Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PUP Optional S

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.07.2013, 13:15   #1
hilflos123
 
PUP Optional S - Standard

PUP Optional S



Hallo ihr Lieben,

dank eurer tollen malware fidne ich ja nun Plagegeister immer schnell. Heute habe ich mich gewundert, dass der Rechner laufend hing, also ließ ich malware scan durchlaufen. Und tatsächlich hat er was gefunden: PUP Optional S. Ob ihr mir bitte wieder helfen könnt? Wie kommt es nur, dass ich immer und immer wieder was Neues drauf habe? Seitdem ich diesen Spyhunter Virus hatte, ist immer irgendwas
Liebe Grüße
Marita

Alt 31.07.2013, 13:24   #2
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



Hi,
poste mal das aktuelle Malwarebytes Log mit funden.
http://www.trojaner-board.de/125889-...en-posten.html

2.Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 31.07.2013, 13:45   #3
hilflos123
 
PUP Optional S - Standard

PUP Optional S



lieber markus,
leider bin ich so eine computernull, dass ich nicht weiss, wo ich das aktuelle Malwarebytes log finde - schäm -

das frst mache ich jetzt gleich - das kann ich dank schrauber schon


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Marita (administrator) on 31-07-2013 14:42:49
Running from C:\Users\Marita\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
( ) C:\Windows\system32\lxbkcoms.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-06-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2010-11-04] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-04-15] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [228448 2011-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\maximilian\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\maximilian\...\Policies\system: [LogonHoursAction] 2
HKU\maximilian\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\ihhm7hjo.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\ihhm7hjo.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-06-28] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-31 14:42 - 2013-07-31 14:42 - 00000000 ____D C:\FRST
2013-07-23 15:35 - 2013-07-23 15:35 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-15 15:25 - 2013-07-15 15:25 - 00000000 ____D C:\Users\Marita\AppData\Local\Secunia PSI
2013-07-15 15:23 - 2013-07-15 15:23 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-15 15:23 - 2013-07-15 15:23 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-15 15:22 - 2013-07-15 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-15 15:19 - 2013-07-15 15:19 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00376576 _____ C:\Users\Marita\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-15 15:19 - 2013-07-15 15:19 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00000000 ____D C:\Program Files\Java
2013-07-15 15:17 - 2013-07-15 15:17 - 00001083 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\ProgramData\Licenses
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-15 15:17 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-07-15 15:16 - 2013-07-15 15:16 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Marita\Downloads\spywareblastersetup50.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup(1).exe
2013-07-15 15:12 - 2013-07-15 15:12 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-15 15:12 - 2013-07-15 15:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 15:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-15 15:11 - 2013-07-15 15:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marita\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-15 15:10 - 2013-07-15 15:10 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-15 15:09 - 2013-07-15 15:10 - 03272136 _____ (Secunia) C:\Users\Marita\Downloads\PSISetup711.exe
2013-07-15 15:04 - 2013-07-23 14:23 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 15:03 - 2013-07-24 08:03 - 00001420 _____ C:\DelFix.txt
2013-07-14 14:45 - 2013-07-14 14:45 - 00000000 ____D C:\Users\Marita\Desktop\Neuer Ordner
2013-07-13 13:13 - 2013-07-13 13:13 - 00000178 _____ C:\lxbk.log
2013-07-13 09:27 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 09:27 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 09:27 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 09:27 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 09:27 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 09:27 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 22:09 - 2013-07-12 22:11 - 00000138 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 18:16 - 2013-07-12 18:49 - 00000000 ____D C:\Windows\erdnt
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 09:19 - 2013-07-12 09:19 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Malwarebytes
2013-07-12 09:18 - 2013-07-12 09:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 19:54 - 2013-07-23 14:16 - 00006196 _____ C:\Windows\setupact.log
2013-07-11 19:54 - 2013-07-11 19:54 - 00000000 _____ C:\Windows\setuperr.log
2013-07-11 10:57 - 2013-07-11 10:57 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-11 10:55 - 2013-07-11 10:56 - 21703480 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox_Setup_22.0.exe
2013-07-11 09:11 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:11 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:11 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:11 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:11 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:10 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:10 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 _____ C:\autoexec.bat
2013-07-10 20:31 - 2013-07-15 14:33 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-10 20:27 - 2013-07-11 19:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 10:27 - 2013-07-08 10:27 - 00000997 _____ C:\Users\Marita\Desktop\PDF Architect.lnk
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Users\Marita\Documents\PDF Architect Files
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-07-08 10:26 - 2013-07-10 20:00 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-07-08 10:26 - 2013-07-08 10:26 - 00001035 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-07-08 10:26 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2013-07-08 10:26 - 2013-01-09 15:52 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2013-07-08 10:26 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2013-07-08 10:26 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2013-07-08 10:26 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2013-07-08 10:18 - 2013-07-08 10:18 - 17502040 _____ (pdfforge GbR) C:\Users\Marita\Downloads\PDFCreator-1_7_0_setup.exe
2013-07-04 11:10 - 2013-07-04 11:10 - 00000000 ____D C:\Users\Marita\Desktop\Canon
2013-07-03 11:06 - 2013-07-12 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 10:32 - 2013-07-03 10:32 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
140

==================== One Month Modified Files and Folders =======

2013-07-31 14:42 - 2013-07-31 14:42 - 01781589 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2013-07-31 14:42 - 2013-07-31 14:42 - 00000000 ____D C:\FRST
2013-07-31 14:17 - 2012-09-22 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 13:27 - 2012-09-14 16:58 - 01769252 _____ C:\Windows\WindowsUpdate.log
2013-07-31 08:12 - 2012-09-15 11:12 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Skype
2013-07-30 09:19 - 2012-10-30 16:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-28 09:17 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 09:17 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-25 08:38 - 2012-09-22 09:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-25 08:38 - 2012-09-22 09:33 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-25 08:38 - 2011-12-01 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-24 19:01 - 2013-04-23 10:24 - 00098816 ___SH C:\Users\Marita\Downloads\Thumbs.db
2013-07-24 19:01 - 2013-04-12 18:41 - 00316416 ___SH C:\Users\Marita\Documents\Thumbs.db
2013-07-24 08:03 - 2013-07-15 15:03 - 00001420 _____ C:\DelFix.txt
2013-07-23 15:35 - 2013-07-23 15:35 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-23 14:23 - 2013-07-15 15:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 14:16 - 2013-07-11 19:54 - 00006196 _____ C:\Windows\setupact.log
2013-07-23 14:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 16:47 - 2011-05-16 16:04 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-07-21 16:47 - 2011-05-16 16:04 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-07-21 16:47 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-18 12:44 - 2012-09-16 14:29 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-17 14:55 - 2012-09-15 11:15 - 00000000 ____D C:\Users\Marita\Documents\Youcam
2013-07-15 15:25 - 2013-07-15 15:25 - 00000000 ____D C:\Users\Marita\AppData\Local\Secunia PSI
2013-07-15 15:24 - 2012-09-15 12:34 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-15 15:24 - 2011-07-18 23:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-15 15:23 - 2013-07-15 15:23 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-15 15:23 - 2013-07-15 15:23 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-15 15:23 - 2011-07-18 23:13 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-15 15:22 - 2013-07-15 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-15 15:19 - 2013-07-15 15:19 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00376576 _____ C:\Users\Marita\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-15 15:19 - 2013-07-15 15:19 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00000000 ____D C:\Program Files\Java
2013-07-15 15:19 - 2011-07-18 23:14 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-15 15:17 - 2013-07-15 15:17 - 00001083 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\ProgramData\Licenses
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-15 15:16 - 2013-07-15 15:16 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Marita\Downloads\spywareblastersetup50.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup(1).exe
2013-07-15 15:12 - 2013-07-15 15:12 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-15 15:12 - 2013-07-15 15:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 15:11 - 2013-07-15 15:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marita\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-15 15:10 - 2013-07-15 15:10 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-15 15:10 - 2013-07-15 15:09 - 03272136 _____ (Secunia) C:\Users\Marita\Downloads\PSISetup711.exe
2013-07-15 14:33 - 2013-07-10 20:31 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-15 14:00 - 2013-02-19 14:08 - 00000022 _____ C:\Users\Marita\Downloads\Files.zip
2013-07-15 13:57 - 2013-02-19 14:30 - 00000022 _____ C:\Users\Marita\Downloads\Files(1).zip
2013-07-15 12:35 - 2012-09-14 17:06 - 00000000 ____D C:\Users\Marita
2013-07-14 14:45 - 2013-07-14 14:45 - 00000000 ____D C:\Users\Marita\Desktop\Neuer Ordner
2013-07-13 13:13 - 2013-07-13 13:13 - 00000178 _____ C:\lxbk.log
2013-07-13 13:13 - 2012-12-10 12:53 - 00002462 _____ C:\Windows\system32\LexFiles.ulf
2013-07-13 10:00 - 2011-07-18 22:54 - 00000000 ____D C:\Windows\Panther
2013-07-13 09:59 - 2009-07-14 06:45 - 00309408 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 09:58 - 2013-03-15 10:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 09:58 - 2013-03-15 10:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 09:56 - 2011-04-12 10:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 09:56 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 09:56 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 09:29 - 2011-07-18 22:31 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-12 22:11 - 2013-07-12 22:09 - 00000138 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 19:00 - 2012-09-15 14:48 - 00001338 __RSH C:\Users\maximilian\ntuser.pol
2013-07-12 19:00 - 2012-09-15 12:03 - 00000000 ____D C:\Users\maximilian
2013-07-12 18:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-12 18:50 - 2012-09-14 17:06 - 00000000 ___RD C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-12 18:49 - 2013-07-12 18:16 - 00000000 ____D C:\Windows\erdnt
2013-07-12 18:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-12 18:43 - 2009-07-14 04:34 - 83361792 _____ C:\Windows\system32\config\software.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 27262976 _____ C:\Windows\system32\config\system.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 12:57 - 2012-09-14 17:12 - 00000000 ____D C:\Users\Marita\AppData\Local\Google
2013-07-12 12:55 - 2013-07-03 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-12 09:19 - 2013-07-12 09:19 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Malwarebytes
2013-07-12 09:18 - 2013-07-12 09:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 19:59 - 2012-11-24 20:42 - 00000000 ____D C:\Users\Marita\.jivex
2013-07-11 19:54 - 2013-07-11 19:54 - 00000000 _____ C:\Windows\setuperr.log
2013-07-11 19:30 - 2013-07-10 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-11 19:30 - 2009-07-14 07:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-11 10:57 - 2013-07-11 10:57 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-11 10:56 - 2013-07-11 10:55 - 21703480 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox_Setup_22.0.exe
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 _____ C:\autoexec.bat
2013-07-10 20:00 - 2013-07-08 10:26 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-07-08 10:27 - 2013-07-08 10:27 - 00000997 _____ C:\Users\Marita\Desktop\PDF Architect.lnk
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Users\Marita\Documents\PDF Architect Files
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-07-08 10:26 - 2013-07-08 10:26 - 00001035 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-07-08 10:18 - 2013-07-08 10:18 - 17502040 _____ (pdfforge GbR) C:\Users\Marita\Downloads\PDFCreator-1_7_0_setup.exe
2013-07-08 09:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-04 11:10 - 2013-07-04 11:10 - 00000000 ____D C:\Users\Marita\Desktop\Canon
2013-07-03 10:32 - 2013-07-03 10:32 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 11:29

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Marita at 2013-07-31 14:44:03
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
AMD APP SDK Runtime (Version: 2.5.684.212)
AMD Fuel (Version: 2011.0627.1558.26805)
AMD Media Foundation Decoders (Version: 1.0.60627.1551)
AMD VISION Engine Control Center (x32 Version: 2011.0627.1558.26805)
ATI Catalyst Install Manager (Version: 3.0.833.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series Benutzerregistrierung (x32)
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities My Printer (x32)
Canon Utilities Solution Menu (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center InstallProxy (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Localization All (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0627.1558.26805)
CCC Help Chinese Standard (x32 Version: 2011.0627.1557.26805)
CCC Help Chinese Traditional (x32 Version: 2011.0627.1557.26805)
CCC Help Czech (x32 Version: 2011.0627.1557.26805)
CCC Help Danish (x32 Version: 2011.0627.1557.26805)
CCC Help Dutch (x32 Version: 2011.0627.1557.26805)
CCC Help English (x32 Version: 2011.0627.1557.26805)
CCC Help Finnish (x32 Version: 2011.0627.1557.26805)
CCC Help French (x32 Version: 2011.0627.1557.26805)
CCC Help German (x32 Version: 2011.0627.1557.26805)
CCC Help Greek (x32 Version: 2011.0627.1557.26805)
CCC Help Hungarian (x32 Version: 2011.0627.1557.26805)
CCC Help Italian (x32 Version: 2011.0627.1557.26805)
CCC Help Japanese (x32 Version: 2011.0627.1557.26805)
CCC Help Korean (x32 Version: 2011.0627.1557.26805)
CCC Help Norwegian (x32 Version: 2011.0627.1557.26805)
CCC Help Polish (x32 Version: 2011.0627.1557.26805)
CCC Help Portuguese (x32 Version: 2011.0627.1557.26805)
CCC Help Russian (x32 Version: 2011.0627.1557.26805)
CCC Help Spanish (x32 Version: 2011.0627.1557.26805)
CCC Help Swedish (x32 Version: 2011.0627.1557.26805)
CCC Help Thai (x32 Version: 2011.0627.1557.26805)
CCC Help Turkish (x32 Version: 2011.0627.1557.26805)
ccc-utility64 (Version: 2011.0627.1558.26805)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
CompuLearn Französisch (x32 Version: 1.0.0)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink PowerRecover (x32 Version: 5.5.4125)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.5.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
kd - Das Spiel! (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Medion Home Cinema (x32 Version: 8.0.2608)
Memeo Instant Backup (x32 Version: 4.60.0.7943)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Open It! - Zip Extractor Packages (HKCU)
Open It! - Zip Extractor Packages 1 (HKCU)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.32.1111.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6121)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10008)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0168)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Skype™ 6.3 (x32 Version: 6.3.107)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
System Control Manager (x32 Version: 2.210.1104.M007.02)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Open It! - Zip Extractor (HKCU)
Ware PS/2-X64 8.0.5.4_WHQL (Version: 8.0.5.4)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

24-07-2013 06:03:20 Ende der Bereinigung
27-07-2013 06:33:22 Windows Update
30-07-2013 07:31:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-12 18:45 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1EDB6F6E-9AC7-453D-8BA7-B9A2D03A4C4F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {35FB055F-7197-4CC8-9729-F6538C16CC71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-25] (Adobe Systems Incorporated)
Task: {3A4119BA-6D82-43C6-BEFF-F0D28D891CB4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {51F2399C-6F30-4D4E-B42F-814576108FE0} - \EPUpdater No Task File
Task: {555836C7-B6D3-4E52-A649-3C89B1C9B368} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2600190288-3454844672-747242631-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7E1BE8A1-1983-4E8A-A0EA-658F86F945B8} - System32\Tasks\{8BA0C7A3-50D5-4CA0-B411-723A24B5DE6B} => c:\program files (x86)\internet explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A6994298-F465-4388-A42D-79BC8AC6D021} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {DC2C2D73-98E8-4AC9-9B3F-FB8382A1060D} - \DealPlyUpdate No Task File
Task: {DF383A1C-7936-4EB0-AB38-708182F6D16A} - \BrowserDefendert No Task File
Task: {E3776F15-8374-4706-AB20-67F368CA178E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {EEEE41FB-6F85-469C-8B55-FB4D12F8D8E2} - \QtraxPlayer No Task File
Task: {F2296515-8A50-4FED-BE13-9FDD86A4D249} - \DealPly No Task File
Task: {FBBB18BC-1410-48E0-99B3-B4FD4C3DA1D2} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 11\SymInstallStub.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:34:00 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:33:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (07/31/2013 10:48:36 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE


Microsoft Office Sessions:
=========================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu.exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(2).exe

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2013-07-12 18:39:33.666
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-12 18:39:33.307
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3563.75 MB
Available physical RAM: 1284.33 MB
Total Pagefile: 7125.68 MB
Available Pagefile: 4497.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:376.87 GB) NTFS (Disk=0 Partition=2)
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:30.58 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
__________________

Alt 31.07.2013, 14:12   #4
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



Hi,
hast du den Link
Wichtig: Bitte alle Logs mit Funden posten
gelesen? da steht wo du sie findest.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.07.2013, 14:36   #5
hilflos123
 
PUP Optional S - Standard

PUP Optional S



ich mache gerade einen neuen scan, weil ich nichts anklicken konnte (so wie in dem link beschrieben ) - dauert also noch einen kleinen moment


Alt 31.07.2013, 14:40   #6
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



nen neuen scan möchte ich erst mal nicht.
konntest du nicht malwarebytes öffnen, berichte, und dort die Berichte öffnen?
dann weiter:
es sind 2 Logs zu erstellen, poste diese gleichzeitig.
1.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


2.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> PUP Optional S

Alt 31.07.2013, 14:53   #7
hilflos123
 
PUP Optional S - Standard

PUP Optional S



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Marita at 2013-07-31 14:44:03
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
AMD APP SDK Runtime (Version: 2.5.684.212)
AMD Fuel (Version: 2011.0627.1558.26805)
AMD Media Foundation Decoders (Version: 1.0.60627.1551)
AMD VISION Engine Control Center (x32 Version: 2011.0627.1558.26805)
ATI Catalyst Install Manager (Version: 3.0.833.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series Benutzerregistrierung (x32)
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities My Printer (x32)
Canon Utilities Solution Menu (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center InstallProxy (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Localization All (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0627.1558.26805)
CCC Help Chinese Standard (x32 Version: 2011.0627.1557.26805)
CCC Help Chinese Traditional (x32 Version: 2011.0627.1557.26805)
CCC Help Czech (x32 Version: 2011.0627.1557.26805)
CCC Help Danish (x32 Version: 2011.0627.1557.26805)
CCC Help Dutch (x32 Version: 2011.0627.1557.26805)
CCC Help English (x32 Version: 2011.0627.1557.26805)
CCC Help Finnish (x32 Version: 2011.0627.1557.26805)
CCC Help French (x32 Version: 2011.0627.1557.26805)
CCC Help German (x32 Version: 2011.0627.1557.26805)
CCC Help Greek (x32 Version: 2011.0627.1557.26805)
CCC Help Hungarian (x32 Version: 2011.0627.1557.26805)
CCC Help Italian (x32 Version: 2011.0627.1557.26805)
CCC Help Japanese (x32 Version: 2011.0627.1557.26805)
CCC Help Korean (x32 Version: 2011.0627.1557.26805)
CCC Help Norwegian (x32 Version: 2011.0627.1557.26805)
CCC Help Polish (x32 Version: 2011.0627.1557.26805)
CCC Help Portuguese (x32 Version: 2011.0627.1557.26805)
CCC Help Russian (x32 Version: 2011.0627.1557.26805)
CCC Help Spanish (x32 Version: 2011.0627.1557.26805)
CCC Help Swedish (x32 Version: 2011.0627.1557.26805)
CCC Help Thai (x32 Version: 2011.0627.1557.26805)
CCC Help Turkish (x32 Version: 2011.0627.1557.26805)
ccc-utility64 (Version: 2011.0627.1558.26805)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
CompuLearn Französisch (x32 Version: 1.0.0)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink PowerRecover (x32 Version: 5.5.4125)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.5.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
kd - Das Spiel! (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Medion Home Cinema (x32 Version: 8.0.2608)
Memeo Instant Backup (x32 Version: 4.60.0.7943)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Open It! - Zip Extractor Packages (HKCU)
Open It! - Zip Extractor Packages 1 (HKCU)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.32.1111.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6121)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10008)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0168)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Skype™ 6.3 (x32 Version: 6.3.107)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
System Control Manager (x32 Version: 2.210.1104.M007.02)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Open It! - Zip Extractor (HKCU)
Ware PS/2-X64 8.0.5.4_WHQL (Version: 8.0.5.4)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

24-07-2013 06:03:20 Ende der Bereinigung
27-07-2013 06:33:22 Windows Update
30-07-2013 07:31:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-12 18:45 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1EDB6F6E-9AC7-453D-8BA7-B9A2D03A4C4F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {35FB055F-7197-4CC8-9729-F6538C16CC71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-25] (Adobe Systems Incorporated)
Task: {3A4119BA-6D82-43C6-BEFF-F0D28D891CB4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {51F2399C-6F30-4D4E-B42F-814576108FE0} - \EPUpdater No Task File
Task: {555836C7-B6D3-4E52-A649-3C89B1C9B368} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2600190288-3454844672-747242631-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7E1BE8A1-1983-4E8A-A0EA-658F86F945B8} - System32\Tasks\{8BA0C7A3-50D5-4CA0-B411-723A24B5DE6B} => c:\program files (x86)\internet explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A6994298-F465-4388-A42D-79BC8AC6D021} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {DC2C2D73-98E8-4AC9-9B3F-FB8382A1060D} - \DealPlyUpdate No Task File
Task: {DF383A1C-7936-4EB0-AB38-708182F6D16A} - \BrowserDefendert No Task File
Task: {E3776F15-8374-4706-AB20-67F368CA178E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {EEEE41FB-6F85-469C-8B55-FB4D12F8D8E2} - \QtraxPlayer No Task File
Task: {F2296515-8A50-4FED-BE13-9FDD86A4D249} - \DealPly No Task File
Task: {FBBB18BC-1410-48E0-99B3-B4FD4C3DA1D2} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 11\SymInstallStub.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:34:00 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:33:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (07/31/2013 10:48:36 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE


Microsoft Office Sessions:
=========================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu.exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(2).exe

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2013-07-12 18:39:33.666
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-12 18:39:33.307
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3563.75 MB
Available physical RAM: 1284.33 MB
Total Pagefile: 7125.68 MB
Available Pagefile: 4497.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:376.87 GB) NTFS (Disk=0 Partition=2)
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:30.58 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

Alt 31.07.2013, 14:54   #8
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



ok weiter mitAnweisung vom vorhergehenen Post
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.07.2013, 16:16   #9
hilflos123
 
PUP Optional S - Standard

PUP Optional S



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Marita at 2013-07-31 14:44:03
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
AMD APP SDK Runtime (Version: 2.5.684.212)
AMD Fuel (Version: 2011.0627.1558.26805)
AMD Media Foundation Decoders (Version: 1.0.60627.1551)
AMD VISION Engine Control Center (x32 Version: 2011.0627.1558.26805)
ATI Catalyst Install Manager (Version: 3.0.833.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series Benutzerregistrierung (x32)
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities My Printer (x32)
Canon Utilities Solution Menu (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center InstallProxy (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Localization All (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0627.1558.26805)
CCC Help Chinese Standard (x32 Version: 2011.0627.1557.26805)
CCC Help Chinese Traditional (x32 Version: 2011.0627.1557.26805)
CCC Help Czech (x32 Version: 2011.0627.1557.26805)
CCC Help Danish (x32 Version: 2011.0627.1557.26805)
CCC Help Dutch (x32 Version: 2011.0627.1557.26805)
CCC Help English (x32 Version: 2011.0627.1557.26805)
CCC Help Finnish (x32 Version: 2011.0627.1557.26805)
CCC Help French (x32 Version: 2011.0627.1557.26805)
CCC Help German (x32 Version: 2011.0627.1557.26805)
CCC Help Greek (x32 Version: 2011.0627.1557.26805)
CCC Help Hungarian (x32 Version: 2011.0627.1557.26805)
CCC Help Italian (x32 Version: 2011.0627.1557.26805)
CCC Help Japanese (x32 Version: 2011.0627.1557.26805)
CCC Help Korean (x32 Version: 2011.0627.1557.26805)
CCC Help Norwegian (x32 Version: 2011.0627.1557.26805)
CCC Help Polish (x32 Version: 2011.0627.1557.26805)
CCC Help Portuguese (x32 Version: 2011.0627.1557.26805)
CCC Help Russian (x32 Version: 2011.0627.1557.26805)
CCC Help Spanish (x32 Version: 2011.0627.1557.26805)
CCC Help Swedish (x32 Version: 2011.0627.1557.26805)
CCC Help Thai (x32 Version: 2011.0627.1557.26805)
CCC Help Turkish (x32 Version: 2011.0627.1557.26805)
ccc-utility64 (Version: 2011.0627.1558.26805)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
CompuLearn Französisch (x32 Version: 1.0.0)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink PowerRecover (x32 Version: 5.5.4125)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.5.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
kd - Das Spiel! (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Medion Home Cinema (x32 Version: 8.0.2608)
Memeo Instant Backup (x32 Version: 4.60.0.7943)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Open It! - Zip Extractor Packages (HKCU)
Open It! - Zip Extractor Packages 1 (HKCU)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.32.1111.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6121)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10008)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0168)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Skype™ 6.3 (x32 Version: 6.3.107)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
System Control Manager (x32 Version: 2.210.1104.M007.02)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Open It! - Zip Extractor (HKCU)
Ware PS/2-X64 8.0.5.4_WHQL (Version: 8.0.5.4)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

24-07-2013 06:03:20 Ende der Bereinigung
27-07-2013 06:33:22 Windows Update
30-07-2013 07:31:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-12 18:45 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1EDB6F6E-9AC7-453D-8BA7-B9A2D03A4C4F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {35FB055F-7197-4CC8-9729-F6538C16CC71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-25] (Adobe Systems Incorporated)
Task: {3A4119BA-6D82-43C6-BEFF-F0D28D891CB4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {51F2399C-6F30-4D4E-B42F-814576108FE0} - \EPUpdater No Task File
Task: {555836C7-B6D3-4E52-A649-3C89B1C9B368} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2600190288-3454844672-747242631-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7E1BE8A1-1983-4E8A-A0EA-658F86F945B8} - System32\Tasks\{8BA0C7A3-50D5-4CA0-B411-723A24B5DE6B} => c:\program files (x86)\internet explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {A6994298-F465-4388-A42D-79BC8AC6D021} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {DC2C2D73-98E8-4AC9-9B3F-FB8382A1060D} - \DealPlyUpdate No Task File
Task: {DF383A1C-7936-4EB0-AB38-708182F6D16A} - \BrowserDefendert No Task File
Task: {E3776F15-8374-4706-AB20-67F368CA178E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {EEEE41FB-6F85-469C-8B55-FB4D12F8D8E2} - \QtraxPlayer No Task File
Task: {F2296515-8A50-4FED-BE13-9FDD86A4D249} - \DealPly No Task File
Task: {FBBB18BC-1410-48E0-99B3-B4FD4C3DA1D2} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 11\SymInstallStub.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 00:34:01 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:34:00 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 00:33:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (07/31/2013 10:48:36 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 10:22:50 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (07/31/2013 08:12:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE


Microsoft Office Sessions:
=========================
Error: (07/23/2013 06:56:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu.exe

Error: (07/23/2013 06:28:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(2).exe

Error: (07/23/2013 05:56:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2013-07-12 18:39:33.666
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-12 18:39:33.307
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3563.75 MB
Available physical RAM: 1284.33 MB
Total Pagefile: 7125.68 MB
Available Pagefile: 4497.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:376.87 GB) NTFS (Disk=0 Partition=2)
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:30.58 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
Code:
ATTFilter
ComboFix 13-07-31.02 - Marita 31.07.2013  16:58:58.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3564.1675 [GMT 2:00]
ausgeführt von:: c:\users\Marita\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-28 bis 2013-07-31  ))))))))))))))))))))))))))))))
.
.
2013-07-31 14:50 . 2013-07-31 14:50	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-07-31 12:42 . 2013-07-31 12:42	--------	d-----w-	C:\FRST
2013-07-31 09:27 . 2013-07-31 09:27	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A97ABC5-4845-4E0A-BD6F-56C8DF2B7968}\offreg.dll
2013-07-30 07:32 . 2013-07-02 08:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A97ABC5-4845-4E0A-BD6F-56C8DF2B7968}\mpengine.dll
2013-07-23 13:35 . 2013-07-23 13:35	--------	d-----w-	c:\program files (x86)\ESET
2013-07-23 12:18 . 2008-02-15 14:38	116224	----a-w-	c:\windows\system32\Spool\prtprocs\x64\lxbkpp6c.dll
2013-07-15 13:25 . 2013-07-15 13:25	--------	d-----w-	c:\users\Marita\AppData\Local\Secunia PSI
2013-07-15 13:23 . 2013-07-15 13:23	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-15 13:23 . 2013-07-15 13:23	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-15 13:22 . 2013-07-15 13:22	--------	d-----w-	c:\program files (x86)\Java
2013-07-15 13:19 . 2013-07-15 13:19	312232	----a-w-	c:\windows\system32\javaws.exe
2013-07-15 13:19 . 2013-07-15 13:19	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-15 13:19 . 2013-07-15 13:19	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-15 13:19 . 2013-07-15 13:19	189352	----a-w-	c:\windows\system32\javaw.exe
2013-07-15 13:19 . 2013-07-15 13:19	188840	----a-w-	c:\windows\system32\java.exe
2013-07-15 13:19 . 2013-07-15 13:19	--------	d-----w-	c:\program files\Java
2013-07-15 13:17 . 2013-07-15 13:17	--------	d-----w-	c:\programdata\Licenses
2013-07-15 13:17 . 2009-03-24 10:52	129872	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2013-07-15 13:17 . 2013-07-15 13:17	--------	d-----w-	c:\program files (x86)\SpywareBlaster
2013-07-15 13:12 . 2013-07-31 14:53	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-15 13:10 . 2013-07-15 13:10	--------	d-----w-	c:\program files (x86)\Secunia
2013-07-15 13:04 . 2013-07-23 12:23	--------	d-----w-	c:\windows\ERUNT
2013-07-12 20:09 . 2013-07-12 20:11	138	----a-w-	c:\windows\DeleteOnReboot.bat
2013-07-12 11:05 . 2013-07-12 11:05	--------	d-----w-	c:\windows\SysWow64\searchplugins
2013-07-12 11:05 . 2013-07-12 11:05	--------	d-----w-	c:\windows\SysWow64\Extensions
2013-07-12 07:19 . 2013-07-12 07:19	--------	d-----w-	c:\users\Marita\AppData\Roaming\Malwarebytes
2013-07-12 07:18 . 2013-07-12 07:18	--------	d-----w-	c:\programdata\Malwarebytes
2013-07-11 07:11 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-11 07:11 . 2013-05-27 05:50	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-11 07:11 . 2013-05-27 05:50	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2013-07-11 07:11 . 2013-05-27 04:57	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 07:11 . 2013-05-27 04:57	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 07:11 . 2013-05-27 04:57	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 07:11 . 2013-05-27 03:15	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 07:11 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-11 07:11 . 2013-06-04 04:53	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-07-11 07:11 . 2013-05-06 06:03	1887744	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-11 07:11 . 2013-05-06 04:56	1620480	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 07:11 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-11 07:10 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 07:10 . 2013-04-10 05:46	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 07:10 . 2013-04-10 05:46	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 07:10 . 2013-04-10 05:46	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:10 . 2013-04-10 05:03	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:10 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-11 07:10 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-10 18:31 . 2013-07-15 12:33	--------	d-----w-	c:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-10 18:31 . 2013-07-10 18:31	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-07-10 18:27 . 2013-07-11 17:30	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-07-08 08:27 . 2013-07-08 08:27	--------	d-----w-	c:\program files (x86)\PDF Architect
2013-07-08 08:26 . 2013-01-09 13:52	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2013-07-08 08:26 . 2012-05-05 09:54	137000	----a-w-	c:\windows\SysWow64\MSMAPI32.OCX
2013-07-08 08:26 . 2013-04-09 13:13	110264	----a-w-	c:\windows\system32\pdfcmon.dll
2013-07-08 08:26 . 2012-05-05 09:54	662288	----a-w-	c:\windows\SysWow64\MSCOMCT2.OCX
2013-07-08 08:26 . 1998-07-06 16:56	125712	----a-w-	c:\windows\SysWow64\VB6DE.DLL
2013-07-08 08:26 . 1998-07-06 16:55	158208	----a-w-	c:\windows\SysWow64\MSCMCDE.DLL
2013-07-08 08:26 . 1998-07-06 16:55	64512	----a-w-	c:\windows\SysWow64\MSCC2DE.DLL
2013-07-08 08:26 . 2012-05-05 09:54	23552	----a-w-	c:\windows\SysWow64\MSMPIDE.DLL
2013-07-08 08:26 . 2013-07-10 18:00	--------	d-----w-	c:\program files (x86)\PDFCreator
2013-07-08 08:25 . 2013-07-08 08:25	--------	d-----w-	c:\users\Marita\AppData\Local\Programs
2013-07-03 08:32 . 2013-07-03 08:32	18456	----a-w-	c:\windows\system32\drivers\psi_mf_amd64.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 06:38 . 2012-09-22 07:33	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-25 06:38 . 2011-12-01 21:26	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 13:23 . 2011-07-18 21:13	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-15 13:19 . 2011-07-18 21:14	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-13 07:29 . 2011-07-18 20:31	78185248	----a-w-	c:\windows\system32\MRT.exe
2013-06-21 01:09 . 2013-06-21 01:09	42184	----a-w-	c:\windows\system32\drivers\taphss6.sys
2013-06-19 15:17 . 2013-06-19 15:17	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-19 15:17 . 2013-06-19 15:17	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-06-19 15:17 . 2013-06-19 15:17	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-06-19 15:17 . 2013-06-19 15:17	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-06-19 15:17 . 2013-06-19 15:17	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-06-19 15:17 . 2013-06-19 15:17	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-06-19 15:17 . 2013-06-19 15:17	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-06-19 15:17 . 2013-06-19 15:17	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-06-19 15:17 . 2013-06-19 15:17	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-06-19 15:17 . 2013-06-19 15:17	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-06-19 15:17 . 2013-06-19 15:17	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-06-19 15:17 . 2013-06-19 15:17	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-06-19 15:17 . 2013-06-19 15:17	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-06-19 15:17 . 2013-06-19 15:17	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-06-19 15:17 . 2013-06-19 15:17	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-06-19 15:17 . 2013-06-19 15:17	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-06-19 15:17 . 2013-06-19 15:17	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-06-19 15:17 . 2013-06-19 15:17	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-19 15:17 . 2013-06-19 15:17	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-06-19 15:17 . 2013-06-19 15:17	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-06-19 15:17 . 2013-06-19 15:17	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-06-19 15:17 . 2013-06-19 15:17	81408	----a-w-	c:\windows\system32\icardie.dll
2013-06-19 15:17 . 2013-06-19 15:17	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-06-19 15:17 . 2013-06-19 15:17	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-06-19 15:17 . 2013-06-19 15:17	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-06-19 15:17 . 2013-06-19 15:17	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-06-19 15:17 . 2013-06-19 15:17	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-06-19 15:17 . 2013-06-19 15:17	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-06-19 15:17 . 2013-06-19 15:17	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-06-19 15:17 . 2013-06-19 15:17	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-06-19 15:17 . 2013-06-19 15:17	441856	----a-w-	c:\windows\system32\html.iec
2013-06-19 15:17 . 2013-06-19 15:17	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-06-19 15:17 . 2013-06-19 15:17	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-06-19 15:17 . 2013-06-19 15:17	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-06-19 15:17 . 2013-06-19 15:17	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-06-19 15:17 . 2013-06-19 15:17	235008	----a-w-	c:\windows\system32\url.dll
2013-06-19 15:17 . 2013-06-19 15:17	216064	----a-w-	c:\windows\system32\msls31.dll
2013-06-19 15:17 . 2013-06-19 15:17	197120	----a-w-	c:\windows\system32\msrating.dll
2013-06-19 15:17 . 2013-06-19 15:17	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-06-19 15:17 . 2013-06-19 15:17	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-06-19 15:17 . 2013-06-19 15:17	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-06-19 15:17 . 2013-06-19 15:17	149504	----a-w-	c:\windows\system32\occache.dll
2013-06-19 15:17 . 2013-06-19 15:17	144896	----a-w-	c:\windows\system32\wextract.exe
2013-06-19 15:17 . 2013-06-19 15:17	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-06-19 15:17 . 2013-06-19 15:17	13824	----a-w-	c:\windows\system32\mshta.exe
2013-06-19 15:17 . 2013-06-19 15:17	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-06-19 15:17 . 2013-06-19 15:17	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-06-19 15:17 . 2013-06-19 15:17	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-06-19 15:17 . 2013-06-19 15:17	102912	----a-w-	c:\windows\system32\inseng.dll
2013-06-04 07:15 . 2013-06-04 07:15	103448	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15	203672	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2013-05-21 13:31 . 2013-06-06 13:26	1447728	----a-w-	c:\windows\system32\dmwu.exe
2013-05-21 13:30 . 2013-06-06 13:26	33792	----a-w-	c:\windows\system32\ImHttpComm.dll
2013-05-18 08:41 . 2011-03-29 01:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 07:12	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 07:12	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 07:12	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 07:12	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 07:12	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 07:12	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 07:12	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 07:12	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 07:12	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 07:12	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 07:12	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 07:12	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-05-09 08:58 . 2012-10-30 14:07	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-08 06:39 . 2013-06-12 07:12	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-27 336384]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-04 2482176]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2011-04-15 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCam.exe" [2011-04-15 228448]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 20807740
*Deregistered* - 20807740
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-22 06:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-18 11855976]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-17 2226280]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 2184520]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\ihhm7hjo.default\
FF - ExtSQL: 2013-07-08 10:27; FFPDFArchitectConverter@pdfarchitect.com; c:\program files (x86)\PDF Architect\FFPDFArchitectExt
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-OpenIt Open It! - c:\program files (x86)\OpenIt\Open It!\uninstall.exe
AddRemove-Plus-HD-2.3 - c:\program files (x86)\Plus-HD-2.3\Uninstall.exe
AddRemove-DSite - c:\users\Marita\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe
AddRemove-Open It! - Zip Extractor Packages - c:\users\Marita\AppData\Roaming\Open It! - Zip Extractor Packages\uninstaller.exe
AddRemove-Open It! - Zip Extractor Packages 1 - c:\users\Marita\AppData\Roaming\Open It! - Zip Extractor Packages\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-31  17:15:43
ComboFix-quarantined-files.txt  2013-07-31 15:15
.
Vor Suchlauf: 13 Verzeichnis(se), 405.156.761.600 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 404.594.397.184 Bytes frei
.
- - End Of File - - 091A038F515FBC96FC821E2169CA5B46
EB2571B16B316C9FE5AA1C4797FF61EE
         

Alt 31.07.2013, 16:42   #10
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



TDSS Killer fehlt
antwort auf Frage ob du in Malwarebytes Berichte, nichts öffnen kannst? fals doch, aktuelle Scanlogs posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.07.2013, 16:47   #11
hilflos123
 
PUP Optional S - Standard

PUP Optional S



Code:
ATTFilter
15:49:35.0658 1508  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:49:36.0092 1508  ============================================================
15:49:36.0092 1508  Current date / time: 2013/07/31 15:49:36.0092
15:49:36.0092 1508  SystemInfo:
15:49:36.0092 1508  
15:49:36.0092 1508  OS Version: 6.1.7601 ServicePack: 1.0
15:49:36.0092 1508  Product type: Workstation
15:49:36.0092 1508  ComputerName: MARITA-PC
15:49:36.0093 1508  UserName: Marita
15:49:36.0093 1508  Windows directory: C:\Windows
15:49:36.0093 1508  System windows directory: C:\Windows
15:49:36.0093 1508  Running under WOW64
15:49:36.0093 1508  Processor architecture: Intel x64
15:49:36.0093 1508  Number of processors: 2
15:49:36.0093 1508  Page size: 0x1000
15:49:36.0093 1508  Boot type: Normal boot
15:49:36.0093 1508  ============================================================
15:49:37.0038 1508  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x4C87E, SectorsPerTrack: 0x13, TracksPerCylinder: 0xA4, Type 'K0', Flags 0x00000040
15:49:37.0047 1508  ============================================================
15:49:37.0047 1508  \Device\Harddisk0\DR0:
15:49:37.0047 1508  MBR partitions:
15:49:37.0047 1508  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:49:37.0047 1508  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x33D53000
15:49:37.0047 1508  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x33D85800, BlocksNum 0x6400000
15:49:37.0047 1508  ============================================================
15:49:37.0063 1508  C: <-> \Device\Harddisk0\DR0\Partition2
15:49:37.0113 1508  D: <-> \Device\Harddisk0\DR0\Partition3
15:49:37.0113 1508  ============================================================
15:49:37.0114 1508  Initialize success
15:49:37.0114 1508  ============================================================
15:50:46.0966 4328  ============================================================
15:50:46.0966 4328  Scan started
15:50:46.0966 4328  Mode: Manual; SigCheck; TDLFS; 
15:50:46.0966 4328  ============================================================
15:50:48.0129 4328  ================ Scan system memory ========================
15:50:48.0130 4328  System memory - ok
15:50:48.0131 4328  ================ Scan services =============================
15:50:48.0329 4328  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:50:48.0540 4328  1394ohci - ok
15:50:48.0586 4328  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:50:48.0624 4328  ACPI - ok
15:50:48.0664 4328  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:50:48.0815 4328  AcpiPmi - ok
15:50:48.0907 4328  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:50:48.0948 4328  AdobeARMservice - ok
15:50:49.0087 4328  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:50:49.0125 4328  AdobeFlashPlayerUpdateSvc - ok
15:50:49.0180 4328  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:50:49.0220 4328  adp94xx - ok
15:50:49.0251 4328  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:50:49.0287 4328  adpahci - ok
15:50:49.0308 4328  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:50:49.0339 4328  adpu320 - ok
15:50:49.0379 4328  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:50:49.0620 4328  AeLookupSvc - ok
15:50:49.0676 4328  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:50:49.0833 4328  AFD - ok
15:50:49.0870 4328  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:50:49.0897 4328  agp440 - ok
15:50:49.0927 4328  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:50:50.0049 4328  ALG - ok
15:50:50.0094 4328  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:50:50.0120 4328  aliide - ok
15:50:50.0173 4328  [ 02CD198502BBC03D47B386EE0FB27F8D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:50:50.0333 4328  AMD External Events Utility - ok
15:50:50.0414 4328  AMD FUEL Service - ok
15:50:50.0443 4328  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:50:50.0470 4328  amdide - ok
15:50:50.0539 4328  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\drivers\amdiox64.sys
15:50:50.0575 4328  amdiox64 - ok
15:50:50.0607 4328  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:50:50.0673 4328  AmdK8 - ok
15:50:50.0946 4328  [ 37A897969B0082DBBBA7604A2149E7ED ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:50:51.0335 4328  amdkmdag - ok
15:50:51.0386 4328  [ BD9DC4508A27CA893527A5F42CF9570F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:50:51.0479 4328  amdkmdap - ok
15:50:51.0520 4328  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:50:51.0571 4328  AmdPPM - ok
15:50:51.0611 4328  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:50:51.0641 4328  amdsata - ok
15:50:51.0674 4328  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:50:51.0707 4328  amdsbs - ok
15:50:51.0729 4328  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:50:51.0755 4328  amdxata - ok
15:50:51.0787 4328  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
15:50:51.0811 4328  amd_sata - ok
15:50:51.0834 4328  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
15:50:51.0858 4328  amd_xata - ok
15:50:51.0894 4328  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:50:52.0145 4328  AppID - ok
15:50:52.0186 4328  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:50:52.0287 4328  AppIDSvc - ok
15:50:52.0343 4328  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
15:50:52.0441 4328  Appinfo - ok
15:50:52.0515 4328  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:50:52.0543 4328  arc - ok
15:50:52.0559 4328  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:50:52.0588 4328  arcsas - ok
15:50:52.0619 4328  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:50:52.0647 4328  aswFsBlk - ok
15:50:52.0682 4328  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:50:52.0711 4328  aswMonFlt - ok
15:50:52.0734 4328  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
15:50:52.0764 4328  aswRdr - ok
15:50:52.0824 4328  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:50:52.0860 4328  aswRvrt - ok
15:50:52.0900 4328  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:50:52.0979 4328  aswSnx - ok
15:50:53.0007 4328  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:50:53.0046 4328  aswSP - ok
15:50:53.0070 4328  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:50:53.0099 4328  aswTdi - ok
15:50:53.0138 4328  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:50:53.0176 4328  aswVmm - ok
15:50:53.0218 4328  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:50:53.0323 4328  AsyncMac - ok
15:50:53.0364 4328  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:50:53.0393 4328  atapi - ok
15:50:53.0445 4328  [ 230CF51113CD4B830B3BFD09B0D4C066 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:50:53.0471 4328  AtiHDAudioService - ok
15:50:53.0532 4328  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:50:53.0675 4328  AudioEndpointBuilder - ok
15:50:53.0707 4328  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:50:53.0789 4328  AudioSrv - ok
15:50:53.0859 4328  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:50:53.0895 4328  avast! Antivirus - ok
15:50:53.0961 4328  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:50:54.0090 4328  AxInstSV - ok
15:50:54.0170 4328  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:50:54.0274 4328  b06bdrv - ok
15:50:54.0321 4328  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:50:54.0406 4328  b57nd60a - ok
15:50:54.0501 4328  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:50:54.0549 4328  BBSvc - ok
15:50:54.0573 4328  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:50:54.0607 4328  BBUpdate - ok
15:50:54.0638 4328  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:50:54.0725 4328  BDESVC - ok
15:50:54.0766 4328  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:50:54.0872 4328  Beep - ok
15:50:54.0946 4328  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:50:55.0094 4328  BFE - ok
15:50:55.0140 4328  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:50:55.0292 4328  BITS - ok
15:50:55.0335 4328  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:50:55.0405 4328  blbdrive - ok
15:50:55.0464 4328  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:50:55.0556 4328  bowser - ok
15:50:55.0593 4328  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:50:55.0670 4328  BrFiltLo - ok
15:50:55.0709 4328  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:50:55.0763 4328  BrFiltUp - ok
15:50:55.0835 4328  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:50:55.0944 4328  BridgeMP - ok
15:50:55.0988 4328  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:50:56.0066 4328  Browser - ok
15:50:56.0098 4328  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:50:56.0184 4328  Brserid - ok
15:50:56.0222 4328  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:50:56.0272 4328  BrSerWdm - ok
15:50:56.0298 4328  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:50:56.0349 4328  BrUsbMdm - ok
15:50:56.0375 4328  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:50:56.0444 4328  BrUsbSer - ok
15:50:56.0505 4328  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:50:56.0622 4328  BthEnum - ok
15:50:56.0666 4328  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:50:56.0720 4328  BTHMODEM - ok
15:50:56.0774 4328  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:50:56.0836 4328  BthPan - ok
15:50:56.0876 4328  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:50:56.0952 4328  BTHPORT - ok
15:50:57.0008 4328  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:50:57.0085 4328  bthserv - ok
15:50:57.0103 4328  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:50:57.0160 4328  BTHUSB - ok
15:50:57.0195 4328  catchme - ok
15:50:57.0230 4328  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:50:57.0317 4328  cdfs - ok
15:50:57.0361 4328  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:50:57.0410 4328  cdrom - ok
15:50:57.0458 4328  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:50:57.0551 4328  CertPropSvc - ok
15:50:57.0596 4328  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:50:57.0650 4328  circlass - ok
15:50:57.0702 4328  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:50:57.0744 4328  CLFS - ok
15:50:57.0827 4328  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:50:57.0858 4328  clr_optimization_v2.0.50727_32 - ok
15:50:57.0914 4328  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:50:57.0941 4328  clr_optimization_v2.0.50727_64 - ok
15:50:58.0055 4328  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:58.0135 4328  clr_optimization_v4.0.30319_32 - ok
15:50:58.0177 4328  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:50:58.0203 4328  clr_optimization_v4.0.30319_64 - ok
15:50:58.0250 4328  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
15:50:58.0291 4328  clwvd - ok
15:50:58.0327 4328  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:50:58.0372 4328  CmBatt - ok
15:50:58.0405 4328  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:50:58.0432 4328  cmdide - ok
15:50:58.0495 4328  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:50:58.0568 4328  CNG - ok
15:50:58.0602 4328  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:50:58.0628 4328  Compbatt - ok
15:50:58.0666 4328  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:50:58.0725 4328  CompositeBus - ok
15:50:58.0750 4328  COMSysApp - ok
15:50:58.0789 4328  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:50:58.0815 4328  crcdisk - ok
15:50:58.0852 4328  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:50:58.0952 4328  CryptSvc - ok
15:50:59.0009 4328  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:50:59.0136 4328  DcomLaunch - ok
15:50:59.0200 4328  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:50:59.0306 4328  defragsvc - ok
15:50:59.0334 4328  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:50:59.0426 4328  DfsC - ok
15:50:59.0476 4328  [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:50:59.0513 4328  dg_ssudbus - ok
15:50:59.0559 4328  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:50:59.0644 4328  Dhcp - ok
15:50:59.0674 4328  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:50:59.0772 4328  discache - ok
15:50:59.0822 4328  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:50:59.0852 4328  Disk - ok
15:50:59.0912 4328  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:50:59.0980 4328  Dnscache - ok
15:51:00.0038 4328  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:51:00.0158 4328  dot3svc - ok
15:51:00.0183 4328  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:51:00.0299 4328  DPS - ok
15:51:00.0349 4328  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:51:00.0407 4328  drmkaud - ok
15:51:00.0468 4328  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:51:00.0548 4328  DXGKrnl - ok
15:51:00.0594 4328  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:51:00.0688 4328  EapHost - ok
15:51:00.0802 4328  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:51:00.0970 4328  ebdrv - ok
15:51:01.0013 4328  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:51:01.0103 4328  EFS - ok
15:51:01.0179 4328  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:51:01.0351 4328  ehRecvr - ok
15:51:01.0365 4328  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:51:01.0413 4328  ehSched - ok
15:51:01.0478 4328  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:51:01.0534 4328  elxstor - ok
15:51:01.0564 4328  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:51:01.0621 4328  ErrDev - ok
15:51:01.0682 4328  [ D3680817EA6E0C8A117A2FBEB222BA75 ] ETD             C:\Windows\system32\drivers\ETD.sys
15:51:01.0712 4328  ETD - ok
15:51:01.0759 4328  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:51:01.0858 4328  EventSystem - ok
15:51:01.0897 4328  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:51:02.0000 4328  exfat - ok
15:51:02.0032 4328  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:51:02.0134 4328  fastfat - ok
15:51:02.0192 4328  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:51:02.0286 4328  Fax - ok
15:51:02.0328 4328  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:51:02.0375 4328  fdc - ok
15:51:02.0416 4328  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:51:02.0516 4328  fdPHost - ok
15:51:02.0533 4328  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:51:02.0621 4328  FDResPub - ok
15:51:02.0648 4328  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:51:02.0678 4328  FileInfo - ok
15:51:02.0698 4328  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:51:02.0791 4328  Filetrace - ok
15:51:02.0828 4328  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:51:02.0875 4328  flpydisk - ok
15:51:03.0185 4328  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:51:03.0219 4328  FltMgr - ok
15:51:03.0276 4328  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:51:03.0383 4328  FontCache - ok
15:51:03.0430 4328  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:51:03.0455 4328  FontCache3.0.0.0 - ok
15:51:03.0492 4328  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:51:03.0520 4328  FsDepends - ok
15:51:03.0554 4328  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:51:03.0582 4328  Fs_Rec - ok
15:51:03.0623 4328  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:51:03.0664 4328  fvevol - ok
15:51:03.0691 4328  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:51:03.0720 4328  gagp30kx - ok
15:51:03.0763 4328  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:51:03.0916 4328  gpsvc - ok
15:51:03.0955 4328  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:51:04.0017 4328  hcw85cir - ok
15:51:04.0077 4328  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:51:04.0150 4328  HdAudAddService - ok
15:51:04.0193 4328  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:51:04.0246 4328  HDAudBus - ok
15:51:04.0293 4328  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:51:04.0342 4328  HidBatt - ok
15:51:04.0397 4328  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:51:04.0454 4328  HidBth - ok
15:51:04.0479 4328  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:51:04.0514 4328  HidIr - ok
15:51:04.0544 4328  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
15:51:04.0639 4328  hidserv - ok
15:51:04.0690 4328  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:51:04.0727 4328  HidUsb - ok
15:51:04.0746 4328  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:51:04.0843 4328  hkmsvc - ok
15:51:04.0877 4328  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:04.0973 4328  HomeGroupListener - ok
15:51:05.0008 4328  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:05.0094 4328  HomeGroupProvider - ok
15:51:05.0140 4328  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:51:05.0172 4328  HpSAMD - ok
15:51:05.0223 4328  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:51:05.0341 4328  HTTP - ok
15:51:05.0365 4328  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:51:05.0392 4328  hwpolicy - ok
15:51:05.0448 4328  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:51:05.0481 4328  i8042prt - ok
15:51:05.0522 4328  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:51:05.0562 4328  iaStorV - ok
15:51:05.0637 4328  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:51:05.0717 4328  idsvc - ok
15:51:05.0891 4328  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:06.0169 4328  igfx - ok
15:51:06.0207 4328  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:51:06.0235 4328  iirsp - ok
15:51:06.0334 4328  [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
15:51:06.0372 4328  IJPLMSVC - ok
15:51:06.0421 4328  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:51:06.0550 4328  IKEEXT - ok
15:51:06.0671 4328  [ C7124DA48E557D8F88D0D7F1254557F4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:51:06.0828 4328  IntcAzAudAddService - ok
15:51:06.0862 4328  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:51:06.0892 4328  intelide - ok
15:51:06.0959 4328  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:51:07.0003 4328  intelppm - ok
15:51:07.0046 4328  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:51:07.0149 4328  IPBusEnum - ok
15:51:07.0196 4328  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:07.0289 4328  IpFilterDriver - ok
15:51:07.0330 4328  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:51:07.0401 4328  iphlpsvc - ok
15:51:07.0439 4328  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:51:07.0500 4328  IPMIDRV - ok
15:51:07.0544 4328  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:51:07.0636 4328  IPNAT - ok
15:51:07.0678 4328  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:51:07.0730 4328  IRENUM - ok
15:51:07.0768 4328  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:51:07.0795 4328  isapnp - ok
15:51:07.0828 4328  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:51:07.0879 4328  iScsiPrt - ok
15:51:07.0898 4328  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:51:07.0929 4328  kbdclass - ok
15:51:07.0966 4328  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:51:08.0008 4328  kbdhid - ok
15:51:08.0034 4328  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:51:08.0065 4328  KeyIso - ok
15:51:08.0102 4328  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:51:08.0133 4328  KSecDD - ok
15:51:08.0157 4328  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:51:08.0190 4328  KSecPkg - ok
15:51:08.0217 4328  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:51:08.0310 4328  ksthunk - ok
15:51:08.0360 4328  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:51:08.0460 4328  KtmRm - ok
15:51:08.0519 4328  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:51:08.0613 4328  LanmanServer - ok
15:51:08.0655 4328  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:08.0756 4328  LanmanWorkstation - ok
15:51:08.0813 4328  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:51:08.0905 4328  lltdio - ok
15:51:08.0943 4328  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:51:09.0041 4328  lltdsvc - ok
15:51:09.0068 4328  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:51:09.0155 4328  lmhosts - ok
15:51:09.0284 4328  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:51:09.0314 4328  LSI_FC - ok
15:51:09.0357 4328  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:51:09.0388 4328  LSI_SAS - ok
15:51:09.0424 4328  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:51:09.0458 4328  LSI_SAS2 - ok
15:51:09.0487 4328  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:51:09.0518 4328  LSI_SCSI - ok
15:51:09.0577 4328  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:51:09.0668 4328  luafv - ok
15:51:09.0732 4328  lxbk_device - ok
15:51:09.0780 4328  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:51:09.0819 4328  MBAMProtector - ok
15:51:09.0870 4328  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:51:09.0906 4328  MBAMScheduler - ok
15:51:09.0966 4328  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:51:10.0022 4328  MBAMService - ok
15:51:10.0083 4328  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
15:51:10.0139 4328  McComponentHostService - ok
15:51:10.0188 4328  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:51:10.0234 4328  Mcx2Svc - ok
15:51:10.0267 4328  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:51:10.0305 4328  megasas - ok
15:51:10.0342 4328  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:51:10.0379 4328  MegaSR - ok
15:51:10.0419 4328  [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
15:51:10.0443 4328  MemeoBackgroundService - ok
15:51:10.0510 4328  [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM  C:\Program Files (x86)\System Control Manager\MSIService.exe
15:51:10.0525 4328  Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
15:51:10.0525 4328  Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
15:51:10.0554 4328  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:51:10.0647 4328  MMCSS - ok
15:51:10.0685 4328  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:51:10.0778 4328  Modem - ok
15:51:10.0808 4328  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:51:10.0856 4328  monitor - ok
15:51:10.0892 4328  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:51:10.0921 4328  mouclass - ok
15:51:10.0944 4328  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
15:51:10.0990 4328  mouhid - ok
15:51:11.0039 4328  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:51:11.0068 4328  mountmgr - ok
15:51:11.0143 4328  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:51:11.0172 4328  MozillaMaintenance - ok
15:51:11.0208 4328  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:51:11.0240 4328  mpio - ok
15:51:11.0260 4328  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:51:11.0353 4328  mpsdrv - ok
15:51:11.0399 4328  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:51:11.0526 4328  MpsSvc - ok
15:51:11.0555 4328  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:51:11.0621 4328  MRxDAV - ok
15:51:11.0668 4328  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:11.0769 4328  mrxsmb - ok
15:51:11.0817 4328  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:11.0883 4328  mrxsmb10 - ok
15:51:11.0917 4328  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:11.0989 4328  mrxsmb20 - ok
15:51:12.0011 4328  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:51:12.0040 4328  msahci - ok
15:51:12.0072 4328  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:51:12.0103 4328  msdsm - ok
15:51:12.0127 4328  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:51:12.0166 4328  MSDTC - ok
15:51:12.0206 4328  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:51:12.0299 4328  Msfs - ok
15:51:12.0317 4328  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:51:12.0407 4328  mshidkmdf - ok
15:51:12.0425 4328  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:51:12.0453 4328  msisadrv - ok
15:51:12.0487 4328  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:51:12.0586 4328  MSiSCSI - ok
15:51:12.0594 4328  msiserver - ok
15:51:12.0636 4328  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:51:12.0719 4328  MSKSSRV - ok
15:51:12.0739 4328  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:12.0834 4328  MSPCLOCK - ok
15:51:12.0852 4328  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:51:12.0927 4328  MSPQM - ok
15:51:12.0951 4328  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:51:12.0989 4328  MsRPC - ok
15:51:13.0027 4328  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:51:13.0054 4328  mssmbios - ok
15:51:13.0074 4328  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:51:13.0147 4328  MSTEE - ok
15:51:13.0165 4328  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:51:13.0220 4328  MTConfig - ok
15:51:13.0242 4328  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:51:13.0270 4328  Mup - ok
15:51:13.0318 4328  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:51:13.0415 4328  napagent - ok
15:51:13.0483 4328  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:51:13.0542 4328  NativeWifiP - ok
15:51:13.0599 4328  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:51:13.0671 4328  NDIS - ok
15:51:13.0713 4328  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:13.0802 4328  NdisCap - ok
15:51:13.0833 4328  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:13.0922 4328  NdisTapi - ok
15:51:13.0961 4328  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:14.0044 4328  Ndisuio - ok
15:51:14.0114 4328  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:14.0209 4328  NdisWan - ok
15:51:14.0231 4328  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:51:14.0323 4328  NDProxy - ok
15:51:14.0360 4328  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:51:14.0449 4328  NetBIOS - ok
15:51:14.0482 4328  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:51:14.0578 4328  NetBT - ok
15:51:14.0616 4328  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:51:14.0645 4328  Netlogon - ok
15:51:14.0682 4328  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:51:14.0789 4328  Netman - ok
15:51:14.0829 4328  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:51:14.0937 4328  netprofm - ok
15:51:14.0956 4328  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:51:14.0983 4328  NetTcpPortSharing - ok
15:51:15.0014 4328  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:51:15.0041 4328  nfrd960 - ok
15:51:15.0072 4328  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:51:15.0151 4328  NlaSvc - ok
15:51:15.0185 4328  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:51:15.0272 4328  Npfs - ok
15:51:15.0305 4328  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:51:15.0394 4328  nsi - ok
15:51:15.0417 4328  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:51:15.0502 4328  nsiproxy - ok
15:51:15.0585 4328  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:51:15.0684 4328  Ntfs - ok
15:51:15.0718 4328  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:51:15.0796 4328  Null - ok
15:51:15.0859 4328  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
15:51:15.0906 4328  NVENETFD - ok
15:51:16.0231 4328  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:51:16.0785 4328  nvlddmkm - ok
15:51:16.0810 4328  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:51:16.0841 4328  nvraid - ok
15:51:16.0858 4328  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:51:16.0890 4328  nvstor - ok
15:51:16.0911 4328  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:51:16.0941 4328  nv_agp - ok
15:51:16.0971 4328  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:51:17.0020 4328  ohci1394 - ok
15:51:17.0064 4328  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:51:17.0148 4328  p2pimsvc - ok
15:51:17.0180 4328  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:51:17.0247 4328  p2psvc - ok
15:51:17.0279 4328  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:51:17.0320 4328  Parport - ok
15:51:17.0360 4328  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:51:17.0409 4328  partmgr - ok
15:51:17.0446 4328  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:51:17.0510 4328  PcaSvc - ok
15:51:17.0531 4328  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:51:17.0563 4328  pci - ok
15:51:17.0593 4328  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:51:17.0619 4328  pciide - ok
15:51:17.0640 4328  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:51:17.0673 4328  pcmcia - ok
15:51:17.0713 4328  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:51:17.0742 4328  pcw - ok
15:51:17.0831 4328  [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
15:51:17.0909 4328  PDF Architect Helper Service - ok
15:51:17.0940 4328  [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
15:51:17.0997 4328  PDF Architect Service - ok
15:51:18.0048 4328  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:51:18.0149 4328  PEAUTH - ok
15:51:18.0247 4328  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:51:18.0304 4328  PerfHost - ok
15:51:18.0381 4328  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:51:18.0523 4328  pla - ok
15:51:18.0564 4328  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:51:18.0647 4328  PlugPlay - ok
15:51:18.0673 4328  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:51:18.0726 4328  PNRPAutoReg - ok
15:51:18.0759 4328  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:51:18.0796 4328  PNRPsvc - ok
15:51:18.0849 4328  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:51:18.0969 4328  PolicyAgent - ok
15:51:19.0021 4328  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:51:19.0123 4328  Power - ok
15:51:19.0161 4328  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:51:19.0251 4328  PptpMiniport - ok
15:51:19.0290 4328  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:51:19.0336 4328  Processor - ok
15:51:19.0372 4328  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:51:19.0467 4328  ProfSvc - ok
15:51:19.0480 4328  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:19.0509 4328  ProtectedStorage - ok
15:51:19.0575 4328  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:51:19.0664 4328  Psched - ok
15:51:19.0764 4328  [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
15:51:19.0790 4328  PSI - ok
15:51:19.0852 4328  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:51:19.0948 4328  ql2300 - ok
15:51:19.0996 4328  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:51:20.0027 4328  ql40xx - ok
15:51:20.0080 4328  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:51:20.0129 4328  QWAVE - ok
15:51:20.0168 4328  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:51:20.0223 4328  QWAVEdrv - ok
15:51:20.0248 4328  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:51:20.0340 4328  RasAcd - ok
15:51:20.0380 4328  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:20.0470 4328  RasAgileVpn - ok
15:51:20.0511 4328  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:51:20.0607 4328  RasAuto - ok
15:51:20.0630 4328  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:20.0719 4328  Rasl2tp - ok
15:51:20.0749 4328  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:51:20.0860 4328  RasMan - ok
15:51:20.0884 4328  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:20.0979 4328  RasPppoe - ok
15:51:21.0010 4328  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:51:21.0114 4328  RasSstp - ok
15:51:21.0153 4328  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:51:21.0244 4328  rdbss - ok
15:51:21.0283 4328  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:51:21.0332 4328  rdpbus - ok
15:51:21.0361 4328  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:21.0454 4328  RDPCDD - ok
15:51:21.0493 4328  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:51:21.0584 4328  RDPENCDD - ok
15:51:21.0610 4328  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:51:21.0698 4328  RDPREFMP - ok
15:51:21.0735 4328  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:51:21.0810 4328  RDPWD - ok
15:51:21.0847 4328  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:51:21.0879 4328  rdyboost - ok
15:51:21.0920 4328  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:51:22.0029 4328  RemoteAccess - ok
15:51:22.0073 4328  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:51:22.0187 4328  RemoteRegistry - ok
15:51:22.0233 4328  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:51:22.0291 4328  RFCOMM - ok
15:51:22.0316 4328  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:51:22.0412 4328  RpcEptMapper - ok
15:51:22.0453 4328  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:51:22.0501 4328  RpcLocator - ok
15:51:22.0549 4328  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:51:22.0637 4328  RpcSs - ok
15:51:22.0676 4328  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:51:22.0767 4328  rspndr - ok
15:51:22.0864 4328  [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
15:51:22.0903 4328  RSUSBVSTOR - ok
15:51:22.0966 4328  [ 116D03E901246AC7AF006121E1E22842 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:51:23.0002 4328  RTHDMIAzAudService - ok
15:51:23.0043 4328  [ FCAF9C2C9EADF8F397C3350760EF500F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:51:23.0081 4328  RTL8167 - ok
15:51:23.0148 4328  [ DFBD33649DF50D097DDDAF49D13E05DF ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
15:51:23.0224 4328  RTL8192Ce - ok
15:51:23.0271 4328  [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
15:51:23.0331 4328  RTL8192su - ok
15:51:23.0353 4328  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:51:23.0384 4328  SamSs - ok
15:51:23.0416 4328  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:51:23.0447 4328  sbp2port - ok
15:51:23.0495 4328  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:51:23.0585 4328  SCardSvr - ok
15:51:23.0608 4328  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:51:23.0694 4328  scfilter - ok
15:51:23.0736 4328  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:51:23.0860 4328  Schedule - ok
15:51:23.0892 4328  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:51:23.0963 4328  SCPolicySvc - ok
15:51:23.0986 4328  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:51:24.0071 4328  SDRSVC - ok
15:51:24.0109 4328  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:51:24.0194 4328  secdrv - ok
15:51:24.0245 4328  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:51:24.0334 4328  seclogon - ok
15:51:24.0443 4328  [ 05E383849FA1FBBBC160612B0080618C ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:51:24.0529 4328  Secunia PSI Agent - ok
15:51:24.0578 4328  [ F8173F1454F21C451439CB47EF75830A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:51:24.0639 4328  Secunia Update Agent - ok
15:51:24.0661 4328  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:51:24.0756 4328  SENS - ok
15:51:24.0793 4328  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:51:24.0874 4328  SensrSvc - ok
15:51:24.0919 4328  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:51:24.0972 4328  Serenum - ok
15:51:25.0035 4328  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:51:25.0083 4328  Serial - ok
15:51:25.0127 4328  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:51:25.0169 4328  sermouse - ok
15:51:25.0232 4328  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:51:25.0319 4328  SessionEnv - ok
15:51:25.0352 4328  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:51:25.0406 4328  sffdisk - ok
15:51:25.0427 4328  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:51:25.0462 4328  sffp_mmc - ok
15:51:25.0482 4328  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:51:25.0528 4328  sffp_sd - ok
15:51:25.0562 4328  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:51:25.0605 4328  sfloppy - ok
15:51:25.0653 4328  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:51:25.0753 4328  SharedAccess - ok
15:51:25.0792 4328  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:25.0904 4328  ShellHWDetection - ok
15:51:25.0950 4328  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:51:25.0985 4328  SiSRaid2 - ok
15:51:26.0008 4328  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:51:26.0036 4328  SiSRaid4 - ok
15:51:26.0105 4328  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:51:26.0132 4328  SkypeUpdate - ok
15:51:26.0170 4328  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:51:26.0260 4328  Smb - ok
15:51:26.0298 4328  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:51:26.0348 4328  SNMPTRAP - ok
15:51:26.0371 4328  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:51:26.0401 4328  spldr - ok
15:51:26.0463 4328  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:51:26.0578 4328  Spooler - ok
15:51:26.0684 4328  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:51:26.0886 4328  sppsvc - ok
15:51:26.0908 4328  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:51:27.0007 4328  sppuinotify - ok
15:51:27.0057 4328  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:51:27.0125 4328  srv - ok
15:51:27.0177 4328  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:51:27.0243 4328  srv2 - ok
15:51:27.0265 4328  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:51:27.0315 4328  srvnet - ok
15:51:27.0352 4328  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:51:27.0450 4328  SSDPSRV - ok
15:51:27.0471 4328  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:51:27.0565 4328  SstpSvc - ok
15:51:27.0616 4328  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:51:27.0648 4328  ssudmdm - ok
15:51:27.0684 4328  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:51:27.0711 4328  stexstor - ok
15:51:27.0761 4328  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:51:27.0855 4328  stisvc - ok
15:51:27.0884 4328  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:51:27.0911 4328  swenum - ok
15:51:27.0958 4328  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:51:28.0081 4328  swprv - ok
15:51:28.0159 4328  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:51:28.0284 4328  SysMain - ok
15:51:28.0312 4328  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:28.0358 4328  TabletInputService - ok
15:51:28.0399 4328  [ 3A7CABF7DE8F1325BE8F46685469AEC3 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
15:51:28.0426 4328  taphss6 - ok
15:51:28.0449 4328  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:51:28.0561 4328  TapiSrv - ok
15:51:28.0586 4328  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:51:28.0663 4328  TBS - ok
15:51:28.0737 4328  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:51:28.0840 4328  Tcpip - ok
15:51:28.0913 4328  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:51:28.0987 4328  TCPIP6 - ok
15:51:29.0036 4328  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:51:29.0096 4328  tcpipreg - ok
15:51:29.0137 4328  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:51:29.0204 4328  TDPIPE - ok
15:51:29.0247 4328  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:51:29.0291 4328  TDTCP - ok
15:51:29.0316 4328  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:51:29.0406 4328  tdx - ok
15:51:29.0446 4328  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:51:29.0475 4328  TermDD - ok
15:51:29.0519 4328  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:51:29.0644 4328  TermService - ok
15:51:29.0663 4328  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:51:29.0710 4328  Themes - ok
15:51:29.0737 4328  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:51:29.0815 4328  THREADORDER - ok
15:51:29.0839 4328  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:51:29.0942 4328  TrkWks - ok
15:51:29.0994 4328  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:30.0080 4328  TrustedInstaller - ok
15:51:30.0121 4328  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:30.0203 4328  tssecsrv - ok
15:51:30.0245 4328  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:51:30.0333 4328  TsUsbFlt - ok
15:51:30.0363 4328  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:51:30.0393 4328  TsUsbGD - ok
15:51:30.0431 4328  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:51:30.0514 4328  tunnel - ok
15:51:30.0533 4328  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:51:30.0562 4328  uagp35 - ok
15:51:30.0585 4328  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:51:30.0688 4328  udfs - ok
15:51:30.0748 4328  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:51:30.0803 4328  UI0Detect - ok
15:51:30.0834 4328  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:51:30.0862 4328  uliagpkx - ok
15:51:30.0916 4328  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:51:30.0959 4328  umbus - ok
15:51:30.0996 4328  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:51:31.0038 4328  UmPass - ok
15:51:31.0088 4328  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:51:31.0204 4328  upnphost - ok
15:51:31.0258 4328  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:51:31.0282 4328  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:51:31.0282 4328  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:51:31.0321 4328  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:31.0383 4328  usbccgp - ok
15:51:31.0425 4328  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:51:31.0479 4328  usbcir - ok
15:51:31.0506 4328  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:51:31.0556 4328  usbehci - ok
15:51:31.0616 4328  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:51:31.0642 4328  usbfilter - ok
15:51:31.0680 4328  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:51:31.0736 4328  usbhub - ok
15:51:31.0764 4328  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:51:31.0794 4328  usbohci - ok
15:51:31.0820 4328  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:51:31.0872 4328  usbprint - ok
15:51:31.0915 4328  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:51:31.0961 4328  usbscan - ok
15:51:31.0986 4328  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:32.0069 4328  USBSTOR - ok
15:51:32.0104 4328  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:51:32.0146 4328  usbuhci - ok
15:51:32.0208 4328  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:51:32.0247 4328  usbvideo - ok
15:51:32.0274 4328  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:51:32.0356 4328  UxSms - ok
15:51:32.0378 4328  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:51:32.0408 4328  VaultSvc - ok
15:51:32.0444 4328  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:51:32.0471 4328  vdrvroot - ok
15:51:32.0501 4328  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:51:32.0603 4328  vds - ok
15:51:32.0639 4328  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:32.0675 4328  vga - ok
15:51:32.0697 4328  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:51:32.0789 4328  VgaSave - ok
15:51:32.0828 4328  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:51:32.0861 4328  vhdmp - ok
15:51:32.0890 4328  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:51:32.0917 4328  viaide - ok
15:51:32.0950 4328  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:51:32.0978 4328  volmgr - ok
15:51:33.0019 4328  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:51:33.0057 4328  volmgrx - ok
15:51:33.0084 4328  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:51:33.0119 4328  volsnap - ok
15:51:33.0161 4328  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:51:33.0193 4328  vsmraid - ok
15:51:33.0267 4328  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:51:33.0414 4328  VSS - ok
15:51:33.0451 4328  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:51:33.0501 4328  vwifibus - ok
15:51:33.0535 4328  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:51:33.0588 4328  vwififlt - ok
15:51:33.0642 4328  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:51:33.0693 4328  vwifimp - ok
15:51:33.0741 4328  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:51:33.0858 4328  W32Time - ok
15:51:33.0885 4328  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:51:33.0927 4328  WacomPen - ok
15:51:33.0975 4328  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:51:34.0059 4328  WANARP - ok
15:51:34.0075 4328  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:51:34.0147 4328  Wanarpv6 - ok
15:51:34.0211 4328  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:51:34.0335 4328  wbengine - ok
15:51:34.0368 4328  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:51:34.0437 4328  WbioSrvc - ok
15:51:34.0465 4328  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:51:34.0537 4328  wcncsvc - ok
15:51:34.0565 4328  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:34.0644 4328  WcsPlugInService - ok
15:51:34.0681 4328  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:51:34.0709 4328  Wd - ok
15:51:34.0749 4328  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:51:34.0816 4328  Wdf01000 - ok
15:51:34.0839 4328  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:51:34.0996 4328  WdiServiceHost - ok
15:51:35.0004 4328  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:51:35.0049 4328  WdiSystemHost - ok
15:51:35.0098 4328  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:51:35.0185 4328  WebClient - ok
15:51:35.0220 4328  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:51:35.0325 4328  Wecsvc - ok
15:51:35.0346 4328  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:51:35.0441 4328  wercplsupport - ok
15:51:35.0477 4328  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:51:35.0560 4328  WerSvc - ok
15:51:35.0594 4328  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:35.0668 4328  WfpLwf - ok
15:51:35.0692 4328  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:51:35.0718 4328  WIMMount - ok
15:51:35.0746 4328  WinDefend - ok
15:51:35.0773 4328  WinHttpAutoProxySvc - ok
15:51:35.0834 4328  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:51:35.0929 4328  Winmgmt - ok
15:51:36.0010 4328  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:51:36.0182 4328  WinRM - ok
15:51:36.0261 4328  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:36.0298 4328  WinUsb - ok
15:51:36.0341 4328  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:51:36.0436 4328  Wlansvc - ok
15:51:36.0540 4328  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:51:36.0567 4328  wlcrasvc - ok
15:51:36.0683 4328  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:36.0815 4328  wlidsvc - ok
15:51:36.0848 4328  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:51:36.0897 4328  WmiAcpi - ok
15:51:36.0938 4328  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:51:36.0989 4328  wmiApSrv - ok
15:51:37.0030 4328  WMPNetworkSvc - ok
15:51:37.0062 4328  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:51:37.0118 4328  WPCSvc - ok
15:51:37.0131 4328  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:51:37.0193 4328  WPDBusEnum - ok
15:51:37.0223 4328  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:51:37.0314 4328  ws2ifsl - ok
15:51:37.0348 4328  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:51:37.0394 4328  wscsvc - ok
15:51:37.0402 4328  WSearch - ok
15:51:37.0461 4328  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
15:51:37.0502 4328  wsvd - ok
15:51:37.0615 4328  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:51:37.0756 4328  wuauserv - ok
15:51:37.0791 4328  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:51:37.0837 4328  WudfPf - ok
15:51:37.0874 4328  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:37.0919 4328  WUDFRd - ok
15:51:37.0943 4328  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:51:37.0992 4328  wudfsvc - ok
15:51:38.0039 4328  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:51:38.0158 4328  WwanSvc - ok
15:51:38.0221 4328  ================ Scan global ===============================
15:51:38.0250 4328  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:51:38.0284 4328  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:38.0303 4328  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:38.0332 4328  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:51:38.0372 4328  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:51:38.0384 4328  [Global] - ok
15:51:38.0385 4328  ================ Scan MBR ==================================
15:51:38.0399 4328  [ EB2571B16B316C9FE5AA1C4797FF61EE ] \Device\Harddisk0\DR0
15:51:43.0816 4328  \Device\Harddisk0\DR0 - ok
15:51:43.0817 4328  ================ Scan VBR ==================================
15:51:43.0828 4328  [ 97323F2D0E75F77139BD645A4D2AB35E ] \Device\Harddisk0\DR0\Partition1
15:51:43.0835 4328  \Device\Harddisk0\DR0\Partition1 - ok
15:51:43.0882 4328  [ F2BFD4A8B2A1AF9259A37FDB73C173B7 ] \Device\Harddisk0\DR0\Partition2
15:51:43.0887 4328  \Device\Harddisk0\DR0\Partition2 - ok
15:51:43.0919 4328  [ 45FFE36FCBFC52CF1CBBD4D94EF6E2C3 ] \Device\Harddisk0\DR0\Partition3
15:51:43.0922 4328  \Device\Harddisk0\DR0\Partition3 - ok
15:51:43.0924 4328  ============================================================
15:51:43.0924 4328  Scan finished
15:51:43.0924 4328  ============================================================
15:51:43.0952 7396  Detected object count: 2
15:51:43.0952 7396  Actual detected object count: 2
15:52:06.0832 7396  Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:06.0832 7396  Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:52:06.0836 7396  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:52:06.0836 7396  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:48:14.0791 4380  Deinitialize success
         
in Malwarebytes kann ich gar nichts öffnen, hab es auch erst mal deinstallieren müssen, weil ich es nicht deaktivieren konnte für den combofix...

Alt 31.07.2013, 16:51   #12
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.07.2013, 17:16   #13
hilflos123
 
PUP Optional S - Standard

PUP Optional S



cc cleaner habe ich installiert und auch extras geöffnet, aber da ist keine uninstall Llist zu finden, die ich als txt speichern kann. da gibt es nur
deinstallieren
autostart
dateifinder
wiederherstellung
festplatten wiper

was kann ich nun tun? hab ich was falsch gemacht?

Alt 31.07.2013, 17:25   #14
markusg
/// Malware-holic
 
PUP Optional S - Standard

PUP Optional S



deinstallieren
da ists.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.07.2013, 17:28   #15
hilflos123
 
PUP Optional S - Standard

PUP Optional S



Code:
ATTFilter
Adobe AIR	Adobe Systems Incorporated	15.07.2013		3.7.0.2090
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	15.07.2013	16,3 MB	11.8.800.94
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	25.07.2013	6,00 MB	11.8.800.94
Adobe Reader XI (11.0.03) - Deutsch	Adobe Systems Incorporated	18.05.2013	133 MB	11.0.03
Adobe Shockwave Player 11.6	Adobe Systems, Inc.	15.09.2012		11.6.6.636
Adobe Shockwave Player 12.0	Adobe Systems, Inc	15.07.2013	50,0 MB	12.0.3.133
ATI Catalyst Install Manager	ATI Technologies, Inc.	21.12.2011	22,4 MB	3.0.833.0
Canon Easy-WebPrint EX		16.09.2012		
Canon IJ Network Scan Utility		16.09.2012		
Canon IJ Network Tool		16.09.2012		
Canon Inkjet Printer/Scanner/Fax Extended Survey Program		16.09.2012		
Canon MP Navigator EX 3.0		16.09.2012		
Canon MP560 series Benutzerregistrierung		16.09.2012		
Canon MP560 series MP Drivers		16.09.2012		
Canon Utilities Easy-PhotoPrint EX		16.09.2012		
Canon Utilities My Printer		16.09.2012		
Canon Utilities Solution Menu		16.09.2012		
CCleaner	Piriform	22.07.2013		4.04
Cisco EAP-FAST Module	Cisco Systems, Inc.	21.12.2011	1,55 MB	2.2.14
Cisco LEAP Module	Cisco Systems, Inc.	21.12.2011	644 KB	1.0.19
Cisco PEAP Module	Cisco Systems, Inc.	21.12.2011	1,23 MB	1.1.6
CompuLearn Französisch	Marianne Ottenhaus	30.01.2013	10,1 MB	1.0.0
CyberLink LabelPrint	CyberLink Corp.	21.12.2011	57,4 MB	2.5.3624
CyberLink Power2Go	CyberLink Corp.	21.12.2011	233 MB	7.0.0.1327
CyberLink PowerDVD Copy	CyberLink Corp.	21.12.2011	30,9 MB	1.5.1306
CyberLink PowerRecover	CyberLink Corp.	18.07.2011	246 MB	5.5.4125
CyberLink YouCam	CyberLink Corp.	21.12.2011	135 MB	3.1.4013
Dolby Advanced Audio v2	Dolby Laboratories Inc	21.12.2011	12,9 MB	7.2.7000.4
ETDWare PS/2-X64 8.0.5.4_WHQL	ELAN Microelectronic Corp.	21.12.2011		8.0.5.4
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych	Microsoft Corporation	18.07.2011	5,57 MB	15.4.5722.2
Java 7 Update 25	Oracle	15.07.2013	130 MB	7.0.250
Java 7 Update 25 (64-bit)	Oracle	15.07.2013	128 MB	7.0.250
kd - Das Spiel!		02.10.2012		
Medion Home Cinema	CyberLink Corp.	21.12.2011	36,6 MB	8.0.2608
Memeo Instant Backup	Memeo Inc.	14.09.2012		4.60.0.7943
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	18.07.2011	38,8 MB	4.0.30319
Microsoft Silverlight	Microsoft Corporation	13.07.2013	100 MB	5.1.20513.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	18.07.2011	1,69 MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	11.11.2012	298 KB	8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	19.09.2012	788 KB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	21.12.2011	596 KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	19.09.2012	600 KB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	18.07.2011	13,7 MB	10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	11.11.2012	15,0 MB	10.0.40219
Mozilla Firefox 22.0 (x86 de)	Mozilla	11.07.2013	45,7 MB	22.0
Mozilla Maintenance Service	Mozilla	11.07.2013	333 KB	22.0
Open It!	OpenIt	12.07.2013	15,8 MB	1.1.1
OpenOffice.org 3.4.1	Apache Software Foundation	19.09.2012	331 MB	3.41.9593
PDF Architect	pdfforge GmbH	08.07.2013	93,1 MB	1.1.83.9982
PDFCreator	pdfforge	08.07.2013		1.7.0
PlayReady PC Runtime amd64	Microsoft Corporation	14.09.2012	2,05 MB	1.3.0
Plus-HD-2.3	Plus HD	12.07.2013		1.27.153.8
Qtrax Player		18.07.2011		
Realtek Ethernet Controller Driver	Realtek	21.12.2011		7.32.1111.2010
Realtek HDMI Audio Driver for ATI	Realtek Semiconductor Corp.	21.12.2011		6.0.1.6121
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	21.12.2011		6.0.1.6378
Realtek USB 2.0 Reader Driver	Realtek Semiconductor Corp.	21.12.2011		6.1.7600.10008
REALTEK Wireless LAN Driver	REALTEK Semiconductor Corp.	21.12.2011		1.00.0168
Secunia PSI (3.0.0.7011)	Secunia	15.07.2013	5,65 MB	3.0.0.7011
Skype™ 6.3	Skype Technologies S.A.	02.06.2013	21,1 MB	6.3.107
Spelling Dictionaries Support For Adobe Reader X	Adobe Systems Incorporated	18.07.2011	65,5 MB	10.0.0
SpywareBlaster 5.0	BrightFort LLC	15.07.2013	8,83 MB	5.0.0
System Control Manager	Micro-Star International Co., Ltd.	21.12.2011		2.210.1104.M007.02
Windows Live Essentials	Microsoft Corporation	18.07.2011		15.4.3538.0513
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen	Microsoft Corporation	18.07.2011	5,57 MB	15.4.5722.2
Windows Live Mesh ActiveX Control for Remote Connections	Microsoft Corporation	18.07.2011	5,37 MB	15.4.5722.2
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	18.07.2011	5,57 MB	15.4.5722.2
Windows Live Mesh ActiveX-objekt til fjernforbindelser	Microsoft Corporation	18.07.2011	5,57 MB	15.4.5722.2
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz	Microsoft Corporation	18.07.2011	5,57 MB	15.4.5722.2
         
dann ist es das hier, oder

Antwort

Themen zu PUP Optional S
eurer, gefunde, heute, immer wieder, laufe, laufend, liebe, lieben, malware, neues, optional, plagegeister, pup optional, rechner, scan, seitdem, spyhunter, tolle, virus




Ähnliche Themen: PUP Optional S


  1. Amazon Konto gehackt, Schädlinge PUP.OPTIONAL.MetacrawlerBAR.A + PUP.OPTIONAL.Crossrider.A gefunden
    Log-Analyse und Auswertung - 16.07.2015 (13)
  2. GMER stürzt ab - MBAM erkennt PUP.Optional.Agent, PUP.Optional.IEBho.A, PUP.Optional.MyFreeze.A
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  3. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  4. Windows7: Backdoor.0Access; PUP.Optional.ConduitA; PUP.Optional.SoftonicA gefunden
    Log-Analyse und Auswertung - 23.09.2014 (2)
  5. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  6. Windows 8 nachdem (PUP.Optional.SweetPage.A) behoben ist, Fund von PUP.Optional.IePluginServiceA
    Log-Analyse und Auswertung - 15.05.2014 (19)
  7. XP SP3 und externe Festplatte haben EXP/CVE-2013-1493.A.Gen, PUP.Optional.SweetIM.A und PUP.Optional.SweetPacks
    Log-Analyse und Auswertung - 19.04.2014 (7)
  8. Security.Hijack, PUP.Optional.OpenCandy, PUP.Optional.Somoto, PUP.Optional.MoviesToolBar etc gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (1)
  9. PUP.Optional.DomalQ / PUP.Optional.BProtector / PUP.Optional.InstallMonetizer.A
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (9)
  10. Windows 8: Fund von TR/Dropper.gen, PUP.Optional.Iminent.A, PUP.Optional.BizzyBolt, PUP.Optional.DigitalSites.A
    Log-Analyse und Auswertung - 10.12.2013 (13)
  11. malwarebytes findet Pup.optional.Tarma.a, Pup.optional.OpenCandy und Trojan.Downloader
    Log-Analyse und Auswertung - 13.10.2013 (12)
  12. PC läuft langsam Adware Agent,Pup Optional B..,Pup Optional S..,wurde von Malewarebytes gefunden
    Log-Analyse und Auswertung - 04.10.2013 (41)
  13. Malwarebytes und Avira finden PUP.Optional.OpenCandy, PUP.Optional.Softonic, ADWARE/InstallCo.HF
    Log-Analyse und Auswertung - 14.09.2013 (9)
  14. Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (13)
  15. 2x Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Mülltonne - 08.09.2013 (1)
  16. PUP.Optional.BrowserDefender.A, PUP.Optional.Babylon.A, PUP.Optional.Delta
    Log-Analyse und Auswertung - 25.08.2013 (8)
  17. Windows 7 Ultimate 64bit: Malewarebytes findet PUP.Optional.Conduit.A/PUP.Optional.Softonic
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (6)

Zum Thema PUP Optional S - Hallo ihr Lieben, dank eurer tollen malware fidne ich ja nun Plagegeister immer schnell. Heute habe ich mich gewundert, dass der Rechner laufend hing, also ließ ich malware scan durchlaufen. - PUP Optional S...
Archiv
Du betrachtest: PUP Optional S auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.