 (de)
 

Profilname : default 

Datei : C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\ge0b9w81.default\prefs.js
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R1].txt - [1309 octets] - [24/10/2012 01:35:00]
 

########## EOF - C:\AdwCleaner[R1].txt - [1369 octets] ##########

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Code:

# AdwCleaner v2.005 - Datei am 25/10/2012 um 10:46:20 erstellt

# Aktualisiert am 14/10/2012 von Xplode

# Betriebssystem : Windows 7 Home Premium  (64 bits)

# Benutzer : Anna - ANNA-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Anna\Downloads\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v16.0.1 (de)
 

Profilname : default 

Datei : C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\ge0b9w81.default\prefs.js
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R1].txt - [1434 octets] - [24/10/2012 01:35:00]

AdwCleaner[R2].txt - [1494 octets] - [24/10/2012 01:36:29]

AdwCleaner[R3].txt - [1554 octets] - [24/10/2012 01:36:49]

AdwCleaner[S1].txt - [1330 octets] - [25/10/2012 10:46:20]
 

########## EOF - C:\AdwCleaner[S1].txt - [1390 octets] ##########

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Code:

OTL logfile created on: 25.10.2012 15:42:00 - Run 3

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anna\Downloads

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

 

3,86 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 71,24% Memory free

7,73 Gb Paging File | 6,00 Gb Available in Paging File | 77,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283,40 Gb Total Space | 184,63 Gb Free Space | 65,15% Space Free | Partition Type: NTFS

Drive F: | 931,28 Gb Total Space | 898,72 Gb Free Space | 96,50% Space Free | Partition Type: FAT32

 

Computer Name: ANNA-PC | User Name: Anna | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.25 15:39:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna\Downloads\OTL.exe

PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.08.27 06:21:12 | 026,924,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2011.01.13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

PRC - [2011.01.13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

PRC - [2011.01.13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

PRC - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

PRC - [2009.06.24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe

PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.07.24 12:34:08 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll

MOD - [2012.07.24 12:32:56 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll

MOD - [2012.07.24 10:52:43 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll

MOD - [2012.07.24 10:52:33 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\675c8bd801698993255d100c3b350d4b\System.Web.Services.ni.dll

MOD - [2012.07.24 10:52:15 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll

MOD - [2012.07.24 10:52:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll

MOD - [2012.07.24 10:51:54 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll

MOD - [2012.07.24 10:51:52 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll

MOD - [2012.07.24 10:51:42 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll

MOD - [2012.07.24 10:51:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll

MOD - [2012.07.24 10:51:32 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll

MOD - [2012.07.24 10:51:31 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012.07.24 10:51:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2011.01.13 20:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll

MOD - [2011.01.13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

MOD - [2011.01.13 20:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2011.01.13 20:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2011.01.13 20:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2011.01.13 20:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2011.01.13 20:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2011.01.13 20:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2011.01.13 20:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll

MOD - [2011.01.13 20:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.02.09 20:34:00 | 001,807,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

MOD - [2010.02.09 20:34:00 | 000,365,888 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll

MOD - [2010.02.09 20:34:00 | 000,275,776 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll

MOD - [2010.02.09 20:34:00 | 000,152,896 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll

MOD - [2010.02.09 20:34:00 | 000,095,552 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll

MOD - [2010.02.09 20:34:00 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll

MOD - [2010.02.09 20:34:00 | 000,046,400 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll

MOD - [2010.02.09 20:34:00 | 000,017,728 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll

MOD - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

MOD - [2009.07.14 19:58:13 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll

MOD - [2009.07.14 19:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2012.06.22 07:34:52 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2012.06.22 07:33:12 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2010.01.20 22:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009.12.16 15:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009.11.18 07:45:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)

SRV - [2012.10.15 02:04:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.09.10 17:47:50 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.06.22 07:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)

SRV - [2011.01.13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.20 22:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe -- (STacSV)

SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.11.02 19:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009.06.23 23:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)

SRV - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.06.22 07:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2012.06.22 07:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012.06.22 07:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2012.06.22 07:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2012.06.22 07:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2012.06.22 07:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012.06.22 07:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012.04.20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.01.20 22:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009.12.16 15:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2009.12.16 15:16:12 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009.11.18 08:21:20 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009.11.02 19:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2009.10.12 13:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009.09.30 03:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009.08.24 05:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009.07.24 08:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Acceler.sys -- (Acceler)

DRV:64bit: - [2009.07.23 19:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdflt.sys -- (stdflt)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.09 10:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009.07.04 13:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpe64.sys -- (rixdpcie)

DRV:64bit: - [2009.07.02 02:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspe64.sys -- (rimspci)

DRV:64bit: - [2009.07.01 12:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\risdpe64.sys -- (risdpcie)

DRV:64bit: - [2009.06.25 11:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk)

DRV:64bit: - [2009.06.25 10:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp)

DRV:64bit: - [2009.06.25 10:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk)

DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-425219210-1282217665-2191771485-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen

IE - HKU\S-1-5-21-425219210-1282217665-2191771485-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-425219210-1282217665-2191771485-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-425219210-1282217665-2191771485-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 14:36:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2012.10.14 14:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Extensions

[2012.10.24 01:39:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anna\AppData\Roaming\mozilla\Firefox\Profiles\ge0b9w81.default\extensions

[2012.10.14 14:36:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-425219210-1282217665-2191771485-1000..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SF862.tmp" /EF "HKCU" File not found

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found

O4 - Startup: C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D47E6CC-43B2-4317-9622-A9A956C66F26}: DhcpNameServer = 195.34.133.21 212.186.211.21

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9C1301C-A55F-437F-8629-554BD47D828A}: DhcpNameServer = 13.36.0.1 13.36.0.2

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()

SafeBootNet:64bit: mfefirek - C:\WINDOWS\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

SafeBootNet:64bit: mfefirek.sys - C:\WINDOWS\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

SafeBootNet:64bit: mfehidk - C:\WINDOWS\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

SafeBootNet:64bit: mfehidk.sys - C:\WINDOWS\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)

SafeBootNet: Messenger - Service

SafeBootNet: mfevtp - C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.22 16:04:42 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Malwarebytes

[2012.10.22 16:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.22 16:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.22 16:04:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.10.22 16:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.15 02:04:33 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Macromedia

[2012.10.14 14:36:42 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Mozilla

[2012.10.14 14:36:42 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Mozilla

[2012.10.14 14:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012.10.14 14:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012.10.14 14:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012.10.09 21:45:01 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\IsolatedStorage

[2012.10.09 21:44:59 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\Accelrys

[2012.10.09 21:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelrys

[2012.10.09 21:42:02 | 000,000,000 | ---D | C] -- C:\ISISBASEDIR

[2012.10.09 21:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Accelrys

[2012.10.09 21:32:02 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Local\Downloaded Installations

[2012.10.09 21:20:27 | 000,000,000 | ---D | C] -- C:\Users\Anna\AppData\Roaming\EPSON

[2012.10.07 12:44:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2012.09.30 02:55:03 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.25 15:35:53 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.25 15:35:53 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.25 15:28:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.25 15:28:19 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.22 22:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.10.22 16:06:15 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.10.22 16:06:15 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.10.22 16:06:15 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.10.22 16:06:15 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.10.22 16:06:15 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.10.22 16:04:24 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.09 21:43:01 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Accelrys Draw 4.1.lnk

[2012.10.06 20:15:45 | 000,001,002 | ---- | M] () -- C:\Users\Anna\Desktop\Dropbox.lnk

[2012.10.06 19:42:14 | 000,001,012 | ---- | M] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

 
 ========== Files Created - No Company Name ==========

 

[2012.10.22 16:04:24 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.14 14:36:35 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.10.09 21:43:01 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Accelrys Draw 4.1.lnk

[2012.10.07 12:44:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.10.06 20:15:45 | 000,001,002 | ---- | C] () -- C:\Users\Anna\Desktop\Dropbox.lnk

[2012.10.06 19:42:14 | 000,001,012 | ---- | C] () -- C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.08.31 15:46:50 | 000,193,401 | ---- | C] () -- C:\Users\Anna\3e4e088b-1189-468c-9c14-a762f915efa5.jpg

[2012.08.29 19:26:55 | 083,023,306 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.10.09 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Accelrys

[2012.10.25 15:50:52 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dropbox

[2012.10.09 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\EPSON

[2012.10.09 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\IsolatedStorage

[2012.07.04 00:47:31 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\PCDr

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.10.09 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Accelrys

[2012.07.04 02:35:02 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Adobe

[2012.07.04 00:26:59 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\ATI

[2012.07.24 00:52:22 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Creative

[2012.07.04 00:27:55 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dell

[2012.10.25 15:50:52 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Dropbox

[2012.10.09 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\EPSON

[2012.07.04 00:26:12 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Identities

[2012.10.09 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\IsolatedStorage

[2012.07.04 00:59:45 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Macromedia

[2012.10.22 16:04:42 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Malwarebytes

[2012.08.22 09:23:32 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\McAfee

[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Media Center Programs

[2012.10.15 02:04:33 | 000,000,000 | --SD | M] -- C:\Users\Anna\AppData\Roaming\Microsoft

[2012.10.14 14:36:50 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Mozilla

[2012.07.04 00:47:31 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\PCDr

[2012.07.04 00:47:31 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Real

[2012.07.04 00:27:07 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Roxio

[2012.10.25 15:41:41 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\Skype

[2012.08.22 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Anna\AppData\Roaming\vlc

 
 < %APPDATA%\*.exe /s >

[2012.08.27 06:21:12 | 026,924,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anna\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.08.27 06:21:14 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anna\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.08.27 06:21:24 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anna\AppData\Roaming\Dropbox\bin\Uninstall.exe

 
 < %SYSTEMDRIVE%\*. >

[2012.07.04 00:26:03 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2012.07.04 02:23:15 | 000,000,000 | ---D | M] -- C:\dell

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2010.07.23 07:40:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2010.07.16 00:53:22 | 000,000,000 | ---D | M] -- C:\Drivers

[2012.07.03 21:06:11 | 000,000,000 | ---D | M] -- C:\Emergency

[2010.07.15 22:24:50 | 000,000,000 | ---D | M] -- C:\Intel

[2012.10.09 21:42:08 | 000,000,000 | ---D | M] -- C:\ISISBASEDIR

[2012.07.04 02:37:17 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.07.04 00:36:30 | 000,000,000 | R--D | M] -- C:\Program Files

[2012.10.25 10:46:20 | 000,000,000 | R--D | M] -- C:\Program Files (x86)

[2012.10.22 16:04:23 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2010.07.23 07:40:45 | 000,000,000 | ---D | M] -- C:\Programme

[2012.10.25 15:44:46 | 000,000,000 | ---D | M] -- C:\System Volume Information

[2012.07.17 15:27:10 | 000,000,000 | ---D | M] -- C:\Temp

[2012.07.04 00:19:53 | 000,000,000 | R--D | M] -- C:\Users

[2012.08.27 19:36:22 | 000,000,000 | ---D | M] -- C:\WINDOWS

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

 
 <           >

[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2012.10.07 12:44:39 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 

< End of report >

Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

[2012.08.29 19:26:55 | 083,023,306 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad

:Files

ipconfig /flushdns /c

:Commands

[purity]

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Code:

All processes killed

========== OTL ==========

C:\ProgramData\ism_0_llatsni.pad moved successfully.

========== FILES ==========
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\Anna\Downloads\cmd.bat deleted successfully.

C:\Users\Anna\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Anna

->Temp folder emptied: 12840195 bytes

->Temporary Internet Files folder emptied: 1985882505 bytes

->Java cache emptied: 596 bytes

->FireFox cache emptied: 73398285 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 23282 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 119342177 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes

RecycleBin emptied: 992421153 bytes

 

Total Files Cleaned = 3.036,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.69.0 log created on 10252012_170523
 

Files\Folders moved on Reboot...

C:\Users\Anna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
 

PendingFileRenameOperations files...
 

Registry entries deleted on Reboot...

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Code:

21:52:24.0102 2112  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

21:52:24.0133 2112  ============================================================

21:52:24.0133 2112  Current date / time: 2012/10/25 21:52:24.0133

21:52:24.0133 2112  SystemInfo:

21:52:24.0133 2112  

21:52:24.0133 2112  OS Version: 6.1.7600 ServicePack: 0.0

21:52:24.0133 2112  Product type: Workstation

21:52:24.0133 2112  ComputerName: ANNA-PC

21:52:24.0133 2112  UserName: Anna

21:52:24.0133 2112  Windows directory: C:\Windows

21:52:24.0133 2112  System windows directory: C:\Windows

21:52:24.0133 2112  Running under WOW64

21:52:24.0133 2112  Processor architecture: Intel x64

21:52:24.0133 2112  Number of processors: 4

21:52:24.0133 2112  Page size: 0x1000

21:52:24.0133 2112  Boot type: Normal boot

21:52:24.0133 2112  ============================================================

21:52:25.0287 2112  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:52:25.0287 2112  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

21:52:27.0502 2112  ============================================================

21:52:27.0502 2112  \Device\Harddisk0\DR0:

21:52:27.0502 2112  MBR partitions:

21:52:27.0502 2112  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000

21:52:27.0502 2112  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB

21:52:27.0502 2112  \Device\Harddisk1\DR1:

21:52:27.0502 2112  MBR partitions:

21:52:27.0502 2112  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x747051C1

21:52:27.0502 2112  ============================================================

21:52:27.0534 2112  C: <-> \Device\Harddisk0\DR0\Partition2

21:52:27.0534 2112  F: <-> \Device\Harddisk1\DR1\Partition1

21:52:27.0534 2112  ============================================================

21:52:27.0534 2112  Initialize success

21:52:27.0534 2112  ============================================================

21:52:48.0141 5876  ============================================================

21:52:48.0141 5876  Scan started

21:52:48.0141 5876  Mode: Manual; SigCheck; TDLFS; 

21:52:48.0141 5876  ============================================================

21:52:48.0765 5876  ================ Scan system memory ========================

21:52:48.0765 5876  System memory - ok

21:52:48.0765 5876  ================ Scan services =============================

21:52:48.0968 5876  [ 69AA89A20DEE08BFA650AAB6CE37BD10 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

21:52:49.0108 5876  1394ohci - ok

21:52:49.0171 5876  [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys

21:52:49.0186 5876  Acceler - ok

21:52:49.0233 5876  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

21:52:49.0249 5876  ACPI - ok

21:52:49.0280 5876  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

21:52:49.0389 5876  AcpiPmi - ok

21:52:49.0561 5876  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:52:49.0576 5876  AdobeFlashPlayerUpdateSvc - ok

21:52:49.0639 5876  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

21:52:49.0670 5876  adp94xx - ok

21:52:49.0686 5876  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

21:52:49.0701 5876  adpahci - ok

21:52:49.0764 5876  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

21:52:49.0779 5876  adpu320 - ok

21:52:49.0810 5876  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

21:52:49.0982 5876  AeLookupSvc - ok

21:52:50.0107 5876  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe

21:52:50.0200 5876  AESTFilters - ok

21:52:50.0263 5876  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys

21:52:50.0325 5876  AFD - ok

21:52:50.0356 5876  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

21:52:50.0372 5876  agp440 - ok

21:52:50.0419 5876  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

21:52:50.0497 5876  ALG - ok

21:52:50.0512 5876  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

21:52:50.0528 5876  aliide - ok

21:52:50.0575 5876  [ 5989D711769200F0F3E145319250472B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

21:52:50.0684 5876  AMD External Events Utility - ok

21:52:50.0715 5876  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

21:52:50.0731 5876  amdide - ok

21:52:50.0778 5876  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

21:52:50.0871 5876  AmdK8 - ok

21:52:50.0887 5876  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

21:52:50.0918 5876  AmdPPM - ok

21:52:50.0980 5876  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys

21:52:50.0996 5876  amdsata - ok

21:52:51.0043 5876  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

21:52:51.0058 5876  amdsbs - ok

21:52:51.0058 5876  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys

21:52:51.0074 5876  amdxata - ok

21:52:51.0121 5876  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys

21:52:51.0230 5876  AppID - ok

21:52:51.0277 5876  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

21:52:51.0339 5876  AppIDSvc - ok

21:52:51.0386 5876  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll

21:52:51.0464 5876  Appinfo - ok

21:52:51.0511 5876  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

21:52:51.0526 5876  arc - ok

21:52:51.0542 5876  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

21:52:51.0558 5876  arcsas - ok

21:52:51.0573 5876  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

21:52:51.0651 5876  AsyncMac - ok

21:52:51.0667 5876  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

21:52:51.0682 5876  atapi - ok

21:52:51.0745 5876  [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

21:52:51.0776 5876  AtiHdmiService - ok

21:52:51.0932 5876  [ B5FB227A09A9EC28163FA4B45487C3C7 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

21:52:52.0135 5876  atikmdag - ok

21:52:52.0228 5876  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:52:52.0291 5876  AudioEndpointBuilder - ok

21:52:52.0291 5876  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll

21:52:52.0338 5876  AudioSrv - ok

21:52:52.0369 5876  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

21:52:52.0494 5876  AxInstSV - ok

21:52:52.0556 5876  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

21:52:52.0603 5876  b06bdrv - ok

21:52:52.0665 5876  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

21:52:52.0696 5876  b57nd60a - ok

21:52:52.0728 5876  [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys

21:52:52.0743 5876  BCM42RLY - ok

21:52:52.0837 5876  [ 215DC2FD9CD0FD0BBD7905339779589E ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys

21:52:52.0946 5876  BCM43XX - ok

21:52:53.0040 5876  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

21:52:53.0102 5876  BDESVC - ok

21:52:53.0149 5876  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

21:52:53.0227 5876  Beep - ok

21:52:53.0289 5876  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll

21:52:53.0383 5876  BFE - ok

21:52:53.0461 5876  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll

21:52:53.0523 5876  BITS - ok

21:52:53.0554 5876  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

21:52:53.0601 5876  blbdrive - ok

21:52:53.0664 5876  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

21:52:53.0742 5876  bowser - ok

21:52:53.0788 5876  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:52:53.0820 5876  BrFiltLo - ok

21:52:53.0835 5876  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:52:53.0851 5876  BrFiltUp - ok

21:52:53.0929 5876  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll

21:52:53.0976 5876  Browser - ok

21:52:54.0022 5876  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

21:52:54.0100 5876  Brserid - ok

21:52:54.0116 5876  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

21:52:54.0163 5876  BrSerWdm - ok

21:52:54.0194 5876  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

21:52:54.0225 5876  BrUsbMdm - ok

21:52:54.0272 5876  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

21:52:54.0303 5876  BrUsbSer - ok

21:52:54.0334 5876  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

21:52:54.0381 5876  BTHMODEM - ok

21:52:54.0428 5876  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

21:52:54.0490 5876  bthserv - ok

21:52:54.0522 5876  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

21:52:54.0553 5876  cdfs - ok

21:52:54.0631 5876  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

21:52:54.0693 5876  cdrom - ok

21:52:54.0740 5876  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll

21:52:54.0802 5876  CertPropSvc - ok

21:52:54.0880 5876  [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids          C:\Windows\system32\drivers\cfwids.sys

21:52:54.0896 5876  cfwids - ok

21:52:54.0912 5876  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

21:52:54.0943 5876  circlass - ok

21:52:55.0005 5876  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

21:52:55.0021 5876  CLFS - ok

21:52:55.0114 5876  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:52:55.0130 5876  clr_optimization_v2.0.50727_32 - ok

21:52:55.0192 5876  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:52:55.0208 5876  clr_optimization_v2.0.50727_64 - ok

21:52:55.0302 5876  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:52:55.0348 5876  clr_optimization_v4.0.30319_32 - ok

21:52:55.0380 5876  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:52:55.0395 5876  clr_optimization_v4.0.30319_64 - ok

21:52:55.0442 5876  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

21:52:55.0473 5876  CmBatt - ok

21:52:55.0504 5876  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

21:52:55.0504 5876  cmdide - ok

21:52:55.0598 5876  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys

21:52:55.0629 5876  CNG - ok

21:52:55.0660 5876  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

21:52:55.0676 5876  Compbatt - ok

21:52:55.0707 5876  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

21:52:55.0754 5876  CompositeBus - ok

21:52:55.0770 5876  COMSysApp - ok

21:52:55.0785 5876  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

21:52:55.0801 5876  crcdisk - ok

21:52:55.0863 5876  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll

21:52:55.0941 5876  CryptSvc - ok

21:52:56.0004 5876  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys

21:52:56.0035 5876  CtClsFlt - ok

21:52:56.0097 5876  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll

21:52:56.0175 5876  DcomLaunch - ok

21:52:56.0253 5876  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

21:52:56.0316 5876  defragsvc - ok

21:52:56.0378 5876  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

21:52:56.0440 5876  DfsC - ok

21:52:56.0472 5876  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll

21:52:56.0581 5876  Dhcp - ok

21:52:56.0643 5876  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

21:52:56.0721 5876  discache - ok

21:52:56.0768 5876  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

21:52:56.0784 5876  Disk - ok

21:52:56.0830 5876  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll

21:52:56.0893 5876  Dnscache - ok

21:52:56.0986 5876  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

21:52:57.0002 5876  DockLoginService ( UnsignedFile.Multi.Generic ) - warning

21:52:57.0002 5876  DockLoginService - detected UnsignedFile.Multi.Generic (1)

21:52:57.0049 5876  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll

21:52:57.0111 5876  dot3svc - ok

21:52:57.0142 5876  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll

21:52:57.0205 5876  DPS - ok

21:52:57.0283 5876  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

21:52:57.0314 5876  drmkaud - ok

21:52:57.0361 5876  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

21:52:57.0392 5876  DXGKrnl - ok

21:52:57.0454 5876  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

21:52:57.0517 5876  EapHost - ok

21:52:57.0610 5876  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

21:52:57.0735 5876  ebdrv - ok

21:52:57.0798 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe

21:52:57.0860 5876  EFS - ok

21:52:57.0938 5876  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

21:52:58.0000 5876  ehRecvr - ok

21:52:58.0063 5876  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

21:52:58.0125 5876  ehSched - ok

21:52:58.0188 5876  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

21:52:58.0219 5876  elxstor - ok

21:52:58.0234 5876  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

21:52:58.0281 5876  ErrDev - ok

21:52:58.0359 5876  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

21:52:58.0422 5876  EventSystem - ok

21:52:58.0484 5876  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

21:52:58.0546 5876  exfat - ok

21:52:58.0578 5876  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

21:52:58.0640 5876  fastfat - ok

21:52:58.0718 5876  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe

21:52:58.0796 5876  Fax - ok

21:52:58.0827 5876  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

21:52:58.0843 5876  fdc - ok

21:52:58.0890 5876  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

21:52:58.0968 5876  fdPHost - ok

21:52:58.0983 5876  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

21:52:59.0046 5876  FDResPub - ok

21:52:59.0092 5876  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

21:52:59.0108 5876  FileInfo - ok

21:52:59.0108 5876  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

21:52:59.0170 5876  Filetrace - ok

21:52:59.0202 5876  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

21:52:59.0248 5876  flpydisk - ok

21:52:59.0280 5876  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

21:52:59.0295 5876  FltMgr - ok

21:52:59.0358 5876  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll

21:52:59.0436 5876  FontCache - ok

21:52:59.0514 5876  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:52:59.0529 5876  FontCache3.0.0.0 - ok

21:52:59.0545 5876  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

21:52:59.0560 5876  FsDepends - ok

21:52:59.0607 5876  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

21:52:59.0623 5876  Fs_Rec - ok

21:52:59.0685 5876  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

21:52:59.0701 5876  fvevol - ok

21:52:59.0748 5876  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

21:52:59.0763 5876  gagp30kx - ok

21:52:59.0826 5876  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll

21:52:59.0888 5876  gpsvc - ok

21:52:59.0935 5876  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

21:52:59.0966 5876  hcw85cir - ok

21:52:59.0982 5876  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

21:53:00.0028 5876  HDAudBus - ok

21:53:00.0075 5876  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

21:53:00.0091 5876  HECIx64 - ok

21:53:00.0106 5876  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

21:53:00.0138 5876  HidBatt - ok

21:53:00.0153 5876  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

21:53:00.0200 5876  HidBth - ok

21:53:00.0262 5876  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

21:53:00.0278 5876  HidIr - ok

21:53:00.0309 5876  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

21:53:00.0372 5876  hidserv - ok

21:53:00.0403 5876  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

21:53:00.0450 5876  HidUsb - ok

21:53:00.0528 5876  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys

21:53:00.0543 5876  HipShieldK - ok

21:53:00.0590 5876  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll

21:53:00.0652 5876  hkmsvc - ok

21:53:00.0699 5876  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:53:00.0746 5876  HomeGroupListener - ok

21:53:00.0793 5876  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:53:00.0808 5876  HomeGroupProvider - ok

21:53:00.0871 5876  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

21:53:00.0871 5876  HpSAMD - ok

21:53:00.0902 5876  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

21:53:00.0980 5876  HTTP - ok

21:53:01.0011 5876  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

21:53:01.0027 5876  hwpolicy - ok

21:53:01.0074 5876  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

21:53:01.0089 5876  i8042prt - ok

21:53:01.0136 5876  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys

21:53:01.0167 5876  iaStorV - ok

21:53:01.0214 5876  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:53:01.0245 5876  idsvc - ok

21:53:01.0323 5876  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

21:53:01.0339 5876  iirsp - ok

21:53:01.0386 5876  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll

21:53:01.0464 5876  IKEEXT - ok

21:53:01.0526 5876  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys

21:53:01.0588 5876  Impcd - ok

21:53:01.0713 5876  [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe

21:53:01.0744 5876  InstallFilterService ( UnsignedFile.Multi.Generic ) - warning

21:53:01.0744 5876  InstallFilterService - detected UnsignedFile.Multi.Generic (1)

21:53:01.0776 5876  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

21:53:01.0776 5876  intelide - ok

21:53:01.0822 5876  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

21:53:01.0869 5876  intelppm - ok

21:53:01.0916 5876  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

21:53:01.0994 5876  IPBusEnum - ok

21:53:02.0025 5876  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:53:02.0056 5876  IpFilterDriver - ok

21:53:02.0103 5876  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

21:53:02.0166 5876  iphlpsvc - ok

21:53:02.0181 5876  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

21:53:02.0228 5876  IPMIDRV - ok

21:53:02.0259 5876  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

21:53:02.0322 5876  IPNAT - ok

21:53:02.0368 5876  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

21:53:02.0384 5876  IRENUM - ok

21:53:02.0400 5876  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

21:53:02.0400 5876  isapnp - ok

21:53:02.0415 5876  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

21:53:02.0431 5876  iScsiPrt - ok

21:53:02.0478 5876  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

21:53:02.0493 5876  kbdclass - ok

21:53:02.0509 5876  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

21:53:02.0556 5876  kbdhid - ok

21:53:02.0587 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe

21:53:02.0602 5876  KeyIso - ok

21:53:02.0649 5876  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

21:53:02.0665 5876  KSecDD - ok

21:53:02.0680 5876  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

21:53:02.0696 5876  KSecPkg - ok

21:53:02.0743 5876  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

21:53:02.0805 5876  ksthunk - ok

21:53:02.0852 5876  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

21:53:02.0930 5876  KtmRm - ok

21:53:03.0008 5876  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll

21:53:03.0039 5876  LanmanServer - ok

21:53:03.0070 5876  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:53:03.0148 5876  LanmanWorkstation - ok

21:53:03.0180 5876  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

21:53:03.0242 5876  lltdio - ok

21:53:03.0289 5876  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

21:53:03.0336 5876  lltdsvc - ok

21:53:03.0351 5876  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

21:53:03.0398 5876  lmhosts - ok

21:53:03.0492 5876  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

21:53:03.0507 5876  LMS - ok

21:53:03.0570 5876  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

21:53:03.0585 5876  LSI_FC - ok

21:53:03.0585 5876  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

21:53:03.0601 5876  LSI_SAS - ok

21:53:03.0648 5876  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:53:03.0663 5876  LSI_SAS2 - ok

21:53:03.0679 5876  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:53:03.0694 5876  LSI_SCSI - ok

21:53:03.0726 5876  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

21:53:03.0757 5876  luafv - ok

21:53:03.0819 5876  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

21:53:03.0835 5876  MBAMProtector - ok

21:53:03.0913 5876  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

21:53:03.0928 5876  MBAMScheduler - ok

21:53:03.0944 5876  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

21:53:03.0960 5876  MBAMService - ok

21:53:04.0069 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

21:53:04.0100 5876  McMPFSvc - ok

21:53:04.0116 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

21:53:04.0116 5876  mcmscsvc - ok

21:53:04.0131 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

21:53:04.0147 5876  McNaiAnn - ok

21:53:04.0162 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

21:53:04.0178 5876  McNASvc - ok

21:53:04.0240 5876  [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe

21:53:04.0256 5876  McODS - ok

21:53:04.0272 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

21:53:04.0287 5876  McOobeSv - ok

21:53:04.0287 5876  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

21:53:04.0303 5876  McProxy - ok

21:53:04.0365 5876  [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

21:53:04.0396 5876  McShield - ok

21:53:04.0428 5876  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

21:53:04.0474 5876  Mcx2Svc - ok

21:53:04.0506 5876  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

21:53:04.0521 5876  megasas - ok

21:53:04.0568 5876  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

21:53:04.0584 5876  MegaSR - ok

21:53:04.0630 5876  [ B574522827D94126C03975FD53F0B26B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys

21:53:04.0646 5876  mfeapfk - ok

21:53:04.0708 5876  [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys

21:53:04.0724 5876  mfeavfk - ok

21:53:04.0755 5876  mfeavfk01 - ok

21:53:04.0802 5876  [ 97C398750C8E80A48EB63999546F796E ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

21:53:04.0818 5876  mfefire - ok

21:53:04.0849 5876  [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys

21:53:04.0864 5876  mfefirek - ok

21:53:04.0927 5876  [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys

21:53:04.0958 5876  mfehidk - ok

21:53:04.0974 5876  [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys

21:53:04.0989 5876  mferkdet - ok

21:53:05.0052 5876  [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

21:53:05.0067 5876  mfevtp - ok

21:53:05.0098 5876  [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys

21:53:05.0114 5876  mfewfpk - ok

21:53:05.0145 5876  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

21:53:05.0192 5876  MMCSS - ok

21:53:05.0208 5876  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

21:53:05.0270 5876  Modem - ok

21:53:05.0332 5876  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

21:53:05.0379 5876  monitor - ok

21:53:05.0410 5876  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

21:53:05.0426 5876  mouclass - ok

21:53:05.0442 5876  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

21:53:05.0457 5876  mouhid - ok

21:53:05.0488 5876  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

21:53:05.0504 5876  mountmgr - ok

21:53:05.0598 5876  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:53:05.0613 5876  MozillaMaintenance - ok

21:53:05.0644 5876  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

21:53:05.0660 5876  mpio - ok

21:53:05.0676 5876  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

21:53:05.0707 5876  mpsdrv - ok

21:53:05.0754 5876  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll

21:53:05.0847 5876  MpsSvc - ok

21:53:05.0878 5876  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

21:53:05.0925 5876  MRxDAV - ok

21:53:05.0972 5876  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

21:53:06.0003 5876  mrxsmb - ok

21:53:06.0019 5876  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:53:06.0050 5876  mrxsmb10 - ok

21:53:06.0066 5876  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:53:06.0081 5876  mrxsmb20 - ok

21:53:06.0128 5876  [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

21:53:06.0144 5876  msahci - ok

21:53:06.0159 5876  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

21:53:06.0175 5876  msdsm - ok

21:53:06.0190 5876  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

21:53:06.0237 5876  MSDTC - ok

21:53:06.0268 5876  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

21:53:06.0300 5876  Msfs - ok

21:53:06.0331 5876  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

21:53:06.0393 5876  mshidkmdf - ok

21:53:06.0409 5876  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

21:53:06.0424 5876  msisadrv - ok

21:53:06.0471 5876  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

21:53:06.0502 5876  MSiSCSI - ok

21:53:06.0518 5876  msiserver - ok

21:53:06.0534 5876  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

21:53:06.0596 5876  MSKSSRV - ok

21:53:06.0658 5876  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

21:53:06.0721 5876  MSPCLOCK - ok

21:53:06.0736 5876  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

21:53:06.0799 5876  MSPQM - ok

21:53:06.0830 5876  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

21:53:06.0846 5876  MsRPC - ok

21:53:06.0861 5876  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

21:53:06.0861 5876  mssmbios - ok

21:53:06.0877 5876  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

21:53:06.0939 5876  MSTEE - ok

21:53:06.0970 5876  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

21:53:07.0002 5876  MTConfig - ok

21:53:07.0048 5876  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

21:53:07.0064 5876  Mup - ok

21:53:07.0111 5876  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll

21:53:07.0189 5876  napagent - ok

21:53:07.0267 5876  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

21:53:07.0314 5876  NativeWifiP - ok

21:53:07.0360 5876  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys

21:53:07.0392 5876  NDIS - ok

21:53:07.0423 5876  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

21:53:07.0485 5876  NdisCap - ok

21:53:07.0548 5876  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

21:53:07.0610 5876  NdisTapi - ok

21:53:07.0641 5876  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

21:53:07.0704 5876  Ndisuio - ok

21:53:07.0735 5876  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

21:53:07.0766 5876  NdisWan - ok

21:53:07.0797 5876  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

21:53:07.0860 5876  NDProxy - ok

21:53:07.0922 5876  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

21:53:08.0000 5876  NetBIOS - ok

21:53:08.0031 5876  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

21:53:08.0094 5876  NetBT - ok

21:53:08.0109 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe

21:53:08.0125 5876  Netlogon - ok

21:53:08.0172 5876  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

21:53:08.0250 5876  Netman - ok

21:53:08.0281 5876  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

21:53:08.0328 5876  netprofm - ok

21:53:08.0359 5876  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:53:08.0374 5876  NetTcpPortSharing - ok

21:53:08.0437 5876  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

21:53:08.0452 5876  nfrd960 - ok

21:53:08.0515 5876  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll

21:53:08.0577 5876  NlaSvc - ok

21:53:08.0593 5876  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

21:53:08.0655 5876  Npfs - ok

21:53:08.0686 5876  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

21:53:08.0749 5876  nsi - ok

21:53:08.0780 5876  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

21:53:08.0842 5876  nsiproxy - ok

21:53:08.0920 5876  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

21:53:08.0952 5876  Ntfs - ok

21:53:08.0998 5876  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

21:53:09.0045 5876  Null - ok

21:53:09.0108 5876  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys

21:53:09.0123 5876  nvraid - ok

21:53:09.0139 5876  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys

21:53:09.0154 5876  nvstor - ok

21:53:09.0170 5876  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

21:53:09.0186 5876  nv_agp - ok

21:53:09.0217 5876  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

21:53:09.0295 5876  ohci1394 - ok

21:53:09.0388 5876  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:53:09.0404 5876  ose - ok

21:53:09.0607 5876  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:53:09.0685 5876  osppsvc - ok

21:53:09.0732 5876  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

21:53:09.0810 5876  p2pimsvc - ok

21:53:09.0856 5876  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

21:53:09.0888 5876  p2psvc - ok

21:53:09.0934 5876  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

21:53:09.0950 5876  Parport - ok

21:53:09.0997 5876  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

21:53:10.0012 5876  partmgr - ok

21:53:10.0059 5876  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

21:53:10.0106 5876  PcaSvc - ok

21:53:10.0137 5876  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys

21:53:10.0153 5876  pci - ok

21:53:10.0168 5876  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

21:53:10.0184 5876  pciide - ok

21:53:10.0231 5876  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

21:53:10.0246 5876  pcmcia - ok

21:53:10.0262 5876  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

21:53:10.0278 5876  pcw - ok

21:53:10.0293 5876  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

21:53:10.0371 5876  PEAUTH - ok

21:53:10.0496 5876  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

21:53:10.0543 5876  PerfHost - ok

21:53:10.0605 5876  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll

21:53:10.0683 5876  pla - ok

21:53:10.0777 5876  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

21:53:10.0824 5876  PlugPlay - ok

21:53:10.0886 5876  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

21:53:10.0917 5876  PNRPAutoReg - ok

21:53:10.0948 5876  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

21:53:10.0964 5876  PNRPsvc - ok

21:53:11.0011 5876  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

21:53:11.0089 5876  PolicyAgent - ok

21:53:11.0151 5876  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

21:53:11.0214 5876  Power - ok

21:53:11.0292 5876  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

21:53:11.0354 5876  PptpMiniport - ok

21:53:11.0385 5876  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

21:53:11.0432 5876  Processor - ok

21:53:11.0479 5876  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll

21:53:11.0494 5876  ProfSvc - ok

21:53:11.0494 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:53:11.0510 5876  ProtectedStorage - ok

21:53:11.0541 5876  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

21:53:11.0604 5876  Psched - ok

21:53:11.0666 5876  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys

21:53:11.0682 5876  PxHlpa64 - ok

21:53:11.0744 5876  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

21:53:11.0791 5876  ql2300 - ok

21:53:11.0838 5876  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

21:53:11.0853 5876  ql40xx - ok

21:53:11.0884 5876  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

21:53:11.0931 5876  QWAVE - ok

21:53:11.0962 5876  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

21:53:11.0994 5876  QWAVEdrv - ok

21:53:12.0009 5876  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

21:53:12.0072 5876  RasAcd - ok

21:53:12.0134 5876  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

21:53:12.0181 5876  RasAgileVpn - ok

21:53:12.0228 5876  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

21:53:12.0290 5876  RasAuto - ok

21:53:12.0321 5876  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

21:53:12.0368 5876  Rasl2tp - ok

21:53:12.0384 5876  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll

21:53:12.0462 5876  RasMan - ok

21:53:12.0508 5876  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

21:53:12.0571 5876  RasPppoe - ok

21:53:12.0586 5876  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

21:53:12.0649 5876  RasSstp - ok

21:53:12.0696 5876  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

21:53:12.0758 5876  rdbss - ok

21:53:12.0789 5876  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

21:53:12.0805 5876  rdpbus - ok

21:53:12.0836 5876  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

21:53:12.0867 5876  RDPCDD - ok

21:53:12.0883 5876  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

21:53:12.0945 5876  RDPENCDD - ok

21:53:12.0976 5876  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

21:53:13.0008 5876  RDPREFMP - ok

21:53:13.0054 5876  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

21:53:13.0117 5876  RDPWD - ok

21:53:13.0164 5876  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

21:53:13.0195 5876  rdyboost - ok

21:53:13.0226 5876  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

21:53:13.0288 5876  RemoteAccess - ok

21:53:13.0351 5876  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

21:53:13.0413 5876  RemoteRegistry - ok

21:53:13.0460 5876  [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys

21:53:13.0522 5876  rimmptsk - ok

21:53:13.0522 5876  [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci         C:\Windows\system32\DRIVERS\rimspe64.sys

21:53:13.0585 5876  rimspci - ok

21:53:13.0616 5876  [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys

21:53:13.0647 5876  rimsptsk - ok

21:53:13.0694 5876  [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe64.sys

21:53:13.0756 5876  risdpcie - ok

21:53:13.0788 5876  [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys

21:53:13.0819 5876  rismxdp - ok

21:53:13.0834 5876  [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe64.sys

21:53:13.0850 5876  rixdpcie - ok

21:53:13.0897 5876  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

21:53:13.0944 5876  RpcEptMapper - ok

21:53:13.0975 5876  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

21:53:14.0022 5876  RpcLocator - ok

21:53:14.0037 5876  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll

21:53:14.0084 5876  RpcSs - ok

21:53:14.0146 5876  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

21:53:14.0209 5876  rspndr - ok

21:53:14.0271 5876  [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

21:53:14.0302 5876  RTL8167 - ok

21:53:14.0318 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe

21:53:14.0334 5876  SamSs - ok

21:53:14.0349 5876  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

21:53:14.0365 5876  sbp2port - ok

21:53:14.0396 5876  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

21:53:14.0458 5876  SCardSvr - ok

21:53:14.0474 5876  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

21:53:14.0521 5876  scfilter - ok

21:53:14.0583 5876  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll

21:53:14.0646 5876  Schedule - ok

21:53:14.0692 5876  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll

21:53:14.0724 5876  SCPolicySvc - ok

21:53:14.0786 5876  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

21:53:14.0848 5876  SDRSVC - ok

21:53:14.0895 5876  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

21:53:14.0958 5876  secdrv - ok

21:53:14.0973 5876  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll

21:53:15.0036 5876  seclogon - ok

21:53:15.0114 5876  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

21:53:15.0176 5876  SENS - ok

21:53:15.0207 5876  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

21:53:15.0270 5876  SensrSvc - ok

21:53:15.0301 5876  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

21:53:15.0348 5876  Serenum - ok

21:53:15.0410 5876  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

21:53:15.0441 5876  Serial - ok

21:53:15.0472 5876  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

21:53:15.0488 5876  sermouse - ok

21:53:15.0535 5876  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll

21:53:15.0597 5876  SessionEnv - ok

21:53:15.0628 5876  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

21:53:15.0675 5876  sffdisk - ok

21:53:15.0706 5876  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

21:53:15.0753 5876  sffp_mmc - ok

21:53:15.0784 5876  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

21:53:15.0800 5876  sffp_sd - ok

21:53:15.0816 5876  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

21:53:15.0847 5876  sfloppy - ok

21:53:15.0940 5876  [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

21:53:15.0956 5876  SftService - ok

21:53:15.0987 5876  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

21:53:16.0050 5876  SharedAccess - ok

21:53:16.0096 5876  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:53:16.0159 5876  ShellHWDetection - ok

21:53:16.0174 5876  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:53:16.0190 5876  SiSRaid2 - ok

21:53:16.0237 5876  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

21:53:16.0252 5876  SiSRaid4 - ok

21:53:16.0299 5876  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

21:53:16.0315 5876  SkypeUpdate - ok

21:53:16.0346 5876  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

21:53:16.0408 5876  Smb - ok

21:53:16.0455 5876  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

21:53:16.0502 5876  SNMPTRAP - ok

21:53:16.0549 5876  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

21:53:16.0564 5876  spldr - ok

21:53:16.0627 5876  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe

21:53:16.0689 5876  Spooler - ok

21:53:16.0783 5876  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe

21:53:16.0923 5876  sppsvc - ok

21:53:16.0954 5876  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

21:53:17.0017 5876  sppuinotify - ok

21:53:17.0126 5876  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

21:53:17.0142 5876  sprtsvc_DellSupportCenter - ok

21:53:17.0188 5876  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys

21:53:17.0266 5876  srv - ok

21:53:17.0298 5876  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

21:53:17.0344 5876  srv2 - ok

21:53:17.0376 5876  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

21:53:17.0407 5876  srvnet - ok

21:53:17.0469 5876  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

21:53:17.0516 5876  SSDPSRV - ok

21:53:17.0532 5876  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

21:53:17.0563 5876  SstpSvc - ok

21:53:17.0703 5876  [ DA7702025DFD169B909C4DA3126762CC ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe

21:53:17.0750 5876  STacSV - ok

21:53:17.0812 5876  [ C48E0745D33897C7A73394214F2B9B4F ] stdflt          C:\Windows\system32\DRIVERS\stdflt.sys

21:53:17.0812 5876  stdflt - ok

21:53:17.0859 5876  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

21:53:17.0875 5876  stexstor - ok

21:53:17.0906 5876  [ CAF5A9708671B14B9670260735B22C4E ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys

21:53:17.0953 5876  STHDA - ok

21:53:18.0000 5876  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll

21:53:18.0031 5876  stisvc - ok

21:53:18.0062 5876  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

21:53:18.0078 5876  swenum - ok

21:53:18.0124 5876  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

21:53:18.0202 5876  swprv - ok

21:53:18.0265 5876  [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

21:53:18.0296 5876  SynTP - ok

21:53:18.0374 5876  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll

21:53:18.0405 5876  SysMain - ok

21:53:18.0421 5876  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:53:18.0468 5876  TabletInputService - ok

21:53:18.0514 5876  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll

21:53:18.0592 5876  TapiSrv - ok

21:53:18.0624 5876  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

21:53:18.0655 5876  TBS - ok

21:53:18.0733 5876  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

21:53:18.0780 5876  Tcpip - ok

21:53:18.0842 5876  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

21:53:18.0873 5876  TCPIP6 - ok

21:53:18.0920 5876  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

21:53:18.0951 5876  tcpipreg - ok

21:53:18.0967 5876  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

21:53:19.0029 5876  TDPIPE - ok

21:53:19.0076 5876  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

21:53:19.0138 5876  TDTCP - ok

21:53:19.0154 5876  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

21:53:19.0232 5876  tdx - ok

21:53:19.0294 5876  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

21:53:19.0310 5876  TermDD - ok

21:53:19.0357 5876  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll

21:53:19.0435 5876  TermService - ok

21:53:19.0466 5876  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

21:53:19.0513 5876  Themes - ok

21:53:19.0560 5876  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

21:53:19.0606 5876  THREADORDER - ok

21:53:19.0653 5876  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

21:53:19.0684 5876  TrkWks - ok

21:53:19.0794 5876  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:53:19.0840 5876  TrustedInstaller - ok

21:53:19.0872 5876  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

21:53:19.0934 5876  tssecsrv - ok

21:53:19.0996 5876  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

21:53:20.0059 5876  tunnel - ok

21:53:20.0106 5876  [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys

21:53:20.0121 5876  TurboB - ok

21:53:20.0199 5876  [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe

21:53:20.0215 5876  TurboBoost - ok

21:53:20.0230 5876  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

21:53:20.0246 5876  uagp35 - ok

21:53:20.0293 5876  [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

21:53:20.0371 5876  udfs - ok

21:53:20.0402 5876  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

21:53:20.0449 5876  UI0Detect - ok

21:53:20.0480 5876  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

21:53:20.0496 5876  uliagpkx - ok

21:53:20.0558 5876  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

21:53:20.0589 5876  umbus - ok

21:53:20.0620 5876  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

21:53:20.0667 5876  UmPass - ok

21:53:20.0792 5876  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

21:53:20.0839 5876  UNS - ok

21:53:20.0886 5876  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

21:53:20.0932 5876  upnphost - ok

21:53:20.0979 5876  [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

21:53:21.0026 5876  usbccgp - ok

21:53:21.0073 5876  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

21:53:21.0104 5876  usbcir - ok

21:53:21.0135 5876  [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

21:53:21.0151 5876  usbehci - ok

21:53:21.0182 5876  [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

21:53:21.0198 5876  usbhub - ok

21:53:21.0244 5876  [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

21:53:21.0291 5876  usbohci - ok

21:53:21.0354 5876  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

21:53:21.0369 5876  usbprint - ok

21:53:21.0400 5876  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

21:53:21.0416 5876  usbscan - ok

21:53:21.0432 5876  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:53:21.0478 5876  USBSTOR - ok

21:53:21.0541 5876  [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

21:53:21.0556 5876  usbuhci - ok

21:53:21.0572 5876  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

21:53:21.0650 5876  usbvideo - ok

21:53:21.0681 5876  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

21:53:21.0728 5876  UxSms - ok

21:53:21.0744 5876  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe

21:53:21.0759 5876  VaultSvc - ok

21:53:21.0775 5876  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

21:53:21.0790 5876  vdrvroot - ok

21:53:21.0822 5876  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe

21:53:21.0868 5876  vds - ok

21:53:21.0915 5876  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

21:53:21.0931 5876  vga - ok

21:53:21.0946 5876  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

21:53:22.0009 5876  VgaSave - ok

21:53:22.0024 5876  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

21:53:22.0056 5876  vhdmp - ok

21:53:22.0071 5876  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

21:53:22.0071 5876  viaide - ok

21:53:22.0102 5876  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

21:53:22.0102 5876  volmgr - ok

21:53:22.0134 5876  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

21:53:22.0149 5876  volmgrx - ok

21:53:22.0165 5876  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

21:53:22.0180 5876  volsnap - ok

21:53:22.0243 5876  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

21:53:22.0258 5876  vsmraid - ok

21:53:22.0336 5876  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe

21:53:22.0383 5876  VSS - ok

21:53:22.0414 5876  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

21:53:22.0461 5876  vwifibus - ok

21:53:22.0492 5876  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

21:53:22.0524 5876  vwififlt - ok

21:53:22.0586 5876  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

21:53:22.0648 5876  W32Time - ok

21:53:22.0695 5876  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

21:53:22.0726 5876  WacomPen - ok

21:53:22.0773 5876  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

21:53:22.0836 5876  WANARP - ok

21:53:22.0836 5876  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

21:53:22.0882 5876  Wanarpv6 - ok

21:53:22.0960 5876  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

21:53:22.0992 5876  WatAdminSvc - ok

21:53:23.0054 5876  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe

21:53:23.0116 5876  wbengine - ok

21:53:23.0132 5876  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

21:53:23.0163 5876  WbioSrvc - ok

21:53:23.0210 5876  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

21:53:23.0257 5876  wcncsvc - ok

21:53:23.0288 5876  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:53:23.0319 5876  WcsPlugInService - ok

21:53:23.0350 5876  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

21:53:23.0366 5876  Wd - ok

21:53:23.0397 5876  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

21:53:23.0428 5876  Wdf01000 - ok

21:53:23.0428 5876  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

21:53:23.0475 5876  WdiServiceHost - ok

21:53:23.0475 5876  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

21:53:23.0491 5876  WdiSystemHost - ok

21:53:23.0538 5876  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll

21:53:23.0569 5876  WebClient - ok

21:53:23.0616 5876  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

21:53:23.0662 5876  Wecsvc - ok

21:53:23.0694 5876  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

21:53:23.0756 5876  wercplsupport - ok

21:53:23.0772 5876  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

21:53:23.0818 5876  WerSvc - ok

21:53:23.0834 5876  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

21:53:23.0865 5876  WfpLwf - ok

21:53:23.0896 5876  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys

21:53:23.0928 5876  WimFltr - ok

21:53:23.0943 5876  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

21:53:23.0943 5876  WIMMount - ok

21:53:23.0959 5876  WinDefend - ok

21:53:23.0959 5876  WinHttpAutoProxySvc - ok

21:53:24.0037 5876  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

21:53:24.0084 5876  Winmgmt - ok

21:53:24.0162 5876  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll

21:53:24.0240 5876  WinRM - ok

21:53:24.0318 5876  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

21:53:24.0349 5876  Wlansvc - ok

21:53:24.0427 5876  [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

21:53:24.0442 5876  wltrysvc ( UnsignedFile.Multi.Generic ) - warning

21:53:24.0442 5876  wltrysvc - detected UnsignedFile.Multi.Generic (1)

21:53:24.0489 5876  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

21:53:24.0536 5876  WmiAcpi - ok

21:53:24.0583 5876  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

21:53:24.0630 5876  wmiApSrv - ok

21:53:24.0676 5876  WMPNetworkSvc - ok

21:53:24.0708 5876  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

21:53:24.0739 5876  WPCSvc - ok

21:53:24.0770 5876  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

21:53:24.0848 5876  WPDBusEnum - ok

21:53:24.0879 5876  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

21:53:24.0957 5876  ws2ifsl - ok

21:53:25.0004 5876  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll

21:53:25.0035 5876  wscsvc - ok

21:53:25.0035 5876  WSearch - ok

21:53:25.0113 5876  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

21:53:25.0176 5876  wuauserv - ok

21:53:25.0191 5876  [ C63907207B837A5C05CF6D1606AA0008 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

21:53:25.0222 5876  WudfPf - ok

21:53:25.0269 5876  [ D885A873D733020F8B9B9FF4B1666158 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

21:53:25.0285 5876  WUDFRd - ok

21:53:25.0316 5876  [ 27B9BEE5AAC00139E3A3AF5D6227A0DC ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

21:53:25.0332 5876  wudfsvc - ok

21:53:25.0363 5876  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

21:53:25.0410 5876  WwanSvc - ok

21:53:25.0441 5876  ================ Scan global ===============================

21:53:25.0488 5876  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:53:25.0519 5876  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll

21:53:25.0534 5876  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll

21:53:25.0566 5876  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:53:25.0612 5876  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

21:53:25.0612 5876  [Global] - ok

21:53:25.0612 5876  ================ Scan MBR ==================================

21:53:25.0644 5876  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

21:53:25.0956 5876  \Device\Harddisk0\DR0 - ok

21:53:25.0971 5876  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

21:53:26.0486 5876  \Device\Harddisk1\DR1 - ok

21:53:26.0486 5876  ================ Scan VBR ==================================

21:53:26.0486 5876  [ 5972959FCA1D687B73D80C50252C64DD ] \Device\Harddisk0\DR0\Partition1

21:53:26.0486 5876  \Device\Harddisk0\DR0\Partition1 - ok

21:53:26.0517 5876  [ 158BEC7D0914E6D4F7BFE74437A94EFF ] \Device\Harddisk0\DR0\Partition2

21:53:26.0517 5876  \Device\Harddisk0\DR0\Partition2 - ok

21:53:26.0517 5876  [ 1F4B26D6BA34508DF4E3A379F27378B0 ] \Device\Harddisk1\DR1\Partition1

21:53:26.0517 5876  \Device\Harddisk1\DR1\Partition1 - ok

21:53:26.0517 5876  ============================================================

21:53:26.0517 5876  Scan finished

21:53:26.0517 5876  ============================================================

21:53:26.0517 4080  Detected object count: 3

21:53:26.0517 4080  Actual detected object count: 3

22:02:59.0553 4080  DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

22:02:59.0553 4080  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

22:02:59.0553 4080  InstallFilterService ( UnsignedFile.Multi.Generic ) - skipped by user

22:02:59.0553 4080  InstallFilterService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

22:02:59.0553 4080  wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user

22:02:59.0553 4080  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software

Run date: 2012-10-25 23:37:58

-----------------------------

23:37:58.546    OS Version: Windows x64 6.1.7600 

23:37:58.546    Number of processors: 4 586 0x2505

23:37:58.546    ComputerName: ANNA-PC  UserName: Anna

23:37:59.546    Initialize success

23:38:02.726    AVAST engine download error: 0

23:38:19.146    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

23:38:19.156    Disk 0 Vendor: Hitachi_HTS545032B9A300 PB3OC60S Size: 305245MB BusType: 11

23:38:19.166    Disk 0 MBR read successfully

23:38:19.166    Disk 0 MBR scan

23:38:19.176    Disk 0 Windows VISTA default MBR code

23:38:19.176    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63

23:38:19.206    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 80325

23:38:19.216    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       290205 MB offset 30800325

23:38:19.236    Disk 0 scanning C:\Windows\system32\drivers

23:38:26.546    Service scanning

23:38:54.256    Modules scanning

23:38:54.266    Disk 0 trace - called modules:

23:38:54.276    ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 

23:38:54.606    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c0f060]

23:38:54.616    3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004a89ce0]

23:38:54.616    5 stdflt.sys[fffff88001948a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800491a680]

23:38:54.626    Scan finished successfully

23:41:23.756    Disk 0 MBR has been saved successfully to "C:\Users\Anna\Desktop\MBR.dat"

23:41:23.766    The log file has been saved successfully to "C:\Users\Anna\Desktop\aswMBR.txt"

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

ESET Scanner:

Code:

ESETSmartInstaller@High as downloader log:

Can not open internetESETSmartInstaller@High as downloader log:

all ok

esets_scanner_update returned -1 esets_gle=12

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=e7c7031491c549429147dea37fced520

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-26 01:55:45

# local_time=2012-10-26 03:55:45 (+0100, Mitteleuropäische Sommerzeit)

# country="Austria"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=1797 16774142 0 1 9899753 9899753 0 0

# compatibility_mode=5121 16777213 100 75 2226677 3966560 0 0

# compatibility_mode=5893 16776574 66 85 103660185 103660185 0 0

# compatibility_mode=8192 67108863 100 0 415 415 0 0

# scanned=211746

# found=0

# cleaned=0

# scan_time=5231

Malwarebytes:

Code:

Malwarebytes Anti-Malware (Test) 1.65.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.10.26.06
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Anna :: ANNA-PC [Administrator]
 

Schutz: Aktiviert
 

26.10.2012 14:13:37

mbam-log-2012-10-26 (14-13-37).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 197780

Laufzeit: 2 Minute(n), 9 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

:daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Danke!
Sonst ist mir noch nichts aufgefallen, McAffee auch nicht.
Er ist ziemlich langsam beim Hochfahren, kann man da was machen?