| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.09.2012, 16:07
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Log ist auf Grund der Zeilenumbrüche unbrauchbar! Poste es bitte unverfälscht und ohne Zeilenumbrüche!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.09.2012, 07:38
| #17 |
 | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 9/5/2012 4:55:04 PM - Run 2 OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Clarisse\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 78.87% Memory free 15.95 Gb Paging File | 14.21 Gb Available in Paging File | 89.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 124.05 Gb Total Space | 36.36 Gb Free Space | 29.31% Space Free | Partition Type: NTFS Drive D: | 349.30 Gb Total Space | 256.70 Gb Free Space | 73.49% Space Free | Partition Type: NTFS Drive E: | 349.33 Gb Total Space | 136.48 Gb Free Space | 39.07% Space Free | Partition Type: NTFS Drive G: | 149.05 Gb Total Space | 67.38 Gb Free Space | 45.21% Space Free | Partition Type: NTFS Computer Name: GAMES | User Name: Clarisse | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/05 16:47:47 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Clarisse\Desktop\OTL.exe PRC - [2012/08/29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012/02/06 19:32:34 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012/01/30 14:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2011/12/23 16:39:38 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2011/12/22 19:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2011/10/24 17:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2011/10/03 11:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe PRC - [2011/09/02 12:40:21 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2011/07/12 16:29:00 | 000,552,960 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe PRC - [2011/05/30 22:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe PRC - [2011/04/08 06:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe PRC - [2011/04/01 12:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe PRC - [2011/03/26 02:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe PRC - [2011/03/13 19:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2011/02/25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2010/10/06 06:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/10/06 06:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/07/27 19:40:16 | 000,113,840 | ---- | M] () -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe ========== Modules (No Company Name) ========== MOD - [2012/02/06 19:32:30 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/04/08 06:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe MOD - [2011/04/01 12:23:14 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe MOD - [2010/06/22 14:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV:64bit: - [2010/11/30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/07/27 19:40:16 | 000,113,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe -- (AsusUacSvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2012/08/29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/08/23 15:51:40 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/08/15 17:30:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/11/21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2011/11/21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2011/09/02 12:40:32 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2011/09/02 12:40:31 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2011/03/26 02:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService) SRV - [2011/03/13 19:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011/03/13 19:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2011/03/02 06:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010/10/06 06:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/10/06 06:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/01/30 14:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:64bit: - [2012/01/10 10:44:58 | 000,219,648 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:64bit: - [2012/01/10 10:44:58 | 000,065,024 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) DRV:64bit: - [2011/10/07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011/06/19 08:03:08 | 000,053,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_win764.sys -- (fspad_win764) DRV:64bit: - [2011/04/21 20:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/03/13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011/03/13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011/03/13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011/03/13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011/03/13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011/03/13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011/03/13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/03/03 15:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010/11/30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/11/20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/09/21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/09/17 10:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm) DRV:64bit: - [2010/09/17 10:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2010/09/17 10:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon) DRV:64bit: - [2010/09/17 10:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr) DRV:64bit: - [2010/08/03 12:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:64bit: - [2010/03/19 12:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2009/11/18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt) DRV:64bit: - [2009/07/20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2012/08/11 09:49:52 | 000,024,368 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys -- (cpuz135) DRV - [2012/01/30 14:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger) DRV - [2011/09/07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\SearchScopes\{051F461B-4D27-47FB-83C2-F8D7A3FD03DE}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=OSJ000&apn_uid=F6D1748B-CBC6-40F9-B378-E451C03B0F30&apn_sauid=CE9E0001-7397-4555-9D80-350B0B576318 IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_deDE463 IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Users\Fabian\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\ [2012/08/29 09:51:15 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Skype Click to Call = C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe () O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows (R) Win 7 DDK provider) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe () O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2724668189-292107657-288035041-1005..\Run: [UpgradeChecker] C:\Users\Clarisse\AppData\Roaming\Google Inc.\{91AD5C3F-387A-4CD3-BED6-1B5C58159678}\UpgradeChecker.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Benutzer5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\MU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69E8266C-F961-472F-80B5-D1083D3F806B}: DhcpNameServer = 172.16.28.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7286220-DD76-49F5-9F9F-84AEC6781EB7}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A2C857A2-7E64-B0AC-AE83-3268EAEC2C6B} - Microsoft Windows Media Player 12.0 ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/09/05 16:47:12 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{A6312810-1375-42E4-9606-E023A324DE1E} [2012/09/05 08:48:11 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{0A9BD0A7-16FB-41E5-BEBB-E01E46B061AA} [2012/09/05 08:48:10 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\SoftGrid Client [2012/09/05 08:48:10 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\SoftGrid Client [2012/09/05 08:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) [2012/09/05 08:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012/09/05 08:47:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2012/09/05 08:47:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012/09/05 08:47:15 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\Nuance [2012/09/05 08:47:15 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\FLEXnet [2012/09/05 08:47:14 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\Zeon [2012/09/05 08:46:59 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\TP [2012/09/05 08:46:35 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{93A3CA64-1D4D-4883-A25D-0F0B85CE1B9E} [2012/09/04 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{036D4D2A-9EC0-48AD-8349-F4BB95E256BF} [2012/09/04 08:06:51 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{C925CF3A-8064-4D83-80DA-06093A64E82B} [2012/09/03 08:43:25 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{A5687E22-A3BB-4048-AAEA-27F168709D81} [2012/08/31 15:41:01 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\Malwarebytes [2012/08/31 15:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/08/31 15:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/31 15:40:24 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/08/31 15:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/08/31 15:38:38 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{1F330684-58D8-46CA-8882-4791A47E5460} [2012/08/29 16:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/08/29 16:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012/08/29 16:43:54 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{495446CD-D170-4DDC-A37B-82965B42A1B5} [2012/08/29 10:31:01 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Clarisse\Desktop\OTL.exe [2012/08/29 09:51:15 | 000,000,000 | ---D | C] -- C:\temp [2012/08/29 08:35:42 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Roaming\Google Inc [2012/08/28 15:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/08/28 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{D231A542-E899-4161-A626-0328B4C1F809} [2012/08/23 15:55:55 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{8DA0EB20-8F27-4200-817D-3D22DFCD2F4D} [2012/08/21 23:12:49 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{211A271C-2A9A-46D9-A425-B76712D0D4AA} [2012/08/21 13:41:54 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{39573930-DFF7-4CC6-B215-BCBB7F4C653B} [2012/08/21 13:37:11 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{139F92DB-84BA-433F-A46F-67C9EAB9C7B0} [2012/08/21 07:25:40 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\SysWow64\PCWizard.cpl [2012/08/21 07:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2012/08/21 07:25:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPUID [2012/08/18 14:01:03 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{F07FDA70-1BAF-4F1C-A552-AF994A7BB87C} [2012/08/18 14:00:52 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{128136E9-5195-4DCD-98A9-A40499EAF0AB} [2012/08/17 15:26:54 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{B6742CC9-9DFE-4D11-866C-895018980292} [2012/08/17 15:26:43 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{CA8C16D6-87C8-4CFE-8F02-08EA16149DD9} [2012/08/15 17:30:33 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{E1E7AE65-60EA-475E-9A7D-3940197B6BEC} [2012/08/14 13:19:32 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{9C7FBA4B-21F3-4BF9-BCC6-3C444292B782} [2012/08/14 13:19:21 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{EE47B966-1A1A-44D3-8B8A-625C8053A985} [2012/08/13 20:22:35 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{255272F5-63A7-4641-B7B7-98927A0CDF9F} [2012/08/13 20:22:24 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{5B936D18-8E76-4E04-8E9D-A25A2DE98BDD} [2012/08/12 21:47:29 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{DC7E36F2-0C07-441E-A29B-C31630EF3CE3} [2012/08/12 21:47:18 | 000,000,000 | ---D | C] -- C:\Users\Clarisse\AppData\Local\{8104D933-C7E2-4646-A2C8-170C5880874C} [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/09/05 16:53:46 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/05 16:53:46 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/05 16:51:11 | 001,531,322 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/09/05 16:51:11 | 000,666,592 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/09/05 16:51:11 | 000,628,416 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/09/05 16:51:11 | 000,134,700 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/09/05 16:51:11 | 000,110,878 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/09/05 16:47:47 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Clarisse\Desktop\OTL.exe [2012/09/05 16:47:03 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/05 16:47:00 | 000,000,380 | ---- | M] () -- C:\Users\Clarisse\AppData\Roaming\sp_data.sys [2012/09/05 16:46:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/05 16:46:34 | 2129,522,687 | -HS- | M] () -- C:\hiberfil.sys [2012/09/05 14:17:32 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/09/05 14:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/05 08:47:24 | 001,560,458 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/04 08:13:43 | 000,511,265 | ---- | M] () -- C:\Users\Clarisse\Desktop\adwcleaner.exe [2012/08/31 15:40:25 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/08/29 10:28:28 | 000,000,000 | ---- | M] () -- C:\Users\Clarisse\defogger_reenable [2012/08/29 10:27:06 | 000,050,477 | ---- | M] () -- C:\Users\Clarisse\Desktop\Defogger.exe [2012/08/23 15:56:45 | 004,503,728 | ---- | M] () -- C:\ProgramData\ism_0_llatsni.pad [2012/08/15 21:13:22 | 000,275,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/09/05 08:47:24 | 001,560,458 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/04 08:23:11 | 000,511,265 | ---- | C] () -- C:\Users\Clarisse\Desktop\adwcleaner.exe [2012/08/31 15:40:25 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/08/29 10:28:28 | 000,000,000 | ---- | C] () -- C:\Users\Clarisse\defogger_reenable [2012/08/29 10:27:55 | 000,050,477 | ---- | C] () -- C:\Users\Clarisse\Desktop\Defogger.exe [2012/08/21 13:39:10 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad [2012/06/06 16:20:59 | 000,000,380 | ---- | C] () -- C:\Users\Clarisse\AppData\Roaming\sp_data.sys [2012/06/03 12:41:20 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe [2011/12/25 18:43:30 | 000,001,334 | RHS- | C] () -- C:\Users\Clarisse\ntuser.pol [2011/12/25 10:41:20 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/09/02 12:40:34 | 000,001,313 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini [2011/09/02 12:40:34 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini [2011/09/02 12:40:34 | 000,001,212 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini [2011/09/02 12:40:33 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011/09/02 12:40:33 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011/09/02 12:31:01 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011/04/13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== LOP Check ========== [2012/02/14 20:13:01 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\.minecraft [2011/12/27 21:37:15 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\ASUS WebStorage [2012/07/19 10:15:25 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Dropbox [2012/07/11 21:48:12 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\ICQ [2012/09/05 08:47:15 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Nuance [2012/07/12 02:30:18 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Opera [2011/12/27 22:50:47 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Origin [2012/09/05 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\SoftGrid Client [2012/08/29 08:35:40 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\TeamViewer [2012/09/05 08:48:13 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\TP [2012/07/12 03:02:20 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Windows Desktop Search [2012/07/10 18:41:00 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Windows Search [2012/09/05 08:47:14 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Zeon [2012/08/22 18:27:07 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\.minecraft [2012/01/08 15:44:17 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\ASUS WebStorage [2012/06/27 14:51:18 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Blender Foundation [2012/07/17 21:28:55 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\DVDVideoSoft [2012/02/09 11:09:19 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\DVDVideoSoftIEHelpers [2012/02/04 20:43:28 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Nuance [2012/01/08 15:47:20 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Origin [2012/08/23 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Spotify [2012/02/04 20:43:27 | 000,000,000 | ---D | M] -- C:\Users\Fabian\AppData\Roaming\Zeon [2011/12/25 12:23:11 | 000,000,000 | ---D | M] -- C:\Users\Benutzer5\AppData\Roaming\ASUS WebStorage [2011/12/26 09:18:15 | 000,000,000 | ---D | M] -- C:\Users\Benutzer5\AppData\Roaming\Nuance [2011/12/26 09:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benutzer5\AppData\Roaming\Origin [2011/12/26 09:18:12 | 000,000,000 | ---D | M] -- C:\Users\Benutzer5\AppData\Roaming\Zeon [2012/08/06 12:26:17 | 000,000,000 | ---D | M] -- C:\Users\Marcel\AppData\Roaming\.minecraft [2011/12/25 19:00:59 | 000,000,000 | ---D | M] -- C:\Users\Marcel\AppData\Roaming\ASUS WebStorage [2011/12/25 19:08:49 | 000,000,000 | ---D | M] -- C:\Users\Marcel\AppData\Roaming\Origin [2012/06/25 17:18:26 | 000,000,000 | ---D | M] -- C:\Users\Marcel\AppData\Roaming\SPORE [2012/08/08 13:59:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012/02/14 20:13:01 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\.minecraft [2011/12/27 21:48:35 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Adobe [2012/07/12 03:34:19 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Apple [2012/06/29 14:28:03 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Apple Computer [2011/12/27 21:37:15 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\ASUS WebStorage [2012/07/19 10:15:25 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Dropbox [2012/09/05 08:47:15 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\FLEXnet [2011/12/25 18:44:37 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Google [2012/08/29 08:35:42 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Google Inc [2012/07/05 18:40:54 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Help [2012/07/11 21:48:12 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\ICQ [2012/08/28 16:54:32 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Identities [2012/07/11 19:55:39 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Macromedia [2012/08/31 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Malwarebytes [2012/07/11 17:32:41 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Media Center Programs [2012/07/18 21:12:41 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Media Player Classic [2012/09/05 08:49:31 | 000,000,000 | --SD | M] -- C:\Users\Clarisse\AppData\Roaming\Microsoft [2012/07/11 22:35:55 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Mozilla [2012/09/05 08:47:15 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Nuance [2012/02/14 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\NVIDIA [2012/07/12 02:30:18 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Opera [2011/12/27 22:50:47 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Origin [2012/09/05 09:01:03 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Skype [2012/09/05 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\SoftGrid Client [2012/04/05 19:28:07 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Sonic [2012/07/11 18:03:45 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Sun [2012/08/29 08:35:40 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\TeamViewer [2012/09/05 08:48:13 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\TP [2012/07/13 18:05:27 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\vlc [2012/07/12 03:02:20 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Windows Desktop Search [2012/07/10 18:41:00 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Windows Search [2012/07/10 17:05:19 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\WinRAR [2012/09/05 08:47:14 | 000,000,000 | ---D | M] -- C:\Users\Clarisse\AppData\Roaming\Zeon < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_10.1.0.1008\iaStor.sys [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys < MD5 for: IASTORV.SYS > [2010/11/20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010/11/20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010/11/20 14:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010/11/20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010/11/20 15:27:28 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010/11/20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010/11/20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < End of report > |
|
07.09.2012, 12:39
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\SearchScopes\{051F461B-4D27-47FB-83C2-F8D7A3FD03DE}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=OSJ000&apn_uid=F6D1748B-CBC6-40F9-B378-E451C03B0F30&apn_sauid=CE9E0001-7397-4555-9D80-350B0B576318
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-2724668189-292107657-288035041-1005..\Run: [UpgradeChecker] C:\Users\Clarisse\AppData\Roaming\Google Inc.\{91AD5C3F-387A-4CD3-BED6-1B5C58159678}\UpgradeChecker.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O4 - Startup: C:\Users\Benutzer5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O4 - Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O4 - Startup: C:\Users\MU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O4 - Startup: C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
:Files
C:\Users\Clarisse\AppData\Local\{*
C:\ProgramData\*.pad
C:\Users\*Benutzer_1*\Appdata\LocalLow\Sun\Java\Deployment\cache
C:\Users\*Benutzer_2*\Appdata\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
07.09.2012, 13:26
| #19 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Danke dir vielmals, hier ist das Ergebnis: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\Software\Microsoft\Internet Explorer\SearchScopes\{051F461B-4D27-47FB-83C2-F8D7A3FD03DE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051F461B-4D27-47FB-83C2-F8D7A3FD03DE}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\Software\Microsoft\Windows\CurrentVersion\Run\\UpgradeChecker deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
C:\Users\Benutzer5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
C:\Users\MU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
C:\Users\Susi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\LogonHoursAction deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2724668189-292107657-288035041-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DontDisplayLogonHoursWarnings deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
========== FILES ==========
C:\Users\Clarisse\AppData\Local\{0146DC67-8455-4425-BB46-15D190FE09CE} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{036D4D2A-9EC0-48AD-8349-F4BB95E256BF} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{04D3D667-14CA-4351-AF26-23227C889502} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{0A9BD0A7-16FB-41E5-BEBB-E01E46B061AA} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{0BE068B5-B3A6-4E53-AB69-B5070C3BDAA1} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{0CF5D9DE-563C-45CF-A034-8AB96EC43A80} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{128136E9-5195-4DCD-98A9-A40499EAF0AB} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{139F92DB-84BA-433F-A46F-67C9EAB9C7B0} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{14E0F209-224E-480E-B871-521E2454BCB2} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{168A9C50-1D75-4F39-AFBF-981E70C52CFF} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{19E3AF3A-6932-448A-A0CB-04A01F734208} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{1A0B5768-B394-46F0-8F34-7F536A8B9116} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{1D829540-43D8-443C-B2C0-4B7F85E7D35A} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{1F330684-58D8-46CA-8882-4791A47E5460} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{211A271C-2A9A-46D9-A425-B76712D0D4AA} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{23CC70EC-E516-4A68-ABB7-838896CF8BD4} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{255272F5-63A7-4641-B7B7-98927A0CDF9F} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{25BA4CF9-7FEF-40EE-970E-0BBF2D9A4DEF} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{2BD6B67E-B895-4DFA-9D76-5A2AD11B765A} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{359B62A6-9A50-4ADD-ADCD-2F80414A36E6} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{39573930-DFF7-4CC6-B215-BCBB7F4C653B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{4423FCC9-A5AA-4303-8A3D-D8A767CED334} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{456086B8-9269-4939-BBCE-C9AC3FDB8191} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{459D1158-41C0-4013-8F3C-3788AD42F499} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{495446CD-D170-4DDC-A37B-82965B42A1B5} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{5B936D18-8E76-4E04-8E9D-A25A2DE98BDD} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{6661180D-65B8-4722-82FD-EF96F35776E2} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{68B7D77F-095B-4984-88D3-15F722D93C2B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{717D57E5-C9DC-4890-88B6-D5FE6C4CAA5C} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{74081A92-B85C-4509-B7B5-25F89CAC5E51} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{7776F9BC-1AB7-4F43-937A-EA0599BF6122} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{7814059A-A8AB-454C-9ECF-55B01355C87B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{806FDFB0-128E-463E-8EB3-7CE6081A54FE} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{8104D933-C7E2-4646-A2C8-170C5880874C} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{8B88E3A8-D7B9-4FEF-AED4-C103079DD1E8} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{8DA0EB20-8F27-4200-817D-3D22DFCD2F4D} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{93A3CA64-1D4D-4883-A25D-0F0B85CE1B9E} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{99076DDA-E172-4E07-86C1-AAC364B4773B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{9943E255-FFBD-419F-BA08-5B52DFF9F30D} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{9A1DD571-FF31-42B7-8DB5-43DBBDFA3D6F} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{9A27F06D-098B-48BD-957D-9D05B918B8B1} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{9C7FBA4B-21F3-4BF9-BCC6-3C444292B782} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A024B0F1-55B6-4A7A-A10C-5F5BF3D2EF2F} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A1EC08CB-3A85-4D2B-B5BD-084636E298D2} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A2A5A42B-EB24-49FE-AC89-AA412946CFBD} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A45E9EA9-E2EF-485E-86FB-36118DCAAA8F} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A5687E22-A3BB-4048-AAEA-27F168709D81} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{A6312810-1375-42E4-9606-E023A324DE1E} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{AF062D1E-3A38-4193-997C-9FD4065AAE0B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{B52E37E4-6DB3-4C8B-B6D0-2905A04F0EA3} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{B64853E9-D4C5-4513-AB19-DA5662913471} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{B6742CC9-9DFE-4D11-866C-895018980292} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{BC4A7091-A78E-4533-A611-CE525F347D54} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{BCFCE1D6-CA50-4D9C-B4F1-B3D7D6C86D5C} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C17B5F6D-8613-4AA1-AE3F-5E239ED9AA07} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C3346978-C7A7-434D-B209-82AFBF2A1CB6} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C5AD36E3-5CFC-4DDD-AC1A-513BC9D7DD63} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C9015A83-AC96-4F9A-A6B3-8C46C257C1B2} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C925CF3A-8064-4D83-80DA-06093A64E82B} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{C95BCBAB-662C-4946-94C3-6F5237296B63} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{CA8C16D6-87C8-4CFE-8F02-08EA16149DD9} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{CF7720BB-DCE9-48D1-AC46-1C40BD28DD56} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{D0E2AEDE-98CB-45C1-B8BA-81D89A5AF31D} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{D231A542-E899-4161-A626-0328B4C1F809} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{D60C6693-88A3-4DA2-902B-81EBC3714C38} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{DC7E36F2-0C07-441E-A29B-C31630EF3CE3} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{E1E7AE65-60EA-475E-9A7D-3940197B6BEC} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{E25F1134-C557-410F-A051-6CF4FD6A82E1} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{E7A99B4C-06F7-432A-8BCE-F4FA2FAA8FB7} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{EE47B966-1A1A-44D3-8B8A-625C8053A985} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{F07FDA70-1BAF-4F1C-A552-AF994A7BB87C} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{F08DBCDE-C67B-4106-97B5-B85473695318} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{F2089DDC-0A02-4414-A439-89347C57187E} folder moved successfully.
C:\Users\Clarisse\AppData\Local\{F93C81B1-ADC9-4842-99D1-D05CE0A2F3FB} folder moved successfully.
C:\ProgramData\ism_0_llatsni.pad moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Clarisse\Appdata\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Fabian\Appdata\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Clarisse\Desktop\cmd.bat deleted successfully.
C:\Users\Clarisse\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Clarisse
->Temp folder emptied: 131135788 bytes
->Temporary Internet Files folder emptied: 889562543 bytes
->Google Chrome cache emptied: 14815318 bytes
->Flash cache emptied: 3596 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Fabian
->Temp folder emptied: 923000969 bytes
->Temporary Internet Files folder emptied: 194240470 bytes
->Google Chrome cache emptied: 54276640 bytes
->Flash cache emptied: 11935 bytes
User: Benutzer5
->Temp folder emptied: 5340955 bytes
->Temporary Internet Files folder emptied: 42828946 bytes
->Flash cache emptied: 672 bytes
User: Marcel
->Temp folder emptied: 261635226 bytes
->Temporary Internet Files folder emptied: 16825848377 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 6280 bytes
User: MU
->Temp folder emptied: 116721 bytes
->Temporary Internet Files folder emptied: 65066 bytes
User: Public
User: Susi
->Temp folder emptied: 379381 bytes
->Temporary Internet Files folder emptied: 36055663 bytes
->Flash cache emptied: 1112 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3238240 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 404659209 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 919975733 bytes
Total Files Cleaned = 19,748.00 mb
[EMPTYFLASH]
User: All Users
User: Clarisse
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Fabian
->Flash cache emptied: 0 bytes
User: Benutzer5
->Flash cache emptied: 0 bytes
User: Marcel
->Flash cache emptied: 0 bytes
User: MU
User: Public
User: Susi
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.0 log created on 09072012_141258
Files\Folders moved on Reboot...
C:\Users\Clarisse\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
09.09.2012, 20:56
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.09.2012, 08:41
| #21 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Hallo cosinus, danke, ist ausgeführt: Code:
ATTFilter 09:24:51.0579 1640 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:24:51.0595 1640 ============================================================
09:24:51.0595 1640 Current date / time: 2012/09/10 09:24:51.0595
09:24:51.0595 1640 SystemInfo:
09:24:51.0595 1640
09:24:51.0595 1640 OS Version: 6.1.7601 ServicePack: 1.0
09:24:51.0595 1640 Product type: Workstation
09:24:51.0595 1640 ComputerName: HAHN-GAMER1
09:24:51.0595 1640 UserName: Clarisse
09:24:51.0595 1640 Windows directory: C:\Windows
09:24:51.0595 1640 System windows directory: C:\Windows
09:24:51.0595 1640 Running under WOW64
09:24:51.0595 1640 Processor architecture: Intel x64
09:24:51.0595 1640 Number of processors: 8
09:24:51.0595 1640 Page size: 0x1000
09:24:51.0595 1640 Boot type: Normal boot
09:24:51.0595 1640 ============================================================
09:24:51.0813 1640 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:24:52.0141 1640 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:24:52.0141 1640 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:24:52.0172 1640 ============================================================
09:24:52.0172 1640 \Device\Harddisk0\DR0:
09:24:52.0172 1640 MBR partitions:
09:24:52.0172 1640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xF818800
09:24:52.0172 1640 \Device\Harddisk1\DR1:
09:24:52.0172 1640 MBR partitions:
09:24:52.0172 1640 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2BA9C000
09:24:52.0172 1640 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2BA9C800, BlocksNum 0x2BAA9EF0
09:24:52.0172 1640 \Device\Harddisk2\DR2:
09:24:52.0172 1640 MBR partitions:
09:24:52.0172 1640 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
09:24:52.0172 1640 ============================================================
09:24:52.0188 1640 C: <-> \Device\Harddisk0\DR0\Partition1
09:24:52.0219 1640 D: <-> \Device\Harddisk1\DR1\Partition1
09:24:52.0281 1640 E: <-> \Device\Harddisk1\DR1\Partition2
09:24:52.0297 1640 G: <-> \Device\Harddisk2\DR2\Partition1
09:24:52.0297 1640 ============================================================
09:24:52.0297 1640 Initialize success
09:24:52.0297 1640 ============================================================
09:37:40.0770 7020 ============================================================
09:37:40.0770 7020 Scan started
09:37:40.0770 7020 Mode: Manual; SigCheck; TDLFS;
09:37:40.0770 7020 ============================================================
09:37:41.0222 7020 ================ Scan system memory ========================
09:37:41.0222 7020 System memory - ok
09:37:41.0222 7020 ================ Scan services =============================
09:37:41.0300 7020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:37:41.0347 7020 1394ohci - ok
09:37:41.0347 7020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:37:41.0363 7020 ACPI - ok
09:37:41.0363 7020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:37:41.0394 7020 AcpiPmi - ok
09:37:41.0441 7020 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:37:41.0441 7020 AdobeFlashPlayerUpdateSvc - ok
09:37:41.0456 7020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:37:41.0472 7020 adp94xx - ok
09:37:41.0472 7020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:37:41.0487 7020 adpahci - ok
09:37:41.0487 7020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:37:41.0503 7020 adpu320 - ok
09:37:41.0503 7020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:37:41.0534 7020 AeLookupSvc - ok
09:37:41.0550 7020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:37:41.0565 7020 AFD - ok
09:37:41.0565 7020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:37:41.0565 7020 agp440 - ok
09:37:41.0565 7020 [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
09:37:41.0581 7020 AiCharger - ok
09:37:41.0581 7020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:37:41.0597 7020 ALG - ok
09:37:41.0597 7020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:37:41.0612 7020 aliide - ok
09:37:41.0612 7020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:37:41.0612 7020 amdide - ok
09:37:41.0612 7020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:37:41.0628 7020 AmdK8 - ok
09:37:41.0628 7020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:37:41.0643 7020 AmdPPM - ok
09:37:41.0643 7020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:37:41.0659 7020 amdsata - ok
09:37:41.0659 7020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:37:41.0675 7020 amdsbs - ok
09:37:41.0675 7020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:37:41.0675 7020 amdxata - ok
09:37:41.0690 7020 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
09:37:41.0690 7020 Amsp - ok
09:37:41.0706 7020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:37:41.0721 7020 AppID - ok
09:37:41.0721 7020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:37:41.0753 7020 AppIDSvc - ok
09:37:41.0753 7020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:37:41.0784 7020 Appinfo - ok
09:37:41.0799 7020 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:37:41.0799 7020 Apple Mobile Device - ok
09:37:41.0799 7020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:37:41.0815 7020 arc - ok
09:37:41.0815 7020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:37:41.0815 7020 arcsas - ok
09:37:41.0831 7020 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:37:41.0831 7020 ASLDRService - ok
09:37:41.0831 7020 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:37:41.0846 7020 ASMMAP64 - ok
09:37:41.0846 7020 [ B6EF28ECEE73B624D56DF30AD562AE8D ] AsusUacSvc C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
09:37:41.0846 7020 AsusUacSvc ( UnsignedFile.Multi.Generic ) - warning
09:37:41.0846 7020 AsusUacSvc - detected UnsignedFile.Multi.Generic (1)
09:37:41.0846 7020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:37:41.0877 7020 AsyncMac - ok
09:37:41.0877 7020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:37:41.0893 7020 atapi - ok
09:37:41.0893 7020 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
09:37:41.0893 7020 AthBTPort - ok
09:37:41.0909 7020 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
09:37:41.0909 7020 Atheros Bt&Wlan Coex Agent - ok
09:37:41.0909 7020 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:37:41.0909 7020 AtherosSvc - ok
09:37:41.0955 7020 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:37:41.0987 7020 athr - ok
09:37:42.0002 7020 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:37:42.0002 7020 ATKGFNEXSrv - ok
09:37:42.0002 7020 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO_ C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:37:42.0018 7020 ATKWMIACPIIO_ - ok
09:37:42.0018 7020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:37:42.0065 7020 AudioEndpointBuilder - ok
09:37:42.0065 7020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:37:42.0096 7020 AudioSrv - ok
09:37:42.0111 7020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:37:42.0111 7020 AxInstSV - ok
09:37:42.0127 7020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:37:42.0143 7020 b06bdrv - ok
09:37:42.0143 7020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:37:42.0158 7020 b57nd60a - ok
09:37:42.0174 7020 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:37:42.0174 7020 BBSvc - ok
09:37:42.0174 7020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:37:42.0189 7020 BDESVC - ok
09:37:42.0189 7020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:37:42.0221 7020 Beep - ok
09:37:42.0236 7020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:37:42.0267 7020 BFE - ok
09:37:42.0283 7020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:37:42.0314 7020 BITS - ok
09:37:42.0314 7020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:37:42.0330 7020 blbdrive - ok
09:37:42.0330 7020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:37:42.0345 7020 Bonjour Service - ok
09:37:42.0345 7020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:37:42.0361 7020 bowser - ok
09:37:42.0361 7020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:37:42.0392 7020 BrFiltLo - ok
09:37:42.0392 7020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:37:42.0392 7020 BrFiltUp - ok
09:37:42.0408 7020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:37:42.0408 7020 Browser - ok
09:37:42.0423 7020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:37:42.0439 7020 Brserid - ok
09:37:42.0439 7020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:37:42.0455 7020 BrSerWdm - ok
09:37:42.0455 7020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:37:42.0470 7020 BrUsbMdm - ok
09:37:42.0470 7020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:37:42.0470 7020 BrUsbSer - ok
09:37:42.0486 7020 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
09:37:42.0486 7020 BTATH_A2DP - ok
09:37:42.0486 7020 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
09:37:42.0501 7020 BTATH_BUS - ok
09:37:42.0501 7020 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:37:42.0501 7020 BTATH_HCRP - ok
09:37:42.0517 7020 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:37:42.0517 7020 BTATH_LWFLT - ok
09:37:42.0517 7020 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
09:37:42.0533 7020 BTATH_RCP - ok
09:37:42.0533 7020 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
09:37:42.0548 7020 BtFilter - ok
09:37:42.0548 7020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:37:42.0548 7020 BthEnum - ok
09:37:42.0564 7020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:37:42.0564 7020 BTHMODEM - ok
09:37:42.0579 7020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:37:42.0579 7020 BthPan - ok
09:37:42.0595 7020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:37:42.0611 7020 BTHPORT - ok
09:37:42.0611 7020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:37:42.0642 7020 bthserv - ok
09:37:42.0642 7020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:37:42.0657 7020 BTHUSB - ok
09:37:42.0657 7020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:37:42.0689 7020 cdfs - ok
09:37:42.0689 7020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:37:42.0704 7020 cdrom - ok
09:37:42.0704 7020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:37:42.0735 7020 CertPropSvc - ok
09:37:42.0735 7020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:37:42.0751 7020 circlass - ok
09:37:42.0751 7020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:37:42.0767 7020 CLFS - ok
09:37:42.0782 7020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:37:42.0782 7020 clr_optimization_v2.0.50727_32 - ok
09:37:42.0798 7020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:37:42.0798 7020 clr_optimization_v2.0.50727_64 - ok
09:37:42.0813 7020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:37:42.0813 7020 clr_optimization_v4.0.30319_32 - ok
09:37:42.0829 7020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:37:42.0829 7020 clr_optimization_v4.0.30319_64 - ok
09:37:42.0829 7020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:37:42.0845 7020 CmBatt - ok
09:37:42.0845 7020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:37:42.0860 7020 cmdide - ok
09:37:42.0860 7020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:37:42.0876 7020 CNG - ok
09:37:42.0891 7020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:37:42.0891 7020 Compbatt - ok
09:37:42.0891 7020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:37:42.0907 7020 CompositeBus - ok
09:37:42.0907 7020 COMSysApp - ok
09:37:42.0923 7020 [ D0C2CAA17C7B6D2200E1B5AA9D07135E ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
09:37:42.0923 7020 cpuz135 - ok
09:37:42.0923 7020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:37:42.0938 7020 crcdisk - ok
09:37:42.0938 7020 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:37:42.0938 7020 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:37:42.0938 7020 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:37:42.0938 7020 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:37:42.0954 7020 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
09:37:42.0954 7020 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
09:37:42.0954 7020 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:37:42.0969 7020 CryptSvc - ok
09:37:42.0985 7020 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:37:42.0985 7020 cvhsvc - ok
09:37:43.0001 7020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:37:43.0032 7020 DcomLaunch - ok
09:37:43.0047 7020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:37:43.0079 7020 defragsvc - ok
09:37:43.0079 7020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:37:43.0094 7020 DfsC - ok
09:37:43.0110 7020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:37:43.0141 7020 Dhcp - ok
09:37:43.0141 7020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:37:43.0172 7020 discache - ok
09:37:43.0172 7020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:37:43.0172 7020 Disk - ok
09:37:43.0188 7020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:37:43.0188 7020 Dnscache - ok
09:37:43.0203 7020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:37:43.0219 7020 dot3svc - ok
09:37:43.0235 7020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:37:43.0250 7020 DPS - ok
09:37:43.0266 7020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:37:43.0266 7020 drmkaud - ok
09:37:43.0281 7020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:37:43.0297 7020 DXGKrnl - ok
09:37:43.0313 7020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:37:43.0328 7020 EapHost - ok
09:37:43.0375 7020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:37:43.0422 7020 ebdrv - ok
09:37:43.0422 7020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:37:43.0437 7020 EFS - ok
09:37:43.0453 7020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:37:43.0469 7020 ehRecvr - ok
09:37:43.0469 7020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:37:43.0484 7020 ehSched - ok
09:37:43.0500 7020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:37:43.0515 7020 elxstor - ok
09:37:43.0515 7020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:37:43.0531 7020 ErrDev - ok
09:37:43.0531 7020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:37:43.0562 7020 EventSystem - ok
09:37:43.0578 7020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:37:43.0593 7020 exfat - ok
09:37:43.0609 7020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:37:43.0640 7020 fastfat - ok
09:37:43.0640 7020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:37:43.0671 7020 Fax - ok
09:37:43.0671 7020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:37:43.0671 7020 fdc - ok
09:37:43.0687 7020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:37:43.0703 7020 fdPHost - ok
09:37:43.0703 7020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:37:43.0734 7020 FDResPub - ok
09:37:43.0734 7020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:37:43.0749 7020 FileInfo - ok
09:37:43.0749 7020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:37:43.0781 7020 Filetrace - ok
09:37:43.0781 7020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:37:43.0781 7020 flpydisk - ok
09:37:43.0796 7020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:37:43.0812 7020 FltMgr - ok
09:37:43.0812 7020 [ BFDA4D45D7C3E278D46F5BB0E5348C56 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
09:37:43.0827 7020 FLxHCIc - ok
09:37:43.0827 7020 [ 7DAB83E54F868806D919384AC3DEF762 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
09:37:43.0827 7020 FLxHCIh - ok
09:37:43.0859 7020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:37:43.0874 7020 FontCache - ok
09:37:43.0874 7020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:37:43.0890 7020 FontCache3.0.0.0 - ok
09:37:43.0890 7020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:37:43.0890 7020 FsDepends - ok
09:37:43.0905 7020 [ 3DFA8D4E50D608F8F732014614C84DD2 ] fspad_win764 C:\Windows\system32\DRIVERS\fspad_win764.sys
09:37:43.0905 7020 fspad_win764 - ok
09:37:43.0905 7020 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:37:43.0921 7020 fssfltr - ok
09:37:43.0937 7020 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:37:43.0952 7020 fsssvc - ok
09:37:43.0952 7020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:37:43.0968 7020 Fs_Rec - ok
09:37:43.0968 7020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:37:43.0983 7020 fvevol - ok
09:37:43.0983 7020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:37:43.0999 7020 gagp30kx - ok
09:37:43.0999 7020 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:37:43.0999 7020 GEARAspiWDM - ok
09:37:44.0015 7020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:37:44.0046 7020 gpsvc - ok
09:37:44.0061 7020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:37:44.0061 7020 gupdate - ok
09:37:44.0061 7020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:37:44.0077 7020 gupdatem - ok
09:37:44.0077 7020 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
09:37:44.0077 7020 hamachi - ok
09:37:44.0108 7020 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
09:37:44.0139 7020 Hamachi2Svc - ok
09:37:44.0139 7020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:37:44.0155 7020 hcw85cir - ok
09:37:44.0155 7020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:37:44.0171 7020 HdAudAddService - ok
09:37:44.0171 7020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:37:44.0186 7020 HDAudBus - ok
09:37:44.0186 7020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:37:44.0202 7020 HidBatt - ok
09:37:44.0202 7020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:37:44.0217 7020 HidBth - ok
09:37:44.0217 7020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:37:44.0233 7020 HidIr - ok
09:37:44.0233 7020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:37:44.0264 7020 hidserv - ok
09:37:44.0264 7020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:37:44.0280 7020 HidUsb - ok
09:37:44.0280 7020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:37:44.0295 7020 hkmsvc - ok
09:37:44.0311 7020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:37:44.0327 7020 HomeGroupListener - ok
09:37:44.0327 7020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:37:44.0342 7020 HomeGroupProvider - ok
09:37:44.0342 7020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:37:44.0342 7020 HpSAMD - ok
09:37:44.0358 7020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:37:44.0389 7020 HTTP - ok
09:37:44.0405 7020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:37:44.0405 7020 hwpolicy - ok
09:37:44.0405 7020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:37:44.0420 7020 i8042prt - ok
09:37:44.0420 7020 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:37:44.0436 7020 iaStor - ok
09:37:44.0451 7020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:37:44.0451 7020 iaStorV - ok
09:37:44.0467 7020 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:37:44.0467 7020 IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:37:44.0467 7020 IDriverT - detected UnsignedFile.Multi.Generic (1)
09:37:44.0483 7020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:37:44.0498 7020 idsvc - ok
09:37:44.0498 7020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:37:44.0514 7020 iirsp - ok
09:37:44.0529 7020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:37:44.0561 7020 IKEEXT - ok
09:37:44.0623 7020 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:37:44.0670 7020 IntcAzAudAddService - ok
09:37:44.0685 7020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:37:44.0685 7020 intelide - ok
09:37:44.0685 7020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:37:44.0701 7020 intelppm - ok
09:37:44.0701 7020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:37:44.0732 7020 IPBusEnum - ok
09:37:44.0732 7020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:37:44.0763 7020 IpFilterDriver - ok
09:37:44.0763 7020 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:37:44.0795 7020 iphlpsvc - ok
09:37:44.0795 7020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:37:44.0810 7020 IPMIDRV - ok
09:37:44.0810 7020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:37:44.0841 7020 IPNAT - ok
09:37:44.0857 7020 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:37:44.0873 7020 iPod Service - ok
09:37:44.0873 7020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:37:44.0904 7020 IRENUM - ok
09:37:44.0904 7020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:37:44.0904 7020 isapnp - ok
09:37:44.0919 7020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:37:44.0919 7020 iScsiPrt - ok
09:37:44.0935 7020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:37:44.0935 7020 kbdclass - ok
09:37:44.0935 7020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:37:44.0951 7020 kbdhid - ok
09:37:44.0951 7020 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:37:44.0951 7020 kbfiltr - ok
09:37:44.0966 7020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:37:44.0966 7020 KeyIso - ok
09:37:44.0966 7020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:37:44.0982 7020 KSecDD - ok
09:37:44.0982 7020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:37:44.0997 7020 KSecPkg - ok
09:37:44.0997 7020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:37:45.0029 7020 ksthunk - ok
09:37:45.0029 7020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:37:45.0060 7020 KtmRm - ok
09:37:45.0060 7020 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:37:45.0075 7020 L1C - ok
09:37:45.0075 7020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:37:45.0107 7020 LanmanServer - ok
09:37:45.0107 7020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:37:45.0138 7020 LanmanWorkstation - ok
09:37:45.0138 7020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:37:45.0169 7020 lltdio - ok
09:37:45.0169 7020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:37:45.0200 7020 lltdsvc - ok
09:37:45.0216 7020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:37:45.0231 7020 lmhosts - ok
09:37:45.0247 7020 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:37:45.0247 7020 LMS - ok
09:37:45.0247 7020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:37:45.0263 7020 LSI_FC - ok
09:37:45.0263 7020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:37:45.0278 7020 LSI_SAS - ok
09:37:45.0278 7020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:37:45.0294 7020 LSI_SAS2 - ok
09:37:45.0294 7020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:37:45.0294 7020 LSI_SCSI - ok
09:37:45.0309 7020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:37:45.0325 7020 luafv - ok
09:37:45.0341 7020 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
09:37:45.0341 7020 MBfilt - ok
09:37:45.0341 7020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:37:45.0356 7020 Mcx2Svc - ok
09:37:45.0356 7020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:37:45.0372 7020 megasas - ok
09:37:45.0372 7020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:37:45.0387 7020 MegaSR - ok
09:37:45.0387 7020 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:37:45.0387 7020 MEIx64 - ok
09:37:45.0403 7020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:37:45.0419 7020 MMCSS - ok
09:37:45.0434 7020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:37:45.0450 7020 Modem - ok
09:37:45.0450 7020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:37:45.0465 7020 monitor - ok
09:37:45.0465 7020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:37:45.0481 7020 mouclass - ok
09:37:45.0481 7020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:37:45.0497 7020 mouhid - ok
09:37:45.0497 7020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:37:45.0497 7020 mountmgr - ok
09:37:45.0512 7020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:37:45.0512 7020 mpio - ok
09:37:45.0512 7020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:37:45.0543 7020 mpsdrv - ok
09:37:45.0559 7020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:37:45.0590 7020 MpsSvc - ok
09:37:45.0606 7020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:37:45.0621 7020 MRxDAV - ok
09:37:45.0621 7020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:37:45.0637 7020 mrxsmb - ok
09:37:45.0637 7020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:37:45.0653 7020 mrxsmb10 - ok
09:37:45.0653 7020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:37:45.0668 7020 mrxsmb20 - ok
09:37:45.0668 7020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:37:45.0668 7020 msahci - ok
09:37:45.0668 7020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:37:45.0684 7020 msdsm - ok
09:37:45.0684 7020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:37:45.0699 7020 MSDTC - ok
09:37:45.0699 7020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:37:45.0731 7020 Msfs - ok
09:37:45.0731 7020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:37:45.0762 7020 mshidkmdf - ok
09:37:45.0762 7020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:37:45.0762 7020 msisadrv - ok
09:37:45.0777 7020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:37:45.0793 7020 MSiSCSI - ok
09:37:45.0809 7020 msiserver - ok
09:37:45.0809 7020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:37:45.0840 7020 MSKSSRV - ok
09:37:45.0840 7020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:37:45.0871 7020 MSPCLOCK - ok
09:37:45.0871 7020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:37:45.0887 7020 MSPQM - ok
09:37:45.0902 7020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:37:45.0918 7020 MsRPC - ok
09:37:45.0918 7020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:37:45.0918 7020 mssmbios - ok
09:37:45.0933 7020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:37:45.0949 7020 MSTEE - ok
09:37:45.0949 7020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:37:45.0965 7020 MTConfig - ok
09:37:45.0965 7020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:37:45.0980 7020 Mup - ok
09:37:45.0980 7020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:37:46.0011 7020 napagent - ok
09:37:46.0027 7020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:37:46.0043 7020 NativeWifiP - ok
09:37:46.0058 7020 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:37:46.0074 7020 NDIS - ok
09:37:46.0074 7020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:37:46.0105 7020 NdisCap - ok
09:37:46.0105 7020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:37:46.0136 7020 NdisTapi - ok
09:37:46.0136 7020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:37:46.0167 7020 Ndisuio - ok
09:37:46.0167 7020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:37:46.0199 7020 NdisWan - ok
09:37:46.0199 7020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:37:46.0214 7020 NDProxy - ok
09:37:46.0230 7020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:37:46.0245 7020 NetBIOS - ok
09:37:46.0261 7020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:37:46.0277 7020 NetBT - ok
09:37:46.0277 7020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:37:46.0292 7020 Netlogon - ok
09:37:46.0292 7020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:37:46.0323 7020 Netman - ok
09:37:46.0339 7020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:37:46.0370 7020 netprofm - ok
09:37:46.0370 7020 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:37:46.0386 7020 NetTcpPortSharing - ok
09:37:46.0386 7020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:37:46.0386 7020 nfrd960 - ok
09:37:46.0401 7020 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:37:46.0433 7020 NlaSvc - ok
09:37:46.0433 7020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:37:46.0464 7020 Npfs - ok
09:37:46.0464 7020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:37:46.0479 7020 nsi - ok
09:37:46.0495 7020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:37:46.0511 7020 nsiproxy - ok
09:37:46.0542 7020 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:37:46.0573 7020 Ntfs - ok
09:37:46.0573 7020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:37:46.0604 7020 Null - ok
09:37:46.0604 7020 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:37:46.0604 7020 NVHDA - ok
09:37:46.0760 7020 [ 01502A328AE7CF595698A3FD954D18F0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:37:46.0932 7020 nvlddmkm - ok
09:37:46.0932 7020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:37:46.0947 7020 nvraid - ok
09:37:46.0947 7020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:37:46.0963 7020 nvstor - ok
09:37:46.0979 7020 [ 9196496E4EDC48BA7C7162D29698BCAA ] NVSvc C:\Windows\system32\nvvsvc.exe
09:37:46.0994 7020 NVSvc - ok
09:37:46.0994 7020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:37:47.0010 7020 nv_agp - ok
09:37:47.0010 7020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:37:47.0010 7020 ohci1394 - ok
09:37:47.0025 7020 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:37:47.0025 7020 ose - ok
09:37:47.0088 7020 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:37:47.0166 7020 osppsvc - ok
09:37:47.0166 7020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:37:47.0181 7020 p2pimsvc - ok
09:37:47.0197 7020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:37:47.0213 7020 p2psvc - ok
09:37:47.0213 7020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:37:47.0213 7020 Parport - ok
09:37:47.0228 7020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:37:47.0228 7020 partmgr - ok
09:37:47.0244 7020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:37:47.0244 7020 PcaSvc - ok
09:37:47.0259 7020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:37:47.0259 7020 pci - ok
09:37:47.0275 7020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:37:47.0275 7020 pciide - ok
09:37:47.0275 7020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:37:47.0291 7020 pcmcia - ok
09:37:47.0291 7020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:37:47.0306 7020 pcw - ok
09:37:47.0306 7020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:37:47.0337 7020 PEAUTH - ok
09:37:47.0400 7020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:37:47.0400 7020 PerfHost - ok
09:37:47.0431 7020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:37:47.0478 7020 pla - ok
09:37:47.0478 7020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:37:47.0493 7020 PlugPlay - ok
09:37:47.0493 7020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:37:47.0509 7020 PNRPAutoReg - ok
09:37:47.0509 7020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:37:47.0525 7020 PNRPsvc - ok
09:37:47.0525 7020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:37:47.0571 7020 PolicyAgent - ok
09:37:47.0571 7020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:37:47.0603 7020 Power - ok
09:37:47.0603 7020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:37:47.0634 7020 PptpMiniport - ok
09:37:47.0634 7020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:37:47.0634 7020 Processor - ok
09:37:47.0649 7020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:37:47.0665 7020 ProfSvc - ok
09:37:47.0665 7020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:37:47.0665 7020 ProtectedStorage - ok
09:37:47.0681 7020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:37:47.0696 7020 Psched - ok
09:37:47.0696 7020 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:37:47.0712 7020 PxHlpa64 - ok
09:37:47.0727 7020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:37:47.0759 7020 ql2300 - ok
09:37:47.0759 7020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:37:47.0774 7020 ql40xx - ok
09:37:47.0774 7020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:37:47.0790 7020 QWAVE - ok
09:37:47.0790 7020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:37:47.0805 7020 QWAVEdrv - ok
09:37:47.0805 7020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:37:47.0837 7020 RasAcd - ok
09:37:47.0837 7020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:37:47.0868 7020 RasAgileVpn - ok
09:37:47.0868 7020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:37:47.0899 7020 RasAuto - ok
09:37:47.0899 7020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:37:47.0930 7020 Rasl2tp - ok
09:37:47.0930 7020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:37:47.0961 7020 RasMan - ok
09:37:47.0961 7020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:37:47.0993 7020 RasPppoe - ok
09:37:47.0993 7020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:37:48.0024 7020 RasSstp - ok
09:37:48.0024 7020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:37:48.0055 7020 rdbss - ok
09:37:48.0055 7020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:37:48.0071 7020 rdpbus - ok
09:37:48.0071 7020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:37:48.0102 7020 RDPCDD - ok
09:37:48.0102 7020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:37:48.0133 7020 RDPENCDD - ok
09:37:48.0133 7020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:37:48.0164 7020 RDPREFMP - ok
09:37:48.0164 7020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:37:48.0180 7020 RDPWD - ok
09:37:48.0180 7020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:37:48.0195 7020 rdyboost - ok
09:37:48.0195 7020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:37:48.0227 7020 RemoteAccess - ok
09:37:48.0227 7020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:37:48.0258 7020 RemoteRegistry - ok
09:37:48.0258 7020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:37:48.0273 7020 RFCOMM - ok
09:37:48.0273 7020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:37:48.0305 7020 RpcEptMapper - ok
09:37:48.0305 7020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:37:48.0320 7020 RpcLocator - ok
09:37:48.0336 7020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:37:48.0351 7020 RpcSs - ok
09:37:48.0367 7020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:37:48.0383 7020 rspndr - ok
09:37:48.0398 7020 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
09:37:48.0398 7020 RSUSBVSTOR - ok
09:37:48.0414 7020 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:37:48.0414 7020 RTL8167 - ok
09:37:48.0429 7020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:37:48.0429 7020 SamSs - ok
09:37:48.0429 7020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:37:48.0445 7020 sbp2port - ok
09:37:48.0445 7020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:37:48.0476 7020 SCardSvr - ok
09:37:48.0476 7020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:37:48.0507 7020 scfilter - ok
09:37:48.0523 7020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:37:48.0554 7020 Schedule - ok
09:37:48.0570 7020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:37:48.0585 7020 SCPolicySvc - ok
09:37:48.0585 7020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:37:48.0601 7020 SDRSVC - ok
09:37:48.0617 7020 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:37:48.0617 7020 SeaPort - ok
09:37:48.0617 7020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:37:48.0648 7020 secdrv - ok
09:37:48.0648 7020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:37:48.0679 7020 seclogon - ok
09:37:48.0679 7020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:37:48.0710 7020 SENS - ok
09:37:48.0710 7020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:37:48.0726 7020 SensrSvc - ok
09:37:48.0726 7020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:37:48.0726 7020 Serenum - ok
09:37:48.0741 7020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:37:48.0741 7020 Serial - ok
09:37:48.0741 7020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:37:48.0757 7020 sermouse - ok
09:37:48.0757 7020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:37:48.0788 7020 SessionEnv - ok
09:37:48.0788 7020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:37:48.0804 7020 sffdisk - ok
09:37:48.0804 7020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:37:48.0819 7020 sffp_mmc - ok
09:37:48.0819 7020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:37:48.0835 7020 sffp_sd - ok
09:37:48.0835 7020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:37:48.0851 7020 sfloppy - ok
09:37:48.0851 7020 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:37:48.0866 7020 Sftfs - ok
09:37:48.0882 7020 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:37:48.0882 7020 sftlist - ok
09:37:48.0897 7020 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:37:48.0897 7020 Sftplay - ok
09:37:48.0897 7020 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:37:48.0913 7020 Sftredir - ok
09:37:48.0913 7020 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:37:48.0913 7020 Sftvol - ok
09:37:48.0929 7020 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:37:48.0929 7020 sftvsa - ok
09:37:48.0944 7020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:37:48.0960 7020 SharedAccess - ok
09:37:48.0975 7020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:37:49.0007 7020 ShellHWDetection - ok
09:37:49.0007 7020 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:37:49.0022 7020 SiSGbeLH - ok
09:37:49.0022 7020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:37:49.0022 7020 SiSRaid2 - ok
09:37:49.0038 7020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:37:49.0038 7020 SiSRaid4 - ok
09:37:49.0053 7020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:37:49.0053 7020 SkypeUpdate - ok
09:37:49.0053 7020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:37:49.0085 7020 Smb - ok
09:37:49.0085 7020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:37:49.0100 7020 SNMPTRAP - ok
09:37:49.0100 7020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:37:49.0116 7020 spldr - ok
09:37:49.0116 7020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:37:49.0131 7020 Spooler - ok
09:37:49.0178 7020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:37:49.0225 7020 sppsvc - ok
09:37:49.0225 7020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:37:49.0256 7020 sppuinotify - ok
09:37:49.0272 7020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:37:49.0287 7020 srv - ok
09:37:49.0287 7020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:37:49.0303 7020 srv2 - ok
09:37:49.0303 7020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:37:49.0319 7020 srvnet - ok
09:37:49.0319 7020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:37:49.0350 7020 SSDPSRV - ok
09:37:49.0350 7020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:37:49.0381 7020 SstpSvc - ok
09:37:49.0381 7020 Steam Client Service - ok
09:37:49.0397 7020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:37:49.0397 7020 stexstor - ok
09:37:49.0412 7020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:37:49.0428 7020 stisvc - ok
09:37:49.0428 7020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:37:49.0443 7020 swenum - ok
09:37:49.0443 7020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:37:49.0490 7020 swprv - ok
09:37:49.0506 7020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:37:49.0537 7020 SysMain - ok
09:37:49.0537 7020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:37:49.0553 7020 TabletInputService - ok
09:37:49.0568 7020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:37:49.0599 7020 TapiSrv - ok
09:37:49.0599 7020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:37:49.0631 7020 TBS - ok
09:37:49.0646 7020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:37:49.0677 7020 Tcpip - ok
09:37:49.0709 7020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:37:49.0740 7020 TCPIP6 - ok
09:37:49.0740 7020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:37:49.0771 7020 tcpipreg - ok
09:37:49.0771 7020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:37:49.0787 7020 TDPIPE - ok
09:37:49.0787 7020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:37:49.0787 7020 TDTCP - ok
09:37:49.0802 7020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:37:49.0818 7020 tdx - ok
09:37:49.0818 7020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:37:49.0833 7020 TermDD - ok
09:37:49.0849 7020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:37:49.0880 7020 TermService - ok
09:37:49.0880 7020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:37:49.0896 7020 Themes - ok
09:37:49.0896 7020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:37:49.0927 7020 THREADORDER - ok
09:37:49.0927 7020 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
09:37:49.0927 7020 tmactmon - ok
09:37:49.0943 7020 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
09:37:49.0943 7020 tmcomm - ok
09:37:49.0943 7020 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
09:37:49.0958 7020 tmevtmgr - ok
09:37:49.0958 7020 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
09:37:49.0958 7020 tmtdi - ok
09:37:49.0974 7020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:37:49.0989 7020 TrkWks - ok
09:37:50.0005 7020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:37:50.0021 7020 TrustedInstaller - ok
09:37:50.0036 7020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:37:50.0052 7020 tssecsrv - ok
09:37:50.0067 7020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:37:50.0067 7020 TsUsbFlt - ok
09:37:50.0067 7020 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:37:50.0083 7020 TsUsbGD - ok
09:37:50.0083 7020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:37:50.0114 7020 tunnel - ok
09:37:50.0114 7020 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:37:50.0130 7020 TurboB - ok
09:37:50.0130 7020 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:37:50.0130 7020 TurboBoost - ok
09:37:50.0145 7020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:37:50.0145 7020 uagp35 - ok
09:37:50.0145 7020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:37:50.0177 7020 udfs - ok
09:37:50.0192 7020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:37:50.0192 7020 UI0Detect - ok
09:37:50.0208 7020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:37:50.0208 7020 uliagpkx - ok
09:37:50.0208 7020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:37:50.0223 7020 umbus - ok
09:37:50.0223 7020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:37:50.0239 7020 UmPass - ok
09:37:50.0270 7020 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:37:50.0301 7020 UNS - ok
09:37:50.0317 7020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:37:50.0348 7020 upnphost - ok
09:37:50.0348 7020 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:37:50.0348 7020 USBAAPL64 - ok
09:37:50.0364 7020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:37:50.0364 7020 usbccgp - ok
09:37:50.0379 7020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:37:50.0379 7020 usbcir - ok
09:37:50.0395 7020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:37:50.0395 7020 usbehci - ok
09:37:50.0411 7020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:37:50.0411 7020 usbhub - ok
09:37:50.0426 7020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:37:50.0426 7020 usbohci - ok
09:37:50.0426 7020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:37:50.0442 7020 usbprint - ok
09:37:50.0442 7020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:37:50.0457 7020 usbscan - ok
09:37:50.0457 7020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:37:50.0473 7020 USBSTOR - ok
09:37:50.0473 7020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:37:50.0489 7020 usbuhci - ok
09:37:50.0489 7020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:37:50.0504 7020 usbvideo - ok
09:37:50.0504 7020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:37:50.0535 7020 UxSms - ok
09:37:50.0535 7020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:37:50.0535 7020 VaultSvc - ok
09:37:50.0535 7020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:37:50.0551 7020 vdrvroot - ok
09:37:50.0567 7020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:37:50.0598 7020 vds - ok
09:37:50.0598 7020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:37:50.0613 7020 vga - ok
09:37:50.0613 7020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:37:50.0629 7020 VgaSave - ok
09:37:50.0645 7020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:37:50.0645 7020 vhdmp - ok
09:37:50.0660 7020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:37:50.0660 7020 viaide - ok
09:37:50.0660 7020 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
09:37:50.0676 7020 VideAceWindowsService - ok
09:37:50.0676 7020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:37:50.0676 7020 volmgr - ok
09:37:50.0691 7020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:37:50.0707 7020 volmgrx - ok
09:37:50.0707 7020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:37:50.0723 7020 volsnap - ok
09:37:50.0723 7020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:37:50.0738 7020 vsmraid - ok
09:37:50.0754 7020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:37:50.0801 7020 VSS - ok
09:37:50.0801 7020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:37:50.0816 7020 vwifibus - ok
09:37:50.0816 7020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:37:50.0832 7020 vwififlt - ok
09:37:50.0832 7020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:37:50.0879 7020 W32Time - ok
09:37:50.0879 7020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:37:50.0894 7020 WacomPen - ok
09:37:50.0894 7020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:37:50.0925 7020 WANARP - ok
09:37:50.0925 7020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:37:50.0957 7020 Wanarpv6 - ok
09:37:50.0972 7020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:37:51.0003 7020 wbengine - ok
09:37:51.0003 7020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:37:51.0019 7020 WbioSrvc - ok
09:37:51.0035 7020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:37:51.0050 7020 wcncsvc - ok
09:37:51.0050 7020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:37:51.0066 7020 WcsPlugInService - ok
09:37:51.0066 7020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:37:51.0066 7020 Wd - ok
09:37:51.0081 7020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:37:51.0097 7020 Wdf01000 - ok
09:37:51.0097 7020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:37:51.0144 7020 WdiServiceHost - ok
09:37:51.0144 7020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:37:51.0159 7020 WdiSystemHost - ok
09:37:51.0159 7020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:37:51.0175 7020 WebClient - ok
09:37:51.0175 7020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:37:51.0206 7020 Wecsvc - ok
09:37:51.0206 7020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:37:51.0237 7020 wercplsupport - ok
09:37:51.0237 7020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:37:51.0269 7020 WerSvc - ok
09:37:51.0269 7020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:37:51.0300 7020 WfpLwf - ok
09:37:51.0300 7020 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:37:51.0315 7020 WimFltr - ok
09:37:51.0315 7020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:37:51.0331 7020 WIMMount - ok
09:37:51.0331 7020 WinDefend - ok
09:37:51.0331 7020 WinHttpAutoProxySvc - ok
09:37:51.0347 7020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:37:51.0378 7020 Winmgmt - ok
09:37:51.0393 7020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:37:51.0440 7020 WinRM - ok
09:37:51.0456 7020 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:37:51.0456 7020 WinUsb - ok
09:37:51.0471 7020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:37:51.0503 7020 Wlansvc - ok
09:37:51.0503 7020 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:37:51.0518 7020 wlcrasvc - ok
09:37:51.0534 7020 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:37:51.0565 7020 wlidsvc - ok
09:37:51.0581 7020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:37:51.0581 7020 WmiAcpi - ok
09:37:51.0596 7020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:37:51.0596 7020 wmiApSrv - ok
09:37:51.0596 7020 WMPNetworkSvc - ok
09:37:51.0612 7020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:37:51.0612 7020 WPCSvc - ok
09:37:51.0612 7020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:37:51.0627 7020 WPDBusEnum - ok
09:37:51.0627 7020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:37:51.0659 7020 ws2ifsl - ok
09:37:51.0659 7020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:37:51.0674 7020 wscsvc - ok
09:37:51.0674 7020 WSearch - ok
09:37:51.0705 7020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:37:51.0752 7020 wuauserv - ok
09:37:51.0752 7020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:37:51.0783 7020 WudfPf - ok
09:37:51.0783 7020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:37:51.0815 7020 WUDFRd - ok
09:37:51.0815 7020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:37:51.0846 7020 wudfsvc - ok
09:37:51.0846 7020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:37:51.0861 7020 WwanSvc - ok
09:37:51.0877 7020 X6va005 - ok
09:37:51.0877 7020 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
09:37:51.0893 7020 xusb21 - ok
09:37:51.0893 7020 ================ Scan global ===============================
09:37:51.0893 7020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:37:51.0908 7020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:37:51.0908 7020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:37:51.0908 7020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:37:51.0924 7020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:37:51.0924 7020 [Global] - ok
09:37:51.0924 7020 ================ Scan MBR ==================================
09:37:51.0924 7020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:37:52.0095 7020 \Device\Harddisk0\DR0 - ok
09:37:52.0095 7020 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
09:37:52.0501 7020 \Device\Harddisk1\DR1 - ok
09:37:52.0501 7020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
09:37:52.0891 7020 \Device\Harddisk2\DR2 - ok
09:37:52.0891 7020 ================ Scan VBR ==================================
09:37:52.0891 7020 [ 0000D083EC88054ACC85E8F3E1B51AE8 ] \Device\Harddisk0\DR0\Partition1
09:37:52.0891 7020 \Device\Harddisk0\DR0\Partition1 - ok
09:37:52.0891 7020 [ 0F575F966C9C24D4F8A7013CBA2172BD ] \Device\Harddisk1\DR1\Partition1
09:37:52.0891 7020 \Device\Harddisk1\DR1\Partition1 - ok
09:37:52.0907 7020 [ 1C05BDFB0CE1CA53B0A82A8A70ED29F0 ] \Device\Harddisk1\DR1\Partition2
09:37:52.0907 7020 \Device\Harddisk1\DR1\Partition2 - ok
09:37:52.0907 7020 [ B8E1A1F2E5FE066E750A0D635BB936B5 ] \Device\Harddisk2\DR2\Partition1
09:37:52.0907 7020 \Device\Harddisk2\DR2\Partition1 - ok
09:37:52.0907 7020 ============================================================
09:37:52.0907 7020 Scan finished
09:37:52.0907 7020 ============================================================
09:37:52.0907 2764 Detected object count: 4
09:37:52.0907 2764 Actual detected object count: 4
09:38:34.0044 2764 AsusUacSvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:38:34.0044 2764 AsusUacSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:38:34.0044 2764 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:38:34.0044 2764 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:38:34.0044 2764 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:38:34.0044 2764 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:38:34.0044 2764 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:38:34.0044 2764 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
10.09.2012, 16:22
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 08:00
| #23 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Hallo cosinus, hier das Ergebnis von ComboFix: [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 12-09-10.04 - Clarisse 11.09.2012 8:51.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8169.6549 [GMT 2:00]
ausgeführt von:: c:\users\Clarisse\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\programdata\FullRemove.exe
c:\users\Clarisse\AppData\Roaming\Help\coredb\storage
c:\windows\AsPatch10430001.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-11 bis 2012-09-11 ))))))))))))))))))))))))))))))
.
.
2012-09-11 06:55 . 2012-09-11 06:55 -------- d-----w- c:\users\Susi\AppData\Local\temp
2012-09-11 06:55 . 2012-09-11 06:55 -------- d-----w- c:\users\MU\AppData\Local\temp
2012-09-07 12:12 . 2012-09-07 12:12 -------- d-----w- C:\_OTL
2012-09-05 06:48 . 2012-09-05 12:25 -------- d-----w- c:\users\Clarisse\AppData\Roaming\SoftGrid Client
2012-09-05 06:48 . 2012-09-05 06:48 -------- d-----w- c:\users\Clarisse\AppData\Local\SoftGrid Client
2012-09-05 06:47 . 2012-09-05 06:47 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2012-09-05 06:47 . 2012-09-05 06:47 -------- d-----w- c:\program files\Microsoft Office
2012-09-05 06:47 . 2012-09-05 06:47 -------- d-----w- c:\users\Clarisse\AppData\Roaming\Nuance
2012-09-05 06:47 . 2012-09-05 06:47 -------- d-----w- c:\users\Clarisse\AppData\Roaming\FLEXnet
2012-09-05 06:47 . 2012-09-05 06:47 -------- d-----w- c:\users\Clarisse\AppData\Roaming\Zeon
2012-09-05 06:46 . 2012-09-05 06:48 -------- d-----w- c:\users\Clarisse\AppData\Roaming\TP
2012-08-31 13:41 . 2012-08-31 13:41 -------- d-----w- c:\users\Clarisse\AppData\Roaming\Malwarebytes
2012-08-31 13:40 . 2012-08-31 13:40 -------- d-----w- c:\programdata\Malwarebytes
2012-08-31 13:40 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 13:40 . 2012-08-31 13:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-29 14:43 . 2012-08-29 14:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-08-29 07:51 . 2012-08-29 07:51 -------- d-----w- C:\temp
2012-08-29 06:35 . 2012-08-29 06:35 -------- d-----w- c:\users\Clarisse\AppData\Roaming\Google Inc
2012-08-28 13:55 . 2012-08-28 13:55 -------- d-----w- c:\program files (x86)\ESET
2012-08-21 05:25 . 2012-02-14 10:49 114176 ----a-w- c:\windows\SysWow64\PCWizard.cpl
2012-08-21 05:25 . 2012-08-21 05:25 -------- d-----w- c:\program files (x86)\CPUID
2012-08-15 15:41 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 15:41 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 15:41 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 15:41 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 15:41 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 15:41 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 15:41 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 15:41 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 15:41 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 15:41 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 15:41 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 15:41 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-11 06:44 . 2012-06-06 14:20 380 ----a-w- c:\users\Clarisse\AppData\Roaming\sp_data.sys
2012-08-23 13:51 . 2012-06-06 12:49 380 ----a-w- c:\users\Fabian\AppData\Roaming\sp_data.sys
2012-08-21 05:22 . 2012-06-03 10:42 380 ----a-w- c:\users\Marcel\AppData\Roaming\sp_data.sys
2012-08-15 18:43 . 2011-12-26 07:46 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 15:30 . 2012-06-07 19:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 15:30 . 2012-06-07 19:39 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 17:50 . 2012-07-15 17:50 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-12 15:13 . 2012-07-17 19:28 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-06-20 13:21 . 2012-06-20 13:21 49152 ----a-r- c:\users\Fabian\AppData\Roaming\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-09-02 3058304]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-03-17 909312]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"CPMonitor"="c:\program files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe" [2011-04-01 84464]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-22 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-06 102568]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2012-01-15 48128]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-02 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-02 79360]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 135664]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 X6va005;X6va005;c:\users\Fabian\AppData\Local\Temp\005F9EB.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 AsusUacSvc;Asus process privilege adjust service;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2010-07-27 113840]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2012-01-10 219648]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2012-01-10 65024]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\DRIVERS\fspad_win764.sys [2011-06-19 53760]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-07 15:30]
.
2012-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2012-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-03-08 884584]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Fabian\AppData\Local\Temp\005F9EB.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-11 08:56:33
ComboFix-quarantined-files.txt 2012-09-11 06:56
.
Vor Suchlauf: 13 Verzeichnis(se), 60.752.678.912 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 59.988.631.552 Bytes frei
.
- - End Of File - - 569B00B1B57B7B2D7865F4C4C7CDA3C2
vG kuZa Edit: Nach Neustart scheint alles ohne Probleme zu laufen. Falls nicht ergänze ich dies hier. Geändert von kuZa (11.09.2012 um 08:20 Uhr) |
|
11.09.2012, 16:03
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 08:49
| #25 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Okay, mal sehen ob ich alles richtig befolgt habe, alle Scans liefen ohne Abstürze. Hier die 3 logs: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-12 08:46:24
Windows 6.1.7601 Service Pack 1
Running: q85gddjc.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\742f689df707
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\742f689df707 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
OSRAM (Hier waren einige Felder für den Scan rechts ausgegraut und man konnte sie nicht anhaken) OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 09:02:49 on 12.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ASMMAP64" (ASMMAP64) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys "ASUS Charger Driver" (AiCharger) - "ASUSTek Computer Inc." - C:\Windows\System32\DRIVERS\AiCharger.sys "ATKWMIACPI Driver_" (ATKWMIACPIIO_) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "cpuz135" (cpuz135) - "CPUID" - C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys "Trend Micro TDI Driver" (tmtdi) - "Trend Micro Inc." - C:\Windows\System32\DRIVERS\tmtdi.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys "X6va005" (X6va005) - ? - C:\Users\Fabian\AppData\Local\Temp\005F9EB.tmp (File not found) [Explorer] -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll {0E526CB5-7446-41D1-A403-19BFE95E8C23} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} "TmBpIeBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll {1CA1377B-DC1D-4A52-9585-6E06050FAC53} "TmIEPlugInBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "AsusVibeLauncher.lnk" - ? - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "ACMON" - "ASUS" - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ASUS Screen Saver Protector" - "ASUS" - C:\Windows\AsScrPro.exe "ASUSPRP" - "ASUSTek Computer Inc." - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage" - "ecareme" - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S "ATKMEDIA" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe "ATKOSD2" - "ASUSTek Computer Inc." - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe "CLMLServer" - "CyberLink" - "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "CPMonitor" - ? - "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe" "FLxHCIm64" - "Windows (R) Win 7 DDK provider" - "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" "HControlUser" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "LogMeIn Hamachi Ui" - "LogMeIn Inc." - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "Nuance PDF Reader-reminder" - "Nuance Communications, Inc." - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "RoccatKone+" - "ROCCAT GmbH" - "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "THX TruStudio NB Settings" - "Creative Technology Ltd" - "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r "UpdateLBPShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" "UpdReg" - "Creative Technology Ltd." - C:\Windows\UpdReg.EXE "VAWinAgent" - ? - C:\ExpressGateUtil\VAWinAgent.exe (File found, but it contains no detailed information) "Wireless Console 3" - "ASUSTeK Computer Inc." - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "ASLDR Service" (ASLDRService) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe "Asus process privilege adjust service" (AsusUacSvc) - ? - C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe "Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe "AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe "ATKGFNEX Service" (ATKGFNEXSrv) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Creative ALchemy AL6 Licensing Service" (Creative ALchemy AL6 Licensing Service) - "Creative Labs" - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe "Creative Audio Engine Licensing Service" (Creative Audio Engine Licensing Service) - "Creative Labs" - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Turbo Boost Technology Monitor 2.0" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "Trend Micro Solution Platform" (Amsp) - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe "VideAceWindowsService" (VideAceWindowsService) - ? - C:\ExpressGateUtil\VAWinService.exe (File found, but it contains no detailed information) "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== aswMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-12 09:13:01
-----------------------------
09:13:01.636 OS Version: Windows x64 6.1.7601 Service Pack 1
09:13:01.636 Number of processors: 8 586 0x2A07
09:13:01.636 ComputerName: GAMERS UserName: Clarisse
09:13:01.823 Initialize success
09:19:18.696 AVAST engine defs: 12091101
09:25:32.301 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:25:32.301 Disk 0 Vendor: INTEL_SS 4PC1 Size: 152627MB BusType: 3
09:25:32.301 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
09:25:32.301 Disk 1 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
09:25:32.301 Disk 0 MBR read successfully
09:25:32.316 Disk 0 MBR scan
09:25:32.316 Disk 0 Windows 7 default MBR code
09:25:32.316 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
09:25:32.316 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 127025 MB offset 52430848
09:25:32.332 Disk 0 scanning C:\Windows\system32\drivers
09:25:35.187 Service scanning
09:25:42.238 Modules scanning
09:25:42.238 Disk 0 trace - called modules:
09:25:42.238 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
09:25:42.253 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006fad790]
09:25:42.253 3 CLASSPNP.SYS[fffff88001bcf43f] -> nt!IofCallDriver -> [0xfffffa80069f6e40]
09:25:42.253 5 ACPI.sys[fffff88000f2d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80069f9050]
09:25:42.472 AVAST engine scan C:\Windows
09:25:43.283 AVAST engine scan C:\Windows\system32
09:26:41.487 AVAST engine scan C:\Windows\system32\drivers
09:26:44.716 AVAST engine scan C:\Users\Clarisse
09:26:50.348 AVAST engine scan C:\ProgramData
09:26:56.338 Scan finished successfully
09:33:22.501 Disk 0 MBR has been saved successfully to "G:\MBR.dat"
09:33:22.501 The log file has been saved successfully to "G:\aswMBR.txt"
vG kuZa Edit: Ich habe etwas editieren müssen, da waren scheinbar bereits Tags für den Code enthalten und es gab Code Fenster im Code Fenster. So müsste es richtig und lesbar sein hoffe ich Geändert von kuZa (12.09.2012 um 08:56 Uhr) |
|
12.09.2012, 13:59
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 07:37
| #27 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Juhu das freut mich cosinus, super Hier die beiden Logs - wenn man keine Ahnung hat kann einen das Ergebnis von SUPERAntiSpyware beängstigen, bin gespannt ob die Meldungen harmlos sind. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.12.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Clarisse :: GAMES [Administrator] 12.09.2012 15:49:45 mbam-log-2012-09-12 (15-49-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 517311 Laufzeit: 14 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/12/2012 at 05:17 PM
Application Version : 5.5.1016
Core Rules Database Version : 9213
Trace Rules Database Version: 7025
Scan type : Complete Scan
Total Scan Time : 00:43:35
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 680
Memory threats detected : 0
Registry items scanned : 66518
Registry threats detected : 0
File items scanned : 217185
File threats detected : 396
Adware.Tracking Cookie
C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Cookies\UU0J6EAB.txt [ /doubleclick.net ]
C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Cookies\C00CJJ9N.txt [ /invitemedia.com ]
C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Cookies\XXKLY1ST.txt [ /apmebf.com ]
C:\USERS\CLARISSE\Cookies\XXKLY1ST.txt [ Cookie:clarisse@apmebf.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\9XT8NIQO.txt [ Cookie:fabian@adform.net/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\NEA8BJCA.txt [ Cookie:fabian@track.adform.net/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\IPXQZLNX.txt [ Cookie:fabian@ad2.adfarm1.adition.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\1RW6430D.txt [ Cookie:fabian@serving-sys.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\JZNIC838.txt [ Cookie:fabian@bs.serving-sys.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\ZJVXEVBB.txt [ Cookie:fabian@atdmt.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\R9XTK1W8.txt [ Cookie:fabian@adfarm1.adition.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@ad3.adfarm1.adition[1].txt [ Cookie:fabian@ad3.adfarm1.adition.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@ad2.adfarm1.adition[1].txt [ Cookie:fabian@ad2.adfarm1.adition.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@serving-sys[2].txt [ Cookie:fabian@serving-sys.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@bs.serving-sys[2].txt [ Cookie:fabian@bs.serving-sys.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@specificclick[1].txt [ Cookie:fabian@specificclick.net/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@atdmt[1].txt [ Cookie:fabian@atdmt.com/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\BLGAR88J.txt [ Cookie:fabian@www.googleadservices.com/pagead/conversion/1052825818/ ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@imrworldwide[2].txt [ Cookie:fabian@imrworldwide.com/cgi-bin ]
C:\USERS\FABIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\fabian@adfarm1.adition[2].txt [ Cookie:fabian@adfarm1.adition.com/ ]
C:\USERS\FABIAN\Cookies\9XT8NIQO.txt [ Cookie:fabian@adform.net/ ]
C:\USERS\FABIAN\Cookies\NEA8BJCA.txt [ Cookie:fabian@track.adform.net/ ]
C:\USERS\FABIAN\Cookies\IPXQZLNX.txt [ Cookie:fabian@ad2.adfarm1.adition.com/ ]
C:\USERS\FABIAN\Cookies\1RW6430D.txt [ Cookie:fabian@serving-sys.com/ ]
C:\USERS\FABIAN\Cookies\JZNIC838.txt [ Cookie:fabian@bs.serving-sys.com/ ]
C:\USERS\FABIAN\Cookies\ZJVXEVBB.txt [ Cookie:fabian@atdmt.com/ ]
C:\USERS\FABIAN\Cookies\R9XTK1W8.txt [ Cookie:fabian@adfarm1.adition.com/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Benutzer5@doubleclick[1].txt [ Cookie:Benutzer5@doubleclick.net/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@bs.serving-sys[1].txt [ Cookie:Benutzer5@bs.serving-sys.com/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@imrworldwide[2].txt [ Cookie:Benutzer5@imrworldwide.com/cgi-bin ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@apmebf[1].txt [ Cookie:Benutzer5@apmebf.com/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@mediaplex[2].txt [ Cookie:Benutzer5@mediaplex.com/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@serving-sys[1].txt [ Cookie:Benutzer5@serving-sys.com/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@doubleclick[1].txt [ Cookie:Benutzer5@doubleclick.net/ ]
C:\USERS\Benutzer5\AppData\Roaming\Microsoft\Windows\Cookies\Low\Benutzer5@adfarm1.adition[1].txt [ Cookie:Benutzer5@adfarm1.adition.com/ ]
C:\USERS\Benutzer5\Cookies\Benutzer5@doubleclick[1].txt [ Cookie:Benutzer5@doubleclick.net/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\523O2R8S.txt [ Cookie:marcel@c.atdmt.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\66AE7GQE.txt [ Cookie:marcel@serving-sys.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\CYIPQDNJ.txt [ Cookie:marcel@adform.net/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\4WWBR42S.txt [ Cookie:marcel@atdmt.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\5YF4GT8B.txt [ Cookie:marcel@imrworldwide.com/cgi-bin ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7HI9SO8.txt [ Cookie:marcel@ad.zanox.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\ADF1FSG6.txt [ Cookie:marcel@invitemedia.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\GKM1KUWS.txt [ Cookie:marcel@adx.chip.de/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\130F1ORZ.txt [ Cookie:marcel@revsci.net/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\MR8S1A2U.txt [ Cookie:marcel@ad.yieldmanager.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\IUI39PQ8.txt [ Cookie:marcel@serving-sys.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\5ZLF7LK5.txt [ Cookie:marcel@adform.net/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\B2T9R0IL.txt [ Cookie:marcel@atdmt.com/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJ3IN9RJ.txt [ Cookie:marcel@tracker.vinsight.de/ ]
C:\USERS\MARCEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\VHNAY4V2.txt [ Cookie:marcel@zanox.com/ ]
C:\USERS\MARCEL\Cookies\523O2R8S.txt [ Cookie:marcel@c.atdmt.com/ ]
C:\USERS\MARCEL\Cookies\66AE7GQE.txt [ Cookie:marcel@serving-sys.com/ ]
C:\USERS\MARCEL\Cookies\CYIPQDNJ.txt [ Cookie:marcel@adform.net/ ]
C:\USERS\MARCEL\Cookies\4WWBR42S.txt [ Cookie:marcel@atdmt.com/ ]
C:\USERS\MARCEL\Cookies\5YF4GT8B.txt [ Cookie:marcel@imrworldwide.com/cgi-bin ]
C:\USERS\SUSI\AppData\Roaming\Microsoft\Windows\Cookies\Low\6BLFC9Y0.txt [ Cookie:susi@exoclick.com/ ]
C:\USERS\SUSI\AppData\Roaming\Microsoft\Windows\Cookies\Low\RKW2W5BQ.txt [ Cookie:susi@www.pornhubgold.com/ ]
C:\USERS\SUSI\AppData\Roaming\Microsoft\Windows\Cookies\Low\D9WYV0EV.txt [ Cookie:susi@c.atdmt.com/ ]
C:\USERS\SUSI\AppData\Roaming\Microsoft\Windows\Cookies\Low\0WAH39LT.txt [ Cookie:susi@pornhubgold.com/ ]
.apmebf.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adbuzzz.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adbuzzz.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediapartner.bigpoint.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediapartner.bigpoint.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediapartner.bigpoint.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserv.kwick.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserv.kwick.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
httptrack.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adsrv1.admediate.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.247activemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.traffective-tracking.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.traffective-tracking.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.traffective-tracking.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.traffective-tracking.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.traffective-tracking.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.mindshare.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gan-online.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dyntracker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.computecmedia.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dtp.missioncontrol.global-media.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.servestats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
servestats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
servestats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.tchibo.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.guj.122.2o7.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.olympiaverlag.122.2o7.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bwincom.122.2o7.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xm.xtendmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediamarkt.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
data.mediamarkt.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.track.senzapudore.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.track.senzapudore.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertstream.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertstream.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertstream.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adnetwork.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a.revenuemax.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracker.bmtsystem.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adjal.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
viewad.exchangecash.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.netdebit-counter.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracker.vinsight.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ibtimes.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ibtimes.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ibtimes.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ibtimes.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edates.traffective-tracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edates.traffective-tracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edates.traffective-tracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edates.traffective-tracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edates.traffective-tracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.de.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.mlsat02.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.quartermedia.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.quartermedia.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediafire.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.usenext.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ero-advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adformdsp.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adformdsp.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.hadj7.adjuggler.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banners.victor.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.banners.victor.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rotator.wigetmedia.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.partypoker.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\FABIAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\FABIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FABIAN@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\FABIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FABIAN@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Benutzer5@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Benutzer5@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\Benutzer5@H.ATDMT[2].TXT [ /H.ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Benutzer5@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Benutzer5@ATDMT[1].TXT [ /ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Benutzer5@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\Benutzer5\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\Benutzer5@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
lG kuZa |
|
13.09.2012, 16:07
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 16:17
| #29 |
| | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Hallo Cosinus, super danke =) Ich freue mich, tolle Arbeit von dir!! Ich habe bisher nichts feststellen können, er ist stabiler und die Anwendungen starten ohne Meldungen. Auf meinem eigenen Rechner habe ich gern Opera, dort konnte ich wählen dass er bei jedem neuen Cookie fragt. Das ist zwar nervig, aber man sieht mal wie viele Seiten und deren Werbung etwas ablegen wollen. Die Tipps sind super, den Cookie Culler und MVPS Host File schaue ich mir genauer an, ich kenne beides nicht. Das klingt interessant. Werde erwähnen dass es ohne eure Hilfe nicht möglich gewesen wäre ohne Neuinstallation und empfehle euch auf jeden Fall weiter - vor allem dass es auch mal ein paar Spenden geben sollte für die klasse Arbeit hier. Ich denke wir können dann gerne abschließen *freuvG kuZa |
|
13.09.2012, 22:26
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe Ich danke dir auch für die Spääände!    Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Nach dem Neustart einer Bereinigung mit ESETOnline Scan kommt die Fehlermeldung beim Start: Problem beim Starten von install_0_msi.exe |
| beim starten, bingbar, computer, computern, conduit, desktop, explorer, fehlermeldung, google, home, icreinstall, infizierte, installation, install_0_msi.exe, internet, internet explorer, neustart, notebook, opera, plug-in, problem, recycle.bin, scan, schutz, schädlinge, sekunden, sicherheit, starten, suche, temp, trojan, usb, win32/reveton.h, wscript.exe |
Linear-Darstellung
