Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Can not load hotkey.sys, Windows Update deaktiviert

Can not load hotkey.sys, Windows Update deaktiviert


Plagegeister aller Art und deren Bekämpfung: Can not load hotkey.sys, Windows Update deaktiviert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 20.05.2013, 11:58   #1
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hallo liebes Trojaner-Board!

Ich habe erhebliche Probleme mit meinem Laptop seit etwa drei Tagen. Der Computer ist total verlangsamt und kann die meisten Programme nicht öffnen bzw. schließt sie direkt wieder mit der Meldung "Programm XY funktioniert nicht mehr". Außerdem erscheint die Taskleiste sowie die Scrollleisten im alten Design und nicht im neuen Design von Windows 7.
Zwei mal ist jetzt die Meldung "Can not load hotkey.sys!!" mit der Überschrift "WButton" aufgetaucht. Erst dachte ich, es wäre vielleicht was mit dem System an sich kaputt, allerdings lässt mich die falsche englische Schreibweise (can not statt cannot) sowie die beiden Ausrufungszeichen irgendwie vermuten, dass es sich um einen Schädling handelt.
Außerdem wird seit heute das Fähnchensymbol mit einem roten "x" unten in der Symbolleiste angezeigt und es wird gesagt, dass das Windows Update deaktiviert ist. Ich hatte es eigentlich wieder aktiviert, kurz darauf ist es aber wieder deaktiviert.
Antivirenprogramme haben nichts gefunden, aber der Computer ist völlig lahmgelegt.

Bitte um Hilfe. Vielen Dank im voraus!

Alt 20.05.2013, 12:00   #2
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 20.05.2013, 12:31   #3
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hallo!
Danke, dass du dich meiner Sache annimmst.

Dies ist der Text aus OTL.txt

Code:
ATTFilter
OTL logfile created on: 5/20/2013 1:03:50 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Name\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.80 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 63.74% Memory free
7.60 Gb Paging File | 5.88 Gb Available in Paging File | 77.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 546.25 Gb Total Space | 397.58 Gb Free Space | 72.78% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 27.10 Gb Free Space | 55.49% Space Free | Partition Type: NTFS
 
Computer Name: Name | User Name: Name | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Name\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Name\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.)
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Name\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Name\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (MTBService_1.8.1.8) -- C:\Program Files\Carl Zeiss\MTB 2004 File not found
SRV:64bit: - (ACProtector) -- C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe (AxiomCoders)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (Aladdin Knowledge Systems Ltd.)
SRV:64bit: - (deMntrService) -- C:\Program Files\Dell\MFP_DELL\deMntrService.exe (Dell)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CZCanSrv) -- C:\Program Files (x86)\Common Files\Carl Zeiss\CZCanSrv.exe (Carl Zeiss MicroImaging GmbH)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (WisLMSvc) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (DESVUSB) -- C:\Windows\SysNative\drivers\desrvusb.sys (Olivetti-Engineering SA)
DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {89FD0470-8ED8-430E-8BC0-99F6A9CCD491}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{89FD0470-8ED8-430E-8BC0-99F6A9CCD491}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNB_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.10
FF - prefs.js..extensions.enabledAddons: %7B25A1388B-6B18-46c3-BEBA-A81915D0DE8F%7D:1.7.8.5
FF - prefs.js..extensions.enabledAddons: zoteroWinWordIntegration%40zotero.org:3.1.12
FF - prefs.js..extensions.enabledAddons: zotero%40chnm.gmu.edu:4.0.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Name\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Name\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Name\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Name\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Name\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/03/16 13:04:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/13 13:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/13 13:35:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/13 13:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/13 13:35:17 | 000,000,000 | ---D | M]
 
[2011/06/12 14:21:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\Extensions
[2013/05/05 13:11:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\Firefox\Profiles\et0sk0sk.default\extensions
[2013/04/04 00:06:20 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\Name\AppData\Roaming\mozilla\Firefox\Profiles\et0sk0sk.default\extensions\zoteroWinWordIntegration@zotero.org
[2013/05/05 13:11:22 | 004,691,600 | ---- | M] () (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\firefox\profiles\et0sk0sk.default\extensions\zotero@chnm.gmu.edu.xpi
[2013/03/04 00:26:23 | 000,504,298 | ---- | M] () (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\firefox\profiles\et0sk0sk.default\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi
[2013/01/05 21:23:16 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\firefox\profiles\et0sk0sk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/03/03 12:29:22 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Name\AppData\Roaming\mozilla\firefox\profiles\et0sk0sk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/13 13:35:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/04/13 13:35:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\DOMINIK HöLPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ET0SK0SK.DEFAULT\EXTENSIONS\{25A1388B-6B18-46C3-BEBA-A81915D0DE8F}.XPI
File not found (No name found) -- C:\USERS\DOMINIK HöLPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ET0SK0SK.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}.XPI
File not found (No name found) -- C:\USERS\DOMINIK HöLPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ET0SK0SK.DEFAULT\EXTENSIONS\ZOTERO@CHNM.GMU.EDU.XPI
File not found (No name found) -- C:\USERS\DOMINIK HöLPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ET0SK0SK.DEFAULT\EXTENSIONS\ZOTEROWINWORDINTEGRATION@ZOTERO.ORG
[2013/04/13 13:35:23 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2003/04/23 19:10:48 | 006,595,792 | ---- | M] (CambridgeSoft Corp.) -- C:\Program Files (x86)\mozilla firefox\plugins\npcdp32.dll
[2012/02/23 00:58:26 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2012/02/23 00:58:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/04/13 13:35:20 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/04/13 13:35:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/13 13:35:20 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/04/13 13:35:20 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/04/13 13:35:20 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/04/13 13:35:20 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Dominik H\u00F6lper\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Dominik H\u00F6lper\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Google Mail = C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/01/10 21:08:27 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe File not found
O4:64bit: - HKLM..\Run: [DeStatusMon] C:\Program Files\Dell\MFP_DELL\deDvcStatus.exe (Dell)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Name\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Name\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\AxiomLSPx64.dll (AxiomCoders)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\AxiomLSPx64.dll (AxiomCoders)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\AxiomLSPx64.dll (AxiomCoders)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\AxiomLSPx64.dll (AxiomCoders)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\AxiomLSPx64.dll (AxiomCoders)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\AxiomLSP.dll (AxiomCoders)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\AxiomLSP.dll (AxiomCoders)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\AxiomLSP.dll (AxiomCoders)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\AxiomLSP.dll (AxiomCoders)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\AxiomLSP.dll (AxiomCoders)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4BEC6CA-6CB9-41F2-814D-28C04FDB7390}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/20 13:01:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Name\Desktop\OTL.exe
[2013/05/20 11:16:02 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{55195FD2-8595-4A00-892E-044C3C93F89A}
[2013/05/19 23:15:21 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{BB922176-8140-48DB-B292-1B03E0A76535}
[2013/05/19 23:03:51 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/05/17 23:27:37 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{33900C07-4881-43C0-898E-4F020DAD1C55}
[2013/05/16 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Name\Desktop\Planung Frankfurt
[2013/05/16 15:34:26 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{C542B299-F6BF-40DC-9729-2ACAF058786D}
[2013/05/14 23:18:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/05/14 15:50:40 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2013/05/14 15:50:22 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2013/05/14 15:31:59 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{4FF6B9C3-8C46-436B-BE15-AFB4C20A6062}
[2013/05/13 23:01:08 | 000,000,000 | ---D | C] -- C:\Users\Name\Desktop\Controls
[2013/05/13 18:21:33 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{AD5468A5-8398-4BB5-A646-96BCCB87D422}
[2013/05/13 18:05:17 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{ED96C81B-CC2D-4B68-808F-FC26DB12730B}
[2013/05/12 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{467D33A6-466E-4E9A-A84C-CD75E2A577DE}
[2013/05/12 09:40:43 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{F4C96D84-2352-40BB-BC25-FB781B853F16}
[2013/05/11 13:54:41 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{E91BAFD5-7383-4CD6-84CB-959EB152D14F}
[2013/05/11 13:20:58 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{F2D3FA80-F82A-428C-9B30-A46417149648}
[2013/05/11 00:09:56 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{D5A350C4-4026-43CE-96FD-068F174A8FFD}
[2013/05/10 12:09:30 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{7837BBB1-8396-4434-AA19-687173F11AF4}
[2013/05/09 18:12:09 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{F4FD2788-3003-4ACF-938E-3857404D2F5D}
[2013/05/09 06:11:34 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{07DE7AD9-0CFD-43EE-A62B-6218E7D75B75}
[2013/05/08 18:10:59 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{45635DF7-BAE0-4AD3-8F30-ADAE31215AC7}
[2013/05/08 10:14:35 | 000,000,000 | ---D | C] -- C:\Users\Name\Desktop\Illustrator Files
[2013/05/07 18:22:57 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{9D0E6676-F2F1-4D66-BECB-5C1D7EC97DCB}
[2013/05/06 23:50:18 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{347EE015-7F6E-4E6E-8427-8A15BA37E47A}
[2013/05/06 11:48:01 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{D8725F9D-987D-4637-B3A5-9887D6B083B1}
[2013/05/05 22:48:38 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{D0677CB4-815D-4444-AB2E-FC2587135CA6}
[2013/05/05 10:48:14 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{448C47D1-9068-4AC9-9307-76E65E2EB44F}
[2013/05/04 16:25:40 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{29D2387C-DF80-4D6A-97E0-C75EE0861213}
[2013/05/04 00:32:27 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{CC6661C4-7E5A-42E7-9284-1E8EAD3E5763}
[2013/05/03 12:30:58 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{1AF561EF-4700-4667-8656-A8CA4191148B}
[2013/05/03 00:30:07 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{C8F96578-B6F0-4CB4-9B1D-6B6D40A82A8A}
[2013/05/02 12:29:32 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{44136BF9-E0E9-46E6-846E-CC0EFAB56911}
[2013/05/02 11:39:15 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/05/02 00:28:58 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{95C3F356-EA8E-48EB-8EF2-EF9B9B95F923}
[2013/05/02 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{E86571D7-8901-41AD-AC66-82745B264AAB}
[2013/05/01 12:04:00 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{635A1E43-0792-4C25-B37D-D15CDD9BF46A}
[2013/04/30 23:04:14 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{37753E02-5600-48F0-9B9A-531E3C30C845}
[2013/04/30 11:03:50 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{70021F68-7702-45BF-B3E9-2DFEE874FE28}
[2013/04/29 14:28:47 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{3611CF3D-2DCF-419A-A70F-E0CDC2DE7970}
[2013/04/29 00:03:41 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{4B00A84B-8DEF-48D1-891D-5959CFA18D00}
[2013/04/28 12:03:06 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{1F4DA3F1-AB06-4DC0-BA9A-E41450EC573A}
[2013/04/28 00:02:42 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{417A15F6-A5AA-495F-842D-33544CD05BE7}
[2013/04/27 12:02:17 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{FDC52B47-96CC-4547-B13A-03DC9E4DC504}
[2013/04/26 11:58:26 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{9E6C5E7A-1844-4A59-9CB7-6DE45D21CDF6}
[2013/04/25 23:57:49 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{B50D2396-4BFF-4F7A-BA6C-5A054906380A}
[2013/04/25 11:29:22 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{BBFC3590-83E7-4BE5-8ACB-3F2CB9A12DFF}
[2013/04/25 11:27:34 | 000,000,000 | R--D | C] -- C:\Users\Name\Dropbox
[2013/04/25 11:24:34 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/04/25 11:24:01 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Roaming\Dropbox
[2013/04/24 23:28:47 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{D73755BF-E87D-4AF6-8D73-B070E6F17E80}
[2013/04/24 10:11:12 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{687F8F0C-8BA3-425D-A425-158C4927BD73}
[2013/04/23 22:10:23 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{3CA448B9-49D8-48F6-ADF1-188DDF1F7DFB}
[2013/04/23 10:09:49 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{3B178EC9-E5EB-40A7-BDB6-213F5281EBE0}
[2013/04/22 22:09:15 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{9B1F7748-5587-4DCD-8B08-0CB0AB03C457}
[2013/04/22 10:09:04 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{BF296B67-F49E-409B-8D2D-B3ADCA994862}
[2013/04/21 20:31:58 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{14A2F182-50B0-4139-9621-EC2F1BFB469E}
[2013/04/21 03:39:41 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{9C8F5452-62FB-49D9-950B-858E8947A2CB}
[2013/04/20 15:39:29 | 000,000,000 | ---D | C] -- C:\Users\Name\AppData\Local\{E68F2BFA-4737-4C94-99E0-11E2592DAF6D}
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/20 13:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Name\Desktop\OTL.exe
[2013/05/20 10:00:57 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/20 10:00:57 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/05/20 10:00:57 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/20 10:00:57 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/05/20 10:00:57 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/20 09:57:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/20 00:23:19 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/20 00:23:19 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/19 23:12:44 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{77584BCB-0981-4913-98F7-2B88D7A2DC1A}.job
[2013/05/19 23:12:01 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/19 23:05:34 | 3061,911,552 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/19 23:05:04 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013/05/18 10:36:57 | 000,024,736 | ---- | M] () -- C:\Users\Name\Desktop\!cid_F939C699-9EF3-4BFF-8804-C70F46BFA75D.png
[2013/05/17 07:45:50 | 000,130,080 | ---- | M] () -- C:\Users\Name\Desktop\Einzelauskunft.pdf
[2013/05/17 07:42:02 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/17 07:17:52 | 000,317,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/17 01:51:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/16 23:45:05 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2139233403-3668130424-2115278807-1002UA.job
[2013/05/16 23:45:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2139233403-3668130424-2115278807-1002Core.job
[2013/05/16 16:01:32 | 000,066,548 | ---- | M] () -- C:\Users\Name\Desktop\Benutzung Kreditkarte Jens_Braunschweig Hotel.pdf
[2013/05/14 20:19:14 | 000,864,724 | ---- | M] () -- C:\Users\Name\Desktop\2012ADIPOCYTE037R.pdf
[2013/05/14 17:30:42 | 003,546,617 | ---- | M] () -- C:\Users\Name\Desktop\2345.pdf
[2013/05/11 15:56:03 | 000,200,006 | ---- | M] () -- C:\Users\Name\Desktop\Unbenannt.png
[2013/05/10 19:52:52 | 000,000,584 | ---- | M] () -- C:\Users\Name\Documents\grstyles.stl
[2013/05/10 19:08:23 | 000,001,951 | ---- | M] () -- C:\Users\Name\Documents\template.cfg
[2013/05/06 23:13:49 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013/05/02 11:38:55 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/04/25 11:24:47 | 000,001,067 | ---- | M] () -- C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
========== Files Created - No Company Name ==========
 
[2013/05/19 23:12:44 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{77584BCB-0981-4913-98F7-2B88D7A2DC1A}.job
[2013/05/19 23:05:04 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013/05/18 10:37:01 | 000,024,736 | ---- | C] () -- C:\Users\Name\Desktop\!cid_F939C699-9EF3-4BFF-8804-C70F46BFA75D.png
[2013/05/17 07:45:50 | 000,130,080 | ---- | C] () -- C:\Users\Name\Desktop\Einzelauskunft.pdf
[2013/05/16 16:01:32 | 000,066,548 | ---- | C] () -- C:\Users\Name\Desktop\Benutzung Kreditkarte Jens_Braunschweig Hotel.pdf
[2013/05/14 20:19:14 | 000,864,724 | ---- | C] () -- C:\Users\Name\Desktop\2012ADIPOCYTE037R.pdf
[2013/05/14 17:30:42 | 003,546,617 | ---- | C] () -- C:\Users\Name\Desktop\2345.pdf
[2013/05/14 15:51:28 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2013/05/14 15:50:04 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2013/05/14 15:49:53 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2013/05/14 15:49:53 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2013/05/14 15:49:33 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2013/05/11 15:56:03 | 000,200,006 | ---- | C] () -- C:\Users\Name\Desktop\Unbenannt.png
[2013/04/25 11:24:47 | 000,001,067 | ---- | C] () -- C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/07 17:56:55 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2013/01/09 21:19:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/09 21:19:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/09 21:19:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/09 21:19:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/09 21:19:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/10 14:35:13 | 000,003,813 | ---- | C] () -- C:\Users\Name\AppData\Local\recently-used.xbel
[2012/06/29 23:33:59 | 000,012,755 | ---- | C] () -- C:\Users\Name\AppData\Roaming\SerialClonerPrefs
[2012/02/10 15:31:47 | 000,000,257 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/02/10 15:31:47 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/02/10 15:31:11 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/02/10 15:31:10 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD8860DN.DAT
[2012/02/10 15:29:51 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012/02/10 15:29:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012/02/10 15:29:50 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/02/10 15:29:42 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/02/10 15:29:25 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2011/09/23 18:44:39 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/07/20 00:33:31 | 000,000,000 | ---- | C] () -- C:\Users\Name\AppData\Local\{2BF33926-9AA0-47B2-A52E-E077962C867B}
[2011/07/07 15:27:39 | 000,000,000 | ---- | C] () -- C:\Users\Name\AppData\Local\{D9521F0A-1441-48C3-989A-1B1C93F40371}
[2011/06/27 14:39:24 | 000,000,000 | ---- | C] () -- C:\Users\Name\AppData\Local\{4193AAB6-E74E-449D-B5B9-DDAFC9ECF9E0}
[2011/04/25 21:30:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011/05/29 14:54:17 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\.kde
[2011/05/05 23:25:04 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\ACD Systems
[2012/01/17 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Advanced Chemistry Development
[2012/08/11 12:31:52 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Ape
[2011/04/25 22:25:36 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Ashampoo
[2012/08/22 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Carl Zeiss
[2012/08/23 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Carl Zeiss MicroImaging
[2013/05/19 23:07:29 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Dropbox
[2013/03/16 13:04:53 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\DVDVideoSoft
[2011/08/01 22:38:20 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/04/29 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\elsterformular
[2012/06/16 22:35:22 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\GraphPad Software
[2012/07/15 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\gtk-2.0
[2012/08/24 02:04:08 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\ICQ
[2012/01/25 02:32:14 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Imaxel
[2012/08/05 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\inkscape
[2011/06/13 22:20:43 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\IrfanView
[2013/04/02 23:42:17 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Jitsi
[2011/05/29 14:39:53 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\KDE
[2011/05/12 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\LyX2.0
[2011/11/15 09:28:54 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\ManyCam
[2013/03/16 13:04:44 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\OpenCandy
[2011/11/09 19:40:42 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Philipp Winterberg
[2011/05/12 19:31:07 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\ScanSoft
[2012/08/10 19:35:33 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\SerialCloner
[2012/03/18 01:00:47 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\SoftGrid Client
[2011/05/12 21:50:26 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\The Discovery Series
[2011/11/12 22:14:08 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Thunderbird
[2011/04/25 22:40:05 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\TP
[2013/03/16 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\TuneUp Software
[2011/04/30 10:09:39 | 000,000,000 | ---D | M] -- C:\Users\Name\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013/03/28 23:31:44 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2012/01/17 16:56:58 | 000,000,000 | ---D | M] -- C:\ACDFREE12
[2011/06/08 22:27:18 | 000,000,000 | ---D | M] -- C:\AIM
[2013/04/07 17:55:51 | 000,000,000 | ---D | M] -- C:\AI_CS2_GR_NonRet
[2012/06/29 21:26:12 | 000,000,000 | ---D | M] -- C:\BioEdit
[2011/04/23 18:50:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013/05/19 23:03:51 | 000,000,000 | -HSD | M] -- C:\found.000
[2010/12/09 21:08:59 | 000,000,000 | ---D | M] -- C:\Intel
[2012/03/19 23:24:28 | 000,000,000 | R--D | M] -- C:\MSOCache
[2013/04/02 23:28:50 | 000,000,000 | R--D | M] -- C:\Program Files
[2013/05/06 17:37:12 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013/03/16 13:05:20 | 000,000,000 | ---D | M] -- C:\ProgramData
[2013/04/07 18:16:33 | 000,000,000 | ---D | M] -- C:\PS_CS2_Gr_NonRet
[2013/01/10 01:28:26 | 000,000,000 | ---D | M] -- C:\Qoobox
[2011/04/23 18:50:50 | 000,000,000 | ---D | M] -- C:\Recovery
[2013/05/20 13:06:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/09/23 18:41:13 | 000,000,000 | ---D | M] -- C:\Temp
[2013/05/06 19:58:24 | 000,000,000 | R--D | M] -- C:\Users
[2013/05/16 19:22:00 | 000,000,000 | ---D | M] -- C:\Windows
[2012/08/02 11:37:25 | 000,000,000 | ---D | M] -- C:\ZEN
[2013/01/10 23:13:54 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009/07/14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009/07/14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009/07/14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009/07/14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010/11/20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/16 20:49:33 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/01/12 23:26:40 | 000,001,122 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/01/12 23:26:48 | 000,001,126 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/04/02 23:40:24 | 000,000,942 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139233403-3668130424-2115278807-1002Core.job
[2013/04/02 23:40:24 | 000,000,964 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2139233403-3668130424-2115278807-1002UA.job
[2013/05/19 23:12:44 | 000,000,302 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{77584BCB-0981-4913-98F7-2B88D7A2DC1A}.job
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2010/05/12 10:37:57 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2010/05/12 10:50:37 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\erdnt\cache64\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\erdnt\cache86\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010/05/12 10:38:10 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010/05/12 10:50:49 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\erdnt\cache86\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\erdnt\cache64\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\erdnt\cache64\user32.dll
[2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\erdnt\cache86\user32.dll
[2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[2010/11/20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
< %USERPROFILE%\*.* >
[2012/03/22 16:51:33 | 000,006,981 | ---- | M] () -- C:\Users\Name\IJ_Prefs.txt
[2013/05/20 13:15:20 | 007,077,888 | -HS- | M] () -- C:\Users\Name\NTUSER.DAT
[2013/05/20 13:15:20 | 000,262,144 | -HS- | M] () -- C:\Users\Name\ntuser.dat.LOG1
[2011/04/23 18:54:15 | 000,000,000 | -HS- | M] () -- C:\Users\Name\ntuser.dat.LOG2
[2011/04/23 19:14:36 | 000,065,536 | -HS- | M] () -- C:\Users\Name\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011/04/23 19:14:36 | 000,524,288 | -HS- | M] () -- C:\Users\Name\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011/04/23 19:14:36 | 000,524,288 | -HS- | M] () -- C:\Users\Name\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011/04/23 18:54:16 | 000,000,020 | -HS- | M] () -- C:\Users\Name\ntuser.ini
[2012/07/12 21:50:43 | 000,005,632 | -HS- | M] () -- C:\Users\Name\Thumbs.db
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
Extra.txt wurde nicht generiert.
__________________
Alt 20.05.2013, 12:35   #4
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

b
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.05.2013, 17:01   #5
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hallo, hier der Text nach dem OTL Fix:

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 58264 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Name Name
->Temp folder emptied: 418422362 bytes
->Temporary Internet Files folder emptied: 421891746 bytes
->Java cache emptied: 2558342 bytes
->FireFox cache emptied: 63069880 bytes
->Google Chrome cache emptied: 427583379 bytes
->Flash cache emptied: 1244 bytes
 
User: Name H�Name
->Temp folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 201132744 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42286856 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 137128260 bytes
 
Total Files Cleaned = 1,635.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05202013_174909

Files\Folders moved on Reboot...
C:\Users\Name Name\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 20.05.2013, 17:03   #6
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Can not load hotkey.sys, Windows Update deaktiviert

Alt 20.05.2013, 17:14   #7
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hab's wie beschrieben gemacht,

hier die log-Datei.

Code:
ATTFilter
18:11:12.0382 1432  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:11:12.0537 1432  ============================================================
18:11:12.0537 1432  Current date / time: 2013/05/20 18:11:12.0537
18:11:12.0537 1432  SystemInfo:
18:11:12.0537 1432  
18:11:12.0537 1432  OS Version: 6.1.7601 ServicePack: 1.0
18:11:12.0537 1432  Product type: Workstation
18:11:12.0537 1432  ComputerName: namename
18:11:12.0538 1432  UserName: name name
18:11:12.0538 1432  Windows directory: C:\Windows
18:11:12.0538 1432  System windows directory: C:\Windows
18:11:12.0538 1432  Running under WOW64
18:11:12.0538 1432  Processor architecture: Intel x64
18:11:12.0538 1432  Number of processors: 4
18:11:12.0538 1432  Page size: 0x1000
18:11:12.0538 1432  Boot type: Normal boot
18:11:12.0538 1432  ============================================================
18:11:13.0042 1432  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:13.0046 1432  ============================================================
18:11:13.0046 1432  \Device\Harddisk0\DR0:
18:11:13.0046 1432  MBR partitions:
18:11:13.0046 1432  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:11:13.0046 1432  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4447D800
18:11:13.0046 1432  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x444B0000, BlocksNum 0x61A8000
18:11:13.0046 1432  ============================================================
18:11:13.0083 1432  C: <-> \Device\Harddisk0\DR0\Partition2
18:11:13.0121 1432  D: <-> \Device\Harddisk0\DR0\Partition3
18:11:13.0121 1432  ============================================================
18:11:13.0121 1432  Initialize success
18:11:13.0121 1432  ============================================================
18:12:09.0558 4688  ============================================================
18:12:09.0558 4688  Scan started
18:12:09.0558 4688  Mode: Manual; SigCheck; TDLFS; 
18:12:09.0558 4688  ============================================================
18:12:10.0146 4688  ================ Scan system memory ========================
18:12:10.0146 4688  System memory - ok
18:12:10.0146 4688  ================ Scan services =============================
18:12:10.0312 4688  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:12:10.0423 4688  1394ohci - ok
18:12:10.0474 4688  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:12:10.0490 4688  ACPI - ok
18:12:10.0518 4688  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:12:10.0598 4688  AcpiPmi - ok
18:12:10.0694 4688  [ 166E339BD4D8141E3BED519FC1004B56 ] ACProtector     C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe
18:12:10.0715 4688  ACProtector - ok
18:12:10.0837 4688  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:12:10.0884 4688  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
18:12:10.0884 4688  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
18:12:10.0985 4688  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:12:11.0000 4688  AdobeARMservice - ok
18:12:11.0121 4688  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:12:11.0160 4688  AdobeFlashPlayerUpdateSvc - ok
18:12:11.0232 4688  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:12:11.0258 4688  adp94xx - ok
18:12:11.0300 4688  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:12:11.0323 4688  adpahci - ok
18:12:11.0357 4688  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:12:11.0377 4688  adpu320 - ok
18:12:11.0407 4688  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:12:11.0549 4688  AeLookupSvc - ok
18:12:11.0602 4688  [ 0517E1670A58213E3F206066CD209273 ] AF15BDA         C:\Windows\system32\DRIVERS\AF15BDA.sys
18:12:11.0659 4688  AF15BDA - ok
18:12:11.0703 4688  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:12:11.0764 4688  AFD - ok
18:12:11.0823 4688  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:12:11.0841 4688  agp440 - ok
18:12:11.0905 4688  [ 89CD44C10D9B4D87725FF07F18A5702F ] aksdf           C:\Windows\system32\drivers\aksdf.sys
18:12:11.0956 4688  aksdf - ok
18:12:12.0022 4688  [ BA0B6FD78AE88D39B9D3D984F295A137 ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
18:12:12.0082 4688  aksfridge - ok
18:12:12.0120 4688  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:12:12.0178 4688  ALG - ok
18:12:12.0241 4688  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:12:12.0254 4688  aliide - ok
18:12:12.0273 4688  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:12:12.0289 4688  amdide - ok
18:12:12.0310 4688  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:12:12.0365 4688  AmdK8 - ok
18:12:12.0385 4688  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:12:12.0429 4688  AmdPPM - ok
18:12:12.0464 4688  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:12:12.0483 4688  amdsata - ok
18:12:12.0510 4688  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:12:12.0552 4688  amdsbs - ok
18:12:12.0574 4688  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:12:12.0589 4688  amdxata - ok
18:12:12.0702 4688  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:12:12.0718 4688  AntiVirSchedulerService - ok
18:12:12.0775 4688  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:12:12.0784 4688  AntiVirService - ok
18:12:12.0832 4688  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:12:12.0973 4688  AppID - ok
18:12:13.0002 4688  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:12:13.0087 4688  AppIDSvc - ok
18:12:13.0146 4688  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:12:13.0206 4688  Appinfo - ok
18:12:13.0296 4688  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:12:13.0323 4688  Apple Mobile Device - ok
18:12:13.0375 4688  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:12:13.0393 4688  arc - ok
18:12:13.0412 4688  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:12:13.0429 4688  arcsas - ok
18:12:13.0563 4688  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:12:13.0645 4688  aspnet_state - ok
18:12:13.0697 4688  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:12:13.0777 4688  AsyncMac - ok
18:12:13.0844 4688  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:12:13.0858 4688  atapi - ok
18:12:13.0907 4688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:12:13.0990 4688  AudioEndpointBuilder - ok
18:12:14.0004 4688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:12:14.0046 4688  AudioSrv - ok
18:12:14.0117 4688  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:12:14.0136 4688  avgntflt - ok
18:12:14.0189 4688  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:12:14.0207 4688  avipbb - ok
18:12:14.0241 4688  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:12:14.0258 4688  avkmgr - ok
18:12:14.0304 4688  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:12:14.0395 4688  AxInstSV - ok
18:12:14.0443 4688  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:12:14.0503 4688  b06bdrv - ok
18:12:14.0536 4688  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:12:14.0573 4688  b57nd60a - ok
18:12:14.0619 4688  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:12:14.0663 4688  BDESVC - ok
18:12:14.0685 4688  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:12:14.0770 4688  Beep - ok
18:12:14.0841 4688  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:12:14.0911 4688  BFE - ok
18:12:14.0958 4688  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
18:12:15.0032 4688  BITS - ok
18:12:15.0065 4688  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:12:15.0101 4688  blbdrive - ok
18:12:15.0173 4688  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:12:15.0195 4688  Bonjour Service - ok
18:12:15.0230 4688  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:12:15.0273 4688  bowser - ok
18:12:15.0312 4688  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:12:15.0366 4688  BrFiltLo - ok
18:12:15.0401 4688  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:12:15.0454 4688  BrFiltUp - ok
18:12:15.0506 4688  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:12:15.0577 4688  BridgeMP - ok
18:12:15.0640 4688  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:12:15.0670 4688  Browser - ok
18:12:15.0692 4688  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:12:15.0738 4688  Brserid - ok
18:12:15.0760 4688  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:12:15.0793 4688  BrSerWdm - ok
18:12:15.0813 4688  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:12:15.0850 4688  BrUsbMdm - ok
18:12:15.0870 4688  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:12:15.0911 4688  BrUsbSer - ok
18:12:15.0934 4688  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:12:15.0965 4688  BTHMODEM - ok
18:12:15.0999 4688  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:12:16.0066 4688  bthserv - ok
18:12:16.0090 4688  catchme - ok
18:12:16.0116 4688  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:12:16.0181 4688  cdfs - ok
18:12:16.0234 4688  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:12:16.0262 4688  cdrom - ok
18:12:16.0313 4688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:12:16.0373 4688  CertPropSvc - ok
18:12:16.0401 4688  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:12:16.0432 4688  circlass - ok
18:12:16.0461 4688  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:12:16.0477 4688  CLFS - ok
18:12:16.0536 4688  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:12:16.0571 4688  clr_optimization_v2.0.50727_32 - ok
18:12:16.0635 4688  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:12:16.0650 4688  clr_optimization_v2.0.50727_64 - ok
18:12:16.0732 4688  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:12:16.0882 4688  clr_optimization_v4.0.30319_32 - ok
18:12:16.0909 4688  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:12:16.0946 4688  clr_optimization_v4.0.30319_64 - ok
18:12:16.0976 4688  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
18:12:16.0991 4688  clwvd - ok
18:12:17.0030 4688  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:12:17.0051 4688  CmBatt - ok
18:12:17.0063 4688  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:12:17.0077 4688  cmdide - ok
18:12:17.0110 4688  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:12:17.0161 4688  CNG - ok
18:12:17.0212 4688  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:12:17.0230 4688  Compbatt - ok
18:12:17.0276 4688  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:12:17.0304 4688  CompositeBus - ok
18:12:17.0321 4688  COMSysApp - ok
18:12:17.0348 4688  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:12:17.0362 4688  crcdisk - ok
18:12:17.0421 4688  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:12:17.0472 4688  CryptSvc - ok
18:12:17.0523 4688  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
18:12:17.0538 4688  CVirtA - ok
18:12:17.0643 4688  [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
18:12:17.0686 4688  CVPND - ok
18:12:17.0714 4688  [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
18:12:17.0735 4688  CVPNDRVA - ok
18:12:17.0788 4688  [ 3E26199DB3208FA1CF16CB89929537A9 ] CZCanSrv        C:\Program Files (x86)\Common Files\Carl Zeiss\CZCanSrv.exe
18:12:17.0814 4688  CZCanSrv ( UnsignedFile.Multi.Generic ) - warning
18:12:17.0814 4688  CZCanSrv - detected UnsignedFile.Multi.Generic (1)
18:12:17.0869 4688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:12:17.0923 4688  DcomLaunch - ok
18:12:17.0965 4688  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:12:18.0044 4688  defragsvc - ok
18:12:18.0098 4688  [ C80F2515F27B7C206F9E60E5D47CE3D2 ] deMntrService   C:\Program Files\Dell\MFP_DELL\deMntrService.exe
18:12:18.0110 4688  deMntrService ( UnsignedFile.Multi.Generic ) - warning
18:12:18.0110 4688  deMntrService - detected UnsignedFile.Multi.Generic (1)
18:12:18.0147 4688  [ FCC88E7C6991BF29E61D31E2507BEF02 ] DESVUSB         C:\Windows\system32\DRIVERS\desrvusb.sys
18:12:18.0177 4688  DESVUSB - ok
18:12:18.0217 4688  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:12:18.0282 4688  DfsC - ok
18:12:18.0289 4688  DgiVecp - ok
18:12:18.0337 4688  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:12:18.0394 4688  Dhcp - ok
18:12:18.0416 4688  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:12:18.0455 4688  discache - ok
18:12:18.0507 4688  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:12:18.0524 4688  Disk - ok
18:12:18.0566 4688  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
18:12:18.0578 4688  DNE - ok
18:12:18.0653 4688  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:12:18.0705 4688  Dnscache - ok
18:12:18.0753 4688  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:12:18.0812 4688  dot3svc - ok
18:12:18.0853 4688  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:12:18.0929 4688  DPS - ok
18:12:18.0969 4688  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:12:19.0010 4688  drmkaud - ok
18:12:19.0077 4688  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:12:19.0117 4688  DXGKrnl - ok
18:12:19.0164 4688  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:12:19.0208 4688  EapHost - ok
18:12:19.0297 4688  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:12:19.0364 4688  ebdrv - ok
18:12:19.0397 4688  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:12:19.0453 4688  EFS - ok
18:12:19.0519 4688  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:12:19.0607 4688  ehRecvr - ok
18:12:19.0638 4688  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:12:19.0680 4688  ehSched - ok
18:12:19.0723 4688  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:12:19.0749 4688  elxstor - ok
18:12:19.0792 4688  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:12:19.0822 4688  ErrDev - ok
18:12:19.0895 4688  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:12:19.0961 4688  EventSystem - ok
18:12:19.0985 4688  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:12:20.0059 4688  exfat - ok
18:12:20.0078 4688  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:12:20.0147 4688  fastfat - ok
18:12:20.0200 4688  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:12:20.0256 4688  Fax - ok
18:12:20.0286 4688  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:12:20.0315 4688  fdc - ok
18:12:20.0338 4688  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:12:20.0405 4688  fdPHost - ok
18:12:20.0421 4688  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:12:20.0476 4688  FDResPub - ok
18:12:20.0512 4688  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:12:20.0530 4688  FileInfo - ok
18:12:20.0542 4688  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:12:20.0632 4688  Filetrace - ok
18:12:20.0660 4688  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:12:20.0700 4688  flpydisk - ok
18:12:20.0757 4688  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:12:20.0779 4688  FltMgr - ok
18:12:20.0841 4688  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:12:20.0903 4688  FontCache - ok
18:12:20.0961 4688  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:12:20.0975 4688  FontCache3.0.0.0 - ok
18:12:21.0000 4688  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:12:21.0021 4688  FsDepends - ok
18:12:21.0064 4688  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:12:21.0079 4688  Fs_Rec - ok
18:12:21.0128 4688  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:12:21.0155 4688  fvevol - ok
18:12:21.0197 4688  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:12:21.0214 4688  gagp30kx - ok
18:12:21.0252 4688  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:12:21.0266 4688  GEARAspiWDM - ok
18:12:21.0317 4688  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:12:21.0383 4688  gpsvc - ok
18:12:21.0442 4688  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:21.0452 4688  gupdate - ok
18:12:21.0463 4688  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:21.0471 4688  gupdatem - ok
18:12:21.0518 4688  [ 78FAD9117E4527F2CA82259DA10F40BD ] hardlock        C:\Windows\system32\drivers\hardlock.sys
18:12:21.0597 4688  hardlock - ok
18:12:21.0612 4688  hasplms - ok
18:12:21.0629 4688  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:12:21.0676 4688  hcw85cir - ok
18:12:21.0731 4688  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:12:21.0770 4688  HdAudAddService - ok
18:12:21.0798 4688  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:12:21.0822 4688  HDAudBus - ok
18:12:21.0871 4688  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
18:12:21.0884 4688  HECIx64 - ok
18:12:21.0913 4688  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:12:21.0932 4688  HidBatt - ok
18:12:21.0944 4688  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:12:21.0971 4688  HidBth - ok
18:12:21.0994 4688  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:12:22.0028 4688  HidIr - ok
18:12:22.0050 4688  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
18:12:22.0107 4688  hidserv - ok
18:12:22.0184 4688  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:12:22.0199 4688  HidUsb - ok
18:12:22.0236 4688  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:12:22.0296 4688  hkmsvc - ok
18:12:22.0343 4688  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:12:22.0390 4688  HomeGroupListener - ok
18:12:22.0422 4688  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:12:22.0462 4688  HomeGroupProvider - ok
18:12:22.0510 4688  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:12:22.0527 4688  HpSAMD - ok
18:12:22.0583 4688  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:12:22.0681 4688  HTTP - ok
18:12:22.0759 4688  [ 012015A7DA5D7DD5DDDF3BE4C34CBE3B ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
18:12:22.0772 4688  HWiNFO32 - ok
18:12:22.0811 4688  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:12:22.0848 4688  hwpolicy - ok
18:12:22.0896 4688  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:12:22.0914 4688  i8042prt - ok
18:12:22.0961 4688  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:12:22.0978 4688  iaStor - ok
18:12:23.0053 4688  [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:12:23.0062 4688  IAStorDataMgrSvc - ok
18:12:23.0116 4688  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:12:23.0141 4688  iaStorV - ok
18:12:23.0202 4688  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:12:23.0259 4688  idsvc - ok
18:12:23.0480 4688  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:12:23.0775 4688  igfx - ok
18:12:23.0811 4688  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:12:23.0826 4688  iirsp - ok
18:12:23.0892 4688  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:12:23.0964 4688  IKEEXT - ok
18:12:24.0015 4688  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
18:12:24.0054 4688  Impcd - ok
18:12:24.0156 4688  [ 98220284537E9C96561406F99BE48086 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:12:24.0223 4688  IntcAzAudAddService - ok
18:12:24.0255 4688  [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:12:24.0286 4688  IntcDAud - ok
18:12:24.0317 4688  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:12:24.0332 4688  intelide - ok
18:12:24.0371 4688  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:12:24.0383 4688  intelppm - ok
18:12:24.0416 4688  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:12:24.0466 4688  IPBusEnum - ok
18:12:24.0504 4688  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:12:24.0602 4688  IpFilterDriver - ok
18:12:24.0648 4688  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:12:24.0699 4688  iphlpsvc - ok
18:12:24.0741 4688  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:12:24.0772 4688  IPMIDRV - ok
18:12:24.0814 4688  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:12:24.0885 4688  IPNAT - ok
18:12:24.0962 4688  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:12:24.0987 4688  iPod Service - ok
18:12:25.0015 4688  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:12:25.0062 4688  IRENUM - ok
18:12:25.0093 4688  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:12:25.0107 4688  isapnp - ok
18:12:25.0130 4688  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:12:25.0154 4688  iScsiPrt - ok
18:12:25.0177 4688  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:12:25.0194 4688  kbdclass - ok
18:12:25.0239 4688  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:12:25.0263 4688  kbdhid - ok
18:12:25.0276 4688  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:12:25.0286 4688  KeyIso - ok
18:12:25.0322 4688  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:12:25.0345 4688  KSecDD - ok
18:12:25.0367 4688  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:12:25.0389 4688  KSecPkg - ok
18:12:25.0406 4688  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:12:25.0452 4688  ksthunk - ok
18:12:25.0477 4688  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:12:25.0539 4688  KtmRm - ok
18:12:25.0653 4688  [ 48686C29856F46443952A831424F8D6F ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:12:25.0710 4688  L1C - ok
18:12:25.0761 4688  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:12:25.0824 4688  LanmanServer - ok
18:12:25.0864 4688  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:12:25.0934 4688  LanmanWorkstation - ok
18:12:25.0976 4688  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:12:26.0034 4688  lltdio - ok
18:12:26.0062 4688  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:12:26.0129 4688  lltdsvc - ok
18:12:26.0142 4688  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:12:26.0194 4688  lmhosts - ok
18:12:26.0259 4688  [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:12:26.0291 4688  LMS - ok
18:12:26.0328 4688  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:12:26.0346 4688  LSI_FC - ok
18:12:26.0363 4688  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:12:26.0381 4688  LSI_SAS - ok
18:12:26.0413 4688  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:12:26.0430 4688  LSI_SAS2 - ok
18:12:26.0455 4688  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:12:26.0475 4688  LSI_SCSI - ok
18:12:26.0512 4688  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:12:26.0568 4688  luafv - ok
18:12:26.0626 4688  [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam         C:\Windows\system32\DRIVERS\ManyCam_x64.sys
18:12:26.0660 4688  ManyCam - ok
18:12:26.0803 4688  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:12:26.0842 4688  MBAMProtector - ok
18:12:26.0932 4688  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:12:26.0961 4688  MBAMScheduler - ok
18:12:27.0012 4688  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:12:27.0043 4688  MBAMService - ok
18:12:27.0072 4688  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:12:27.0111 4688  Mcx2Svc - ok
18:12:27.0145 4688  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:12:27.0160 4688  megasas - ok
18:12:27.0213 4688  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:12:27.0236 4688  MegaSR - ok
18:12:27.0270 4688  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:12:27.0327 4688  MMCSS - ok
18:12:27.0341 4688  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:12:27.0395 4688  Modem - ok
18:12:27.0438 4688  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:12:27.0460 4688  monitor - ok
18:12:27.0485 4688  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
18:12:27.0501 4688  mouclass - ok
18:12:27.0561 4688  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:12:27.0620 4688  mouhid - ok
18:12:27.0657 4688  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:12:27.0673 4688  mountmgr - ok
18:12:27.0741 4688  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:12:27.0801 4688  MozillaMaintenance - ok
18:12:27.0839 4688  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:12:27.0861 4688  mpio - ok
18:12:27.0897 4688  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:12:27.0958 4688  mpsdrv - ok
18:12:28.0001 4688  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:12:28.0086 4688  MpsSvc - ok
18:12:28.0121 4688  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:12:28.0178 4688  MRxDAV - ok
18:12:28.0207 4688  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:12:28.0263 4688  mrxsmb - ok
18:12:28.0297 4688  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:12:28.0338 4688  mrxsmb10 - ok
18:12:28.0351 4688  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:12:28.0382 4688  mrxsmb20 - ok
18:12:28.0413 4688  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:12:28.0427 4688  msahci - ok
18:12:28.0451 4688  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:12:28.0473 4688  msdsm - ok
18:12:28.0497 4688  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:12:28.0526 4688  MSDTC - ok
18:12:28.0585 4688  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:12:28.0683 4688  Msfs - ok
18:12:28.0703 4688  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:12:28.0760 4688  mshidkmdf - ok
18:12:28.0799 4688  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:12:28.0815 4688  msisadrv - ok
18:12:28.0847 4688  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:12:28.0917 4688  MSiSCSI - ok
18:12:28.0921 4688  msiserver - ok
18:12:28.0962 4688  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:12:29.0002 4688  MSKSSRV - ok
18:12:29.0019 4688  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:12:29.0083 4688  MSPCLOCK - ok
18:12:29.0087 4688  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:12:29.0127 4688  MSPQM - ok
18:12:29.0166 4688  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:12:29.0189 4688  MsRPC - ok
18:12:29.0224 4688  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:12:29.0234 4688  mssmbios - ok
18:12:29.0252 4688  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:12:29.0302 4688  MSTEE - ok
18:12:29.0380 4688  [ B735EE2DF3F2D755D48C04BC06388A43 ] MTBService_1.8.1.8 C:\Program Files\Carl Zeiss\MTB 2004 - 1.8.1.8\MTB Server Console\MTBService.exe
18:12:29.0400 4688  MTBService_1.8.1.8 ( UnsignedFile.Multi.Generic ) - warning
18:12:29.0400 4688  MTBService_1.8.1.8 - detected UnsignedFile.Multi.Generic (1)
18:12:29.0432 4688  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:12:29.0458 4688  MTConfig - ok
18:12:29.0487 4688  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:12:29.0505 4688  Mup - ok
18:12:29.0553 4688  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:12:29.0656 4688  napagent - ok
18:12:29.0743 4688  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:12:29.0814 4688  NativeWifiP - ok
18:12:29.0904 4688  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:12:29.0930 4688  NDIS - ok
18:12:29.0960 4688  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:12:30.0016 4688  NdisCap - ok
18:12:30.0049 4688  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:12:30.0106 4688  NdisTapi - ok
18:12:30.0155 4688  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:12:30.0222 4688  Ndisuio - ok
18:12:30.0264 4688  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:12:30.0350 4688  NdisWan - ok
18:12:30.0378 4688  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:12:30.0426 4688  NDProxy - ok
18:12:30.0456 4688  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:12:30.0509 4688  NetBIOS - ok
18:12:30.0551 4688  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:12:30.0623 4688  NetBT - ok
18:12:30.0634 4688  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:12:30.0646 4688  Netlogon - ok
18:12:30.0719 4688  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:12:30.0820 4688  Netman - ok
18:12:30.0903 4688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:30.0939 4688  NetMsmqActivator - ok
18:12:30.0968 4688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:30.0982 4688  NetPipeActivator - ok
18:12:31.0009 4688  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:12:31.0087 4688  netprofm - ok
18:12:31.0118 4688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:31.0129 4688  NetTcpActivator - ok
18:12:31.0133 4688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:31.0144 4688  NetTcpPortSharing - ok
18:12:31.0170 4688  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:12:31.0204 4688  nfrd960 - ok
18:12:31.0239 4688  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:12:31.0288 4688  NlaSvc - ok
18:12:31.0308 4688  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:12:31.0361 4688  Npfs - ok
18:12:31.0400 4688  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:12:31.0475 4688  nsi - ok
18:12:31.0494 4688  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:12:31.0538 4688  nsiproxy - ok
18:12:31.0639 4688  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:12:31.0701 4688  Ntfs - ok
18:12:31.0731 4688  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:12:31.0784 4688  Null - ok
18:12:31.0847 4688  [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:12:31.0904 4688  nusb3hub - ok
18:12:31.0945 4688  [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:12:31.0990 4688  nusb3xhc - ok
18:12:32.0625 4688  [ 589FEBA7A8E3EB0C3DF254ABABA3A257 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:12:33.0058 4688  nvlddmkm - ok
18:12:33.0114 4688  [ 273B73BF8F214154B6C499C9842CA3A2 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:12:33.0128 4688  nvpciflt - ok
18:12:33.0161 4688  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:12:33.0179 4688  nvraid - ok
18:12:33.0210 4688  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:12:33.0229 4688  nvstor - ok
18:12:33.0276 4688  [ 03055FDFD0F9F17E95E27F6193CE4EB9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:12:33.0287 4688  nvsvc - ok
18:12:33.0348 4688  [ 9C42974EF3DAB4D3B38E5F26F311645A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:12:33.0395 4688  nvUpdatusService - ok
18:12:33.0431 4688  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:12:33.0457 4688  nv_agp - ok
18:12:33.0577 4688  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:12:33.0621 4688  odserv - ok
18:12:33.0656 4688  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:12:33.0707 4688  ohci1394 - ok
18:12:33.0731 4688  olqaehm - ok
18:12:33.0759 4688  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:12:33.0778 4688  ose - ok
18:12:33.0807 4688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:12:33.0861 4688  p2pimsvc - ok
18:12:33.0900 4688  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:12:33.0923 4688  p2psvc - ok
18:12:33.0944 4688  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:12:33.0969 4688  Parport - ok
18:12:34.0002 4688  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:12:34.0023 4688  partmgr - ok
18:12:34.0043 4688  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:12:34.0083 4688  PcaSvc - ok
18:12:34.0112 4688  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:12:34.0134 4688  pci - ok
18:12:34.0149 4688  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:12:34.0166 4688  pciide - ok
18:12:34.0199 4688  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:12:34.0220 4688  pcmcia - ok
18:12:34.0240 4688  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:12:34.0259 4688  pcw - ok
18:12:34.0276 4688  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:12:34.0356 4688  PEAUTH - ok
18:12:34.0423 4688  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:12:34.0451 4688  PerfHost - ok
18:12:34.0528 4688  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:12:34.0606 4688  pla - ok
18:12:34.0636 4688  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:12:34.0686 4688  PlugPlay - ok
18:12:34.0730 4688  [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:12:34.0768 4688  Pml Driver HPZ12 - ok
18:12:34.0806 4688  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:12:34.0848 4688  PNRPAutoReg - ok
18:12:34.0872 4688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:12:34.0887 4688  PNRPsvc - ok
18:12:34.0941 4688  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:12:35.0015 4688  PolicyAgent - ok
18:12:35.0043 4688  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:12:35.0118 4688  Power - ok
18:12:35.0161 4688  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:12:35.0226 4688  PptpMiniport - ok
18:12:35.0264 4688  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:12:35.0293 4688  Processor - ok
18:12:35.0323 4688  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:12:35.0358 4688  ProfSvc - ok
18:12:35.0382 4688  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:12:35.0392 4688  ProtectedStorage - ok
18:12:35.0441 4688  [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
18:12:35.0467 4688  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
18:12:35.0467 4688  ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
18:12:35.0518 4688  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:12:35.0582 4688  Psched - ok
18:12:35.0642 4688  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
18:12:35.0654 4688  PSI - ok
18:12:35.0702 4688  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:12:35.0747 4688  ql2300 - ok
18:12:35.0783 4688  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:12:35.0801 4688  ql40xx - ok
18:12:35.0841 4688  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:12:35.0867 4688  QWAVE - ok
18:12:35.0890 4688  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:12:35.0918 4688  QWAVEdrv - ok
18:12:35.0952 4688  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:12:36.0003 4688  RasAcd - ok
18:12:36.0040 4688  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:12:36.0090 4688  RasAgileVpn - ok
18:12:36.0148 4688  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:12:36.0207 4688  RasAuto - ok
18:12:36.0239 4688  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:12:36.0283 4688  Rasl2tp - ok
18:12:36.0326 4688  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:12:36.0387 4688  RasMan - ok
18:12:36.0415 4688  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:12:36.0481 4688  RasPppoe - ok
18:12:36.0540 4688  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:12:36.0630 4688  RasSstp - ok
18:12:36.0697 4688  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:12:36.0770 4688  rdbss - ok
18:12:36.0831 4688  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:12:36.0888 4688  rdpbus - ok
18:12:36.0944 4688  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:12:36.0998 4688  RDPCDD - ok
18:12:37.0051 4688  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:12:37.0101 4688  RDPENCDD - ok
18:12:37.0118 4688  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:12:37.0202 4688  RDPREFMP - ok
18:12:37.0242 4688  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:12:37.0333 4688  RDPWD - ok
18:12:37.0438 4688  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:12:37.0550 4688  rdyboost - ok
18:12:37.0590 4688  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:12:37.0665 4688  RemoteAccess - ok
18:12:37.0748 4688  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:12:37.0857 4688  RemoteRegistry - ok
18:12:37.0943 4688  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:12:38.0015 4688  RpcEptMapper - ok
18:12:38.0074 4688  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:12:38.0140 4688  RpcLocator - ok
18:12:38.0182 4688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:12:38.0232 4688  RpcSs - ok
18:12:38.0279 4688  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:12:38.0355 4688  rspndr - ok
18:12:38.0495 4688  [ 44ED82612403021E36998E1ECB1198F1 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
18:12:38.0561 4688  RSUSBSTOR - ok
18:12:38.0640 4688  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:12:38.0691 4688  RTL8167 - ok
18:12:38.0999 4688  [ A5986B46C4348CB35EBB98F220948DF7 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
18:12:39.0072 4688  rtl8192se - ok
18:12:39.0113 4688  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:12:39.0129 4688  SamSs - ok
18:12:39.0163 4688  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:12:39.0196 4688  sbp2port - ok
18:12:39.0290 4688  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:12:39.0374 4688  SCardSvr - ok
18:12:39.0408 4688  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:12:39.0483 4688  scfilter - ok
18:12:39.0679 4688  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:12:39.0790 4688  Schedule - ok
18:12:39.0851 4688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:12:39.0904 4688  SCPolicySvc - ok
18:12:39.0982 4688  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:12:40.0046 4688  SDRSVC - ok
18:12:40.0100 4688  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:12:40.0189 4688  secdrv - ok
18:12:40.0238 4688  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:12:40.0315 4688  seclogon - ok
18:12:40.0648 4688  [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:12:40.0764 4688  Secunia PSI Agent - ok
18:12:40.0948 4688  [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:12:40.0982 4688  Secunia Update Agent - ok
18:12:41.0046 4688  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
18:12:41.0106 4688  SENS - ok
18:12:41.0144 4688  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:12:41.0206 4688  SensrSvc - ok
18:12:41.0266 4688  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:12:41.0312 4688  Serenum - ok
18:12:41.0384 4688  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:12:41.0445 4688  Serial - ok
18:12:41.0475 4688  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:12:41.0553 4688  sermouse - ok
18:12:41.0609 4688  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:12:41.0672 4688  SessionEnv - ok
18:12:41.0731 4688  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:12:41.0778 4688  sffdisk - ok
18:12:41.0836 4688  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:12:41.0884 4688  sffp_mmc - ok
18:12:41.0907 4688  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:12:41.0947 4688  sffp_sd - ok
18:12:41.0976 4688  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:12:42.0017 4688  sfloppy - ok
18:12:42.0074 4688  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:12:42.0124 4688  SharedAccess - ok
18:12:42.0221 4688  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:12:42.0295 4688  ShellHWDetection - ok
18:12:42.0352 4688  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:12:42.0375 4688  SiSRaid2 - ok
18:12:42.0429 4688  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:12:42.0448 4688  SiSRaid4 - ok
18:12:42.0542 4688  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:12:42.0625 4688  SkypeUpdate - ok
18:12:42.0673 4688  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:12:42.0752 4688  Smb - ok
18:12:42.0793 4688  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:12:42.0828 4688  SNMPTRAP - ok
18:12:42.0857 4688  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:12:42.0874 4688  spldr - ok
18:12:42.0914 4688  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:12:42.0982 4688  Spooler - ok
18:12:43.0412 4688  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:12:43.0507 4688  sppsvc - ok
18:12:43.0561 4688  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:12:43.0623 4688  sppuinotify - ok
18:12:43.0666 4688  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:12:43.0735 4688  srv - ok
18:12:43.0765 4688  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:12:43.0789 4688  srv2 - ok
18:12:43.0801 4688  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:12:43.0831 4688  srvnet - ok
18:12:43.0867 4688  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:12:43.0927 4688  SSDPSRV - ok
18:12:43.0931 4688  SSPORT - ok
18:12:43.0944 4688  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:12:44.0000 4688  SstpSvc - ok
18:12:44.0053 4688  [ 47A0A473AD1822E9E6C76E519BD0A023 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:12:44.0077 4688  Stereo Service - ok
18:12:44.0095 4688  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:12:44.0110 4688  stexstor - ok
18:12:44.0149 4688  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:12:44.0175 4688  StillCam - ok
18:12:44.0227 4688  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:12:44.0267 4688  stisvc - ok
18:12:44.0306 4688  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:12:44.0320 4688  swenum - ok
18:12:44.0359 4688  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:12:44.0410 4688  swprv - ok
18:12:44.0469 4688  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:12:44.0491 4688  SynTP - ok
18:12:44.0812 4688  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:12:44.0879 4688  SysMain - ok
18:12:44.0908 4688  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:12:44.0964 4688  TabletInputService - ok
18:12:45.0000 4688  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:12:45.0090 4688  TapiSrv - ok
18:12:45.0130 4688  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:12:45.0214 4688  TBS - ok
18:12:45.0278 4688  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:12:45.0351 4688  Tcpip - ok
18:12:45.0383 4688  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:12:45.0423 4688  TCPIP6 - ok
18:12:45.0461 4688  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:12:45.0492 4688  tcpipreg - ok
18:12:45.0521 4688  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:12:45.0548 4688  TDPIPE - ok
18:12:45.0563 4688  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:12:45.0593 4688  TDTCP - ok
18:12:45.0626 4688  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:12:45.0688 4688  tdx - ok
18:12:45.0725 4688  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:12:45.0740 4688  TermDD - ok
18:12:45.0788 4688  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:12:45.0867 4688  TermService - ok
18:12:45.0891 4688  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:12:45.0912 4688  Themes - ok
18:12:45.0928 4688  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:12:45.0963 4688  THREADORDER - ok
18:12:45.0975 4688  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:12:46.0045 4688  TrkWks - ok
18:12:46.0101 4688  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:12:46.0157 4688  TrustedInstaller - ok
18:12:46.0190 4688  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:12:46.0241 4688  tssecsrv - ok
18:12:46.0295 4688  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:12:46.0340 4688  TsUsbFlt - ok
18:12:46.0391 4688  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:12:46.0451 4688  tunnel - ok
18:12:46.0483 4688  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:12:46.0504 4688  uagp35 - ok
18:12:46.0545 4688  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:12:46.0612 4688  udfs - ok
18:12:46.0650 4688  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:12:46.0683 4688  UI0Detect - ok
18:12:46.0706 4688  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:12:46.0723 4688  uliagpkx - ok
18:12:46.0766 4688  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:12:46.0792 4688  umbus - ok
18:12:46.0825 4688  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:12:46.0844 4688  UmPass - ok
18:12:46.0960 4688  [ AF905F4966CFC8B973623AB150CD4B2B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:12:47.0020 4688  UNS - ok
18:12:47.0066 4688  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:12:47.0130 4688  upnphost - ok
18:12:47.0174 4688  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:12:47.0183 4688  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
18:12:47.0183 4688  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
18:12:47.0211 4688  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:12:47.0245 4688  usbccgp - ok
18:12:47.0275 4688  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:12:47.0315 4688  usbcir - ok
18:12:47.0346 4688  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:12:47.0376 4688  usbehci - ok
18:12:47.0402 4688  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:12:47.0432 4688  usbhub - ok
18:12:47.0468 4688  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:12:47.0497 4688  usbohci - ok
18:12:47.0532 4688  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:12:47.0590 4688  usbprint - ok
18:12:47.0645 4688  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:12:47.0694 4688  usbscan - ok
18:12:47.0735 4688  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
18:12:47.0783 4688  USBSTOR - ok
18:12:47.0811 4688  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:12:47.0848 4688  usbuhci - ok
18:12:47.0887 4688  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:12:47.0938 4688  usbvideo - ok
18:12:47.0966 4688  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:12:48.0015 4688  UxSms - ok
18:12:48.0027 4688  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:12:48.0040 4688  VaultSvc - ok
18:12:48.0090 4688  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:12:48.0104 4688  vdrvroot - ok
18:12:48.0162 4688  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:12:48.0213 4688  vds - ok
18:12:48.0249 4688  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:12:48.0266 4688  vga - ok
18:12:48.0287 4688  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:12:48.0341 4688  VgaSave - ok
18:12:48.0386 4688  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:12:48.0410 4688  vhdmp - ok
18:12:48.0429 4688  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:12:48.0446 4688  viaide - ok
18:12:48.0482 4688  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:12:48.0498 4688  volmgr - ok
18:12:48.0542 4688  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:12:48.0566 4688  volmgrx - ok
18:12:48.0592 4688  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:12:48.0619 4688  volsnap - ok
18:12:48.0693 4688  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:12:48.0740 4688  vsmraid - ok
18:12:48.0804 4688  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:12:48.0872 4688  VSS - ok
18:12:48.0906 4688  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:12:48.0933 4688  vwifibus - ok
18:12:48.0956 4688  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:12:48.0977 4688  vwififlt - ok
18:12:49.0007 4688  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:12:49.0042 4688  vwifimp - ok
18:12:49.0072 4688  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:12:49.0120 4688  W32Time - ok
18:12:49.0162 4688  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:12:49.0193 4688  WacomPen - ok
18:12:49.0242 4688  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:12:49.0302 4688  WANARP - ok
18:12:49.0309 4688  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:12:49.0349 4688  Wanarpv6 - ok
18:12:49.0419 4688  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:12:49.0475 4688  WatAdminSvc - ok
18:12:49.0529 4688  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:12:49.0583 4688  wbengine - ok
18:12:49.0614 4688  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:12:49.0654 4688  WbioSrvc - ok
18:12:49.0694 4688  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:12:49.0750 4688  wcncsvc - ok
18:12:49.0762 4688  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:12:49.0796 4688  WcsPlugInService - ok
18:12:49.0826 4688  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:12:49.0842 4688  Wd - ok
18:12:49.0892 4688  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:12:49.0930 4688  Wdf01000 - ok
18:12:49.0953 4688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:12:50.0016 4688  WdiServiceHost - ok
18:12:50.0020 4688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:12:50.0043 4688  WdiSystemHost - ok
18:12:50.0081 4688  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:12:50.0122 4688  WebClient - ok
18:12:50.0150 4688  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:12:50.0209 4688  Wecsvc - ok
18:12:50.0229 4688  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:12:50.0283 4688  wercplsupport - ok
18:12:50.0307 4688  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:12:50.0347 4688  WerSvc - ok
18:12:50.0388 4688  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:12:50.0431 4688  WfpLwf - ok
18:12:50.0448 4688  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:12:50.0462 4688  WIMMount - ok
18:12:50.0486 4688  WinDefend - ok
18:12:50.0504 4688  WinHttpAutoProxySvc - ok
18:12:50.0562 4688  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:12:50.0606 4688  Winmgmt - ok
18:12:50.0679 4688  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:12:50.0772 4688  WinRM - ok
18:12:50.0843 4688  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:12:50.0873 4688  WinUsb - ok
18:12:50.0930 4688  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc        C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
18:12:50.0940 4688  WisLMSvc - ok
18:12:50.0971 4688  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:12:51.0047 4688  Wlansvc - ok
18:12:51.0113 4688  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:12:51.0127 4688  wlcrasvc - ok
18:12:51.0251 4688  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:12:51.0308 4688  wlidsvc - ok
18:12:51.0354 4688  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:12:51.0378 4688  WmiAcpi - ok
18:12:51.0409 4688  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:12:51.0466 4688  wmiApSrv - ok
18:12:51.0511 4688  WMPNetworkSvc - ok
18:12:51.0546 4688  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:12:51.0588 4688  WPCSvc - ok
18:12:51.0626 4688  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:12:51.0645 4688  WPDBusEnum - ok
18:12:51.0664 4688  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:12:51.0704 4688  ws2ifsl - ok
18:12:51.0721 4688  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
18:12:51.0749 4688  wscsvc - ok
18:12:51.0753 4688  WSearch - ok
18:12:51.0823 4688  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:12:51.0881 4688  wuauserv - ok
18:12:51.0913 4688  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:12:51.0952 4688  WudfPf - ok
18:12:51.0967 4688  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:12:51.0991 4688  WUDFRd - ok
18:12:52.0013 4688  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:12:52.0041 4688  wudfsvc - ok
18:12:52.0079 4688  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:12:52.0122 4688  WwanSvc - ok
18:12:52.0158 4688  ================ Scan global ===============================
18:12:52.0190 4688  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:12:52.0225 4688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:12:52.0239 4688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:12:52.0282 4688  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:12:52.0315 4688  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:12:52.0325 4688  [Global] - ok
18:12:52.0326 4688  ================ Scan MBR ==================================
18:12:52.0333 4688  [ 8B790A79784018D2B00DC944072570F8 ] \Device\Harddisk0\DR0
18:12:54.0718 4688  \Device\Harddisk0\DR0 - ok
18:12:54.0719 4688  ================ Scan VBR ==================================
18:12:54.0721 4688  [ 7C9BEAC09F4F03EE801D699D04EBD6EE ] \Device\Harddisk0\DR0\Partition1
18:12:54.0722 4688  \Device\Harddisk0\DR0\Partition1 - ok
18:12:54.0747 4688  [ 7AD2168EF754372BEDB27DE016F9039D ] \Device\Harddisk0\DR0\Partition2
18:12:54.0748 4688  \Device\Harddisk0\DR0\Partition2 - ok
18:12:54.0771 4688  [ 1468261406A3B7F63BE7E920F56B5AA6 ] \Device\Harddisk0\DR0\Partition3
18:12:54.0774 4688  \Device\Harddisk0\DR0\Partition3 - ok
18:12:54.0775 4688  ============================================================
18:12:54.0775 4688  Scan finished
18:12:54.0775 4688  ============================================================
18:12:54.0785 4800  Detected object count: 6
18:12:54.0785 4800  Actual detected object count: 6
18:13:28.0538 4800  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0538 4800  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:13:28.0539 4800  CZCanSrv ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0539 4800  CZCanSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:13:28.0541 4800  deMntrService ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0541 4800  deMntrService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:13:28.0542 4800  MTBService_1.8.1.8 ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0542 4800  MTBService_1.8.1.8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:13:28.0543 4800  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0543 4800  ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:13:28.0544 4800  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:28.0544 4800  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 20.05.2013, 17:23   #8
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.05.2013, 18:57   #9
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Habe alles wie beschrieben durchgeführt.
Ich hatte die Meldung, dass Avira immer noch aktiv sei und daher Combofix beeinträchtigt werden könnte. Da ich Avira aber wirklich so gut es ging deaktiviert und auch Malwarebytes geschlossen hatte, habe ich diese Meldung ignoriert und Combofix dann gestartet.
Nachdem Combofix dann fertig war und auch die log-Datei erstellt wurde, konnte ich sämtliche Browser nicht mehr öffnen (es wurde gesagt, dass das Programm entweder gelöscht oder verschobene wurde). Nach nem Neustart war aber alles wieder ok.
Hier der log-Text:

Code:
ATTFilter
ComboFix 13-05-18.04 - name name 20.05.2013  19:22:45.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3893.2450 [GMT 2:00]
ausgeführt von:: c:\users\name H÷lper\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-20 bis 2013-05-20  ))))))))))))))))))))))))))))))
.
.
2013-05-20 17:33 . 2013-05-20 17:33	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-05-20 17:33 . 2013-05-20 17:33	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-05-20 17:33 . 2013-05-20 17:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-20 09:16 . 2013-05-20 09:16	--------	d-----w-	c:\users\name name\AppData\Local\{55195FD2-8595-4A00-892E-044C3C93F89A}
2013-05-19 21:15 . 2013-05-19 21:15	--------	d-----w-	c:\users\name name\AppData\Local\{BB922176-8140-48DB-B292-1B03E0A76535}
2013-05-19 21:03 . 2013-05-19 21:03	--------	d-----w-	C:\found.000
2013-05-17 21:27 . 2013-05-17 21:27	--------	d-----w-	c:\users\name name\AppData\Local\{33900C07-4881-43C0-898E-4F020DAD1C55}
2013-05-16 23:48 . 2013-05-05 21:36	17818624	----a-w-	c:\windows\system32\mshtml.dll
2013-05-16 23:48 . 2013-05-05 21:16	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2013-05-16 23:48 . 2013-05-05 19:12	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-05-16 13:52 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 13:50 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-05-16 13:34 . 2013-05-16 13:34	--------	d-----w-	c:\users\name name\AppData\Local\{C542B299-F6BF-40DC-9729-2ACAF058786D}
2013-05-14 21:18 . 2013-05-14 21:18	--------	d-----w-	c:\windows\system32\SPReview
2013-05-14 13:52 . 2010-11-05 01:57	48976	----a-w-	c:\windows\system32\netfxperf.dll
2013-05-14 13:52 . 2010-11-05 01:57	1942856	----a-w-	c:\windows\system32\dfshim.dll
2013-05-14 13:50 . 2010-11-20 13:27	605696	----a-w-	c:\windows\system32\wmpeffects.dll
2013-05-14 13:49 . 2010-11-20 13:27	13824	----a-w-	c:\windows\system32\wshirda.dll
2013-05-14 13:46 . 2010-11-20 13:27	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2013-05-14 13:46 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2013-05-14 13:46 . 2010-11-20 13:27	1225216	----a-w-	c:\windows\system32\wbem\wbemcore.dll
2013-05-14 13:46 . 2010-11-20 13:27	244736	----a-w-	c:\program files\Windows Portable Devices\sqmapi.dll
2013-05-14 13:46 . 2010-11-20 13:27	244736	----a-w-	c:\windows\system32\sqmapi.dll
2013-05-14 13:46 . 2010-11-20 13:27	933376	----a-w-	c:\windows\system32\SmiEngine.dll
2013-05-14 13:46 . 2010-11-20 13:25	199168	----a-w-	c:\windows\system32\PkgMgr.exe
2013-05-14 13:45 . 2010-11-20 13:26	422912	----a-w-	c:\windows\system32\drvstore.dll
2013-05-14 13:45 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2013-05-14 13:31 . 2013-05-14 13:32	--------	d-----w-	c:\users\name name\AppData\Local\{4FF6B9C3-8C46-436B-BE15-AFB4C20A6062}
2013-05-13 16:21 . 2013-05-13 16:21	--------	d-----w-	c:\users\name name\AppData\Local\{AD5468A5-8398-4BB5-A646-96BCCB87D422}
2013-05-13 16:05 . 2013-05-13 16:05	--------	d-----w-	c:\users\name name\AppData\Local\{ED96C81B-CC2D-4B68-808F-FC26DB12730B}
2013-05-12 19:41 . 2013-05-12 19:41	--------	d-----w-	c:\users\name name\AppData\Local\{467D33A6-466E-4E9A-A84C-CD75E2A577DE}
2013-05-12 07:40 . 2013-05-12 07:41	--------	d-----w-	c:\users\name name\AppData\Local\{F4C96D84-2352-40BB-BC25-FB781B853F16}
2013-05-11 11:54 . 2013-05-11 11:54	--------	d-----w-	c:\users\name name\AppData\Local\{E91BAFD5-7383-4CD6-84CB-959EB152D14F}
2013-05-11 11:20 . 2013-05-11 11:20	--------	d-----w-	c:\users\name name\AppData\Local\{F2D3FA80-F82A-428C-9B30-A46417149648}
2013-05-10 22:09 . 2013-05-10 22:10	--------	d-----w-	c:\users\name name\AppData\Local\{D5A350C4-4026-43CE-96FD-068F174A8FFD}
2013-05-10 10:09 . 2013-05-10 10:09	--------	d-----w-	c:\users\name name\AppData\Local\{7837BBB1-8396-4434-AA19-687173F11AF4}
2013-05-09 16:12 . 2013-05-09 16:12	--------	d-----w-	c:\users\name name\AppData\Local\{F4FD2788-3003-4ACF-938E-3857404D2F5D}
2013-05-09 04:11 . 2013-05-09 04:11	--------	d-----w-	c:\users\name name\AppData\Local\{07DE7AD9-0CFD-43EE-A62B-6218E7D75B75}
2013-05-08 16:10 . 2013-05-08 16:11	--------	d-----w-	c:\users\name name\AppData\Local\{45635DF7-BAE0-4AD3-8F30-ADAE31215AC7}
2013-05-07 16:22 . 2013-05-07 16:23	--------	d-----w-	c:\users\name name\AppData\Local\{9D0E6676-F2F1-4D66-BECB-5C1D7EC97DCB}
2013-05-06 21:50 . 2013-05-06 21:50	--------	d-----w-	c:\users\name name\AppData\Local\{347EE015-7F6E-4E6E-8427-8A15BA37E47A}
2013-05-06 17:58 . 2013-05-06 17:58	--------	d-----w-per	c:\users\DOMINI~2
2013-05-06 09:48 . 2013-05-06 09:48	--------	d-----w-	c:\users\name name\AppData\Local\{D8725F9D-987D-4637-B3A5-9887D6B083B1}
2013-05-05 20:48 . 2013-05-05 20:48	--------	d-----w-	c:\users\name name\AppData\Local\{D0677CB4-815D-4444-AB2E-FC2587135CA6}
2013-05-05 08:48 . 2013-05-05 08:48	--------	d-----w-	c:\users\name name\AppData\Local\{448C47D1-9068-4AC9-9307-76E65E2EB44F}
2013-05-04 14:25 . 2013-05-04 14:25	--------	d-----w-	c:\users\name name\AppData\Local\{29D2387C-DF80-4D6A-97E0-C75EE0861213}
2013-05-03 22:32 . 2013-05-03 22:32	--------	d-----w-	c:\users\name name\AppData\Local\{CC6661C4-7E5A-42E7-9284-1E8EAD3E5763}
2013-05-03 10:30 . 2013-05-03 10:31	--------	d-----w-	c:\users\name name\AppData\Local\{1AF561EF-4700-4667-8656-A8CA4191148B}
2013-05-02 22:30 . 2013-05-02 22:30	--------	d-----w-	c:\users\name name\AppData\Local\{C8F96578-B6F0-4CB4-9B1D-6B6D40A82A8A}
2013-05-02 10:29 . 2013-05-02 10:29	--------	d-----w-	c:\users\name name\AppData\Local\{44136BF9-E0E9-46E6-846E-CC0EFAB56911}
2013-05-02 09:39 . 2013-05-02 09:38	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-05-01 22:28 . 2013-05-01 22:29	--------	d-----w-	c:\users\name name\AppData\Local\{95C3F356-EA8E-48EB-8EF2-EF9B9B95F923}
2013-05-01 22:24 . 2013-05-01 22:24	--------	d-----w-	c:\users\name name\AppData\Local\{E86571D7-8901-41AD-AC66-82745B264AAB}
2013-05-01 10:04 . 2013-05-01 10:04	--------	d-----w-	c:\users\name name\AppData\Local\{635A1E43-0792-4C25-B37D-D15CDD9BF46A}
2013-04-30 21:04 . 2013-04-30 21:04	--------	d-----w-	c:\users\name name\AppData\Local\{37753E02-5600-48F0-9B9A-531E3C30C845}
2013-04-30 09:03 . 2013-04-30 09:04	--------	d-----w-	c:\users\name name\AppData\Local\{70021F68-7702-45BF-B3E9-2DFEE874FE28}
2013-04-29 12:28 . 2013-04-29 12:29	--------	d-----w-	c:\users\name name\AppData\Local\{3611CF3D-2DCF-419A-A70F-E0CDC2DE7970}
2013-04-28 22:03 . 2013-04-28 22:04	--------	d-----w-	c:\users\name name\AppData\Local\{4B00A84B-8DEF-48D1-891D-5959CFA18D00}
2013-04-28 10:03 . 2013-04-28 10:03	--------	d-----w-	c:\users\name name\AppData\Local\{1F4DA3F1-AB06-4DC0-BA9A-E41450EC573A}
2013-04-27 22:02 . 2013-04-27 22:02	--------	d-----w-	c:\users\name name\AppData\Local\{417A15F6-A5AA-495F-842D-33544CD05BE7}
2013-04-27 10:02 . 2013-04-27 10:02	--------	d-----w-	c:\users\name name\AppData\Local\{FDC52B47-96CC-4547-B13A-03DC9E4DC504}
2013-04-26 09:58 . 2013-04-26 09:58	--------	d-----w-	c:\users\name name\AppData\Local\{9E6C5E7A-1844-4A59-9CB7-6DE45D21CDF6}
2013-04-25 21:57 . 2013-04-25 21:58	--------	d-----w-	c:\users\name name\AppData\Local\{B50D2396-4BFF-4F7A-BA6C-5A054906380A}
2013-04-25 09:29 . 2013-04-25 09:29	--------	d-----w-	c:\users\name name\AppData\Local\{BBFC3590-83E7-4BE5-8ACB-3F2CB9A12DFF}
2013-04-25 09:27 . 2013-05-20 15:58	--------	d-----r-	c:\users\name name\Dropbox
2013-04-25 09:24 . 2013-05-20 15:58	--------	d-----w-	c:\users\name name\AppData\Roaming\Dropbox
2013-04-24 21:28 . 2013-04-24 21:29	--------	d-----w-	c:\users\name name\AppData\Local\{D73755BF-E87D-4AF6-8D73-B070E6F17E80}
2013-04-24 08:11 . 2013-04-24 08:11	--------	d-----w-	c:\users\name name\AppData\Local\{687F8F0C-8BA3-425D-A425-158C4927BD73}
2013-04-24 06:09 . 2013-04-12 14:45	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-23 20:10 . 2013-04-23 20:10	--------	d-----w-	c:\users\name name\AppData\Local\{3CA448B9-49D8-48F6-ADF1-188DDF1F7DFB}
2013-04-23 08:09 . 2013-04-23 08:10	--------	d-----w-	c:\users\name name\AppData\Local\{3B178EC9-E5EB-40A7-BDB6-213F5281EBE0}
2013-04-22 20:09 . 2013-04-22 20:09	--------	d-----w-	c:\users\name name\AppData\Local\{9B1F7748-5587-4DCD-8B08-0CB0AB03C457}
2013-04-22 08:09 . 2013-04-22 08:09	--------	d-----w-	c:\users\name name\AppData\Local\{BF296B67-F49E-409B-8D2D-B3ADCA994862}
2013-04-21 18:31 . 2013-04-21 18:33	--------	d-----w-	c:\users\name name\AppData\Local\{14A2F182-50B0-4139-9621-EC2F1BFB469E}
2013-04-21 01:39 . 2013-04-21 01:40	--------	d-----w-	c:\users\name name\AppData\Local\{9C8F5452-62FB-49D9-950B-858E8947A2CB}
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 14:51 . 2012-06-16 18:49	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-16 14:51 . 2012-06-16 18:49	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 13:24 . 2012-06-20 17:20	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 21:28 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2013-05-14 21:28 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-04-13 05:49 . 2013-05-16 13:52	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 13:52	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 13:52	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 13:52	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 13:52	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 13:52	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-04 12:50 . 2012-10-30 21:42	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-29 05:17 . 2013-03-29 05:18	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-29 05:17 . 2013-03-29 05:18	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-29 05:17 . 2013-03-29 05:18	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-19 06:04 . 2013-04-10 09:10	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 09:10	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 09:10	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:10	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 09:10	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 09:10	112640	----a-w-	c:\windows\system32\smss.exe
2013-02-20 09:43 . 2011-08-07 23:45	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-02-20 09:43 . 2011-08-07 23:44	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:49	281760	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	130736	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\name name\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-04-02 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-10-29 136488]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2010-06-08 618496]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-02 345312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-12-12 163000]
.
c:\users\name name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\name name\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-4-10 27151288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R0 olqaehm;olqaehm;c:\windows\system32\drivers\ktgz.sys [x]
R2 ACProtector;AC Auto-update system;c:\program files\AxiomCoders\ACProtector\ACProtector.exe [2012-02-29 142808]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 CZCanSrv;CZCanSrv;c:\program files (x86)\Common Files\Carl Zeiss\CZCanSrv.exe [2011-09-02 258048]
R3 DESVUSB;Dell service driver;c:\windows\system32\DRIVERS\desrvusb.sys [2009-06-04 24064]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-24 246304]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-23 1255736]
R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [2009-10-23 118560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-10-27 24680]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-29 28600]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2013-01-12 29672]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2009-08-26 71040]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-29 86752]
S2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 164864]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MTBService_1.8.1.8;MTB2004 Server (1.8.1.8);c:\program files\Carl Zeiss\MTB 2004 - 1.8.1.8\MTB Server Console\MTBService.exe [2012-03-02 20480]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-27 236136]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-10-29 31088]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-03-02 1098784]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - IPNAT
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 19:36	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 14:51]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-12 21:26]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-12 21:26]
.
2013-05-19 c:\windows\Tasks\User_Feed_Synchronization-{77584BCB-0981-4913-98F7-2B88D7A2DC1A}.job
- c:\windows\system32\msfeedssync.exe [2012-03-07 02:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:49	342176	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37	164016	----a-w-	c:\users\name name\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-02 11465320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-02 2120808]
"DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 394240]
"Corel Photo Downloader"="c:\program files (x86)\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.facebook.com/
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: %systemroot%\AxiomLsp.dll
TCP: DhcpNameServer = 80.69.100.110 80.69.100.102
FF - ProfilePath - c:\users\name name\AppData\Roaming\Mozilla\Firefox\Profiles\et0sk0sk.default\
FF - ExtSQL: !HIDDEN! 2013-03-16 12:04; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files (x86)\Common Files\DVDVideoSoft\plugins\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PSIService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\program files (x86)\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-20  19:45:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-05-20 17:45
ComboFix2.txt  2013-01-09 23:28
ComboFix3.txt  2013-01-09 19:33
.
Vor Suchlauf: 17 Verzeichnis(se), 427.672.469.504 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 426.879.361.024 Bytes frei
.
- - End Of File - - 3978967D477B6F9D89AFFAF49303DFF4

Alt 20.05.2013, 20:01   #10
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


steht ja deswegen auch da, das evtl. ein Neustart nötig ist.
kannst du mal eine Aktualisierung aller Treiber durchführen und gucken, ob das Problem dann behoben is?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.05.2013, 20:02   #11
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Wie mache ich eine solche Aktualisierung?

Alt 20.05.2013, 20:48   #12
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


ist das ein fertig gerät, von HP zb, dann musst du auf deren homepage geben, dort gibt es eine Download sektion, wo man dann, in der Regel, den Gerätetypen angibt und die passenen Updates und Hilfsprogramme angeboten werden, diese dann aktualisieren
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.05.2013, 21:40   #13
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Hm, ich habe jetzt die Medion-Treiber aktualisiert so gut es ging.
Nach dem Neustart nach der Combifix-Anwendung war eigentlich alles wieder soweit normal (Programme starten ordentlich, Taskleiste im alten Design). Jetzt habe ich den PC aber noch einmal neu gestartet und alles ist bei den alten Problemen...

Die Warnung mit dem hotkey.sys kam allerdings nicht mehr. Aber die kam auch vorher schon nicht jedes Mal.

Alt 20.05.2013, 21:41   #14
markusg
/// Malware-holic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Was heißt, so gut es ging :-) gabs probleme oder wie?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.05.2013, 21:43   #15
chemaholic
 
Can not load hotkey.sys, Windows Update deaktiviert - Standard

Can not load hotkey.sys, Windows Update deaktiviert


Nein, also bei Medion gab es jetzt leider keine Funktion a la "alle Treiber aktualisieren", sondern es wurden Treiber angezeigt für den Gerätetyp. Die habe ich dann alle heruntergeladen und in den Medion-Ordner extrahiert.

Antwort
Seite 1 von 3 1 23

Themen zu Can not load hotkey.sys, Windows Update deaktiviert
computer, deaktiviert, design, falsche, funktioniert, funktioniert nicht, funktioniert nicht mehr, kaputt, laptop, meldung, neue, neuen, nicht mehr, nicht öffnen, nichts, not, probleme, programme, schädling, symbol, system, taskleiste, total, update, windows, windows update, öffnen


« System Care Antivirus eingefangen | TR/Dropper.gen gefunden, wie entferne ich diesen Trojaner »

Ähnliche Themen: Can not load hotkey.sys, Windows Update deaktiviert


  1. Windows (8.1) Update deaktiviert
    Log-Analyse und Auswertung - 06.08.2014 (9)
  2. Windows Vista: Updates deaktiviert, Sicherheitsmaßnahmen abgeschaltet, Avira deaktiviert
    Log-Analyse und Auswertung - 12.02.2014 (14)
  3. Cannot load Hotkey.sys
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (16)
  4. Avast nach Update plötzlich deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 13.11.2013 (3)
  5. Computer lahmgelegt, Windows Update deaktiviert, Hotkey.sys
    Mülltonne - 20.05.2013 (1)
  6. Windows Update deaktiviert sich nach Neustart / Internet sporadisch nicht erreichbar / Java Exploits
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (9)
  7. Cannot load hotkey.sys UND Windows sicherheitscenter nicht zu starten
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (3)
  8. Trojan.Ransom Registry Value HKCU\SOFTWARE\Microsoft\Windows\NT\CurrentVersion\Windows|Load
    Plagegeister aller Art und deren Bekämpfung - 27.10.2012 (31)
  9. XP: Windows Update und Firewall sind deaktiviert nach Trojanerbeseitigung
    Log-Analyse und Auswertung - 23.10.2012 (5)
  10. Trojan.Ransom Registry Value HKCU\SOFTWARE\Microsoft\Windows\NT\CurrentVersion\Windows|Load
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (10)
  11. HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom)
    Plagegeister aller Art und deren Bekämpfung - 20.07.2012 (10)
  12. BKA Version 1.09 über svchost.exe (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load)
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (7)
  13. Windows Update deaktiviert sich - hosts nicht mehr zu öffnen - Browser frieren ein
    Log-Analyse und Auswertung - 09.11.2010 (23)
  14. Windows Update deaktiviert sich - Antivir Seiten gesperrt
    Log-Analyse und Auswertung - 03.10.2009 (29)
  15. Bitdefender antivirus und update prüfung deaktiviert???
    Antiviren-, Firewall- und andere Schutzprogramme - 30.09.2009 (3)
  16. Anti Vir Guard deaktiviert, Windows Firewall deaktiviert und andere Miseren...
    Log-Analyse und Auswertung - 24.01.2009 (13)
  17. Windows update wir immer von alleine deaktiviert
    Mülltonne - 04.12.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Can not load hotkey.sys, Windows Update deaktiviert - Hallo liebes Trojaner-Board! Ich habe erhebliche Probleme mit meinem Laptop seit etwa drei Tagen. Der Computer ist total verlangsamt und kann die meisten Programme nicht öffnen bzw. schließt sie direkt - Can not load hotkey.sys, Windows Update deaktiviert...
Archiv
Du betrachtest: Can not load hotkey.sys, Windows Update deaktiviert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129