Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: ad.adserverplus erscheint immer wieder

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.11.2012, 13:42   #1
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Seit einigen Tagen öffnet sich bei mir immer wieder ein neues Fenst von ad.adserverplus wenn ich im Internet surfe. Mit googlen bin ich leider nicht weitergekommen. Ich könnte daher wirklich Hilfe brauchen um den Trojaner wieder loszuwerden.

Ich habe bereits einen vollständigen Systemscan mit Malwarebyte durchgeführt. Der Log ist im Anhang.
Angehängte Dateien
Dateityp: txt malwarebytelog2012-11-09 (13-38-14).txt (28,1 KB, 172x aufgerufen)

Alt 09.11.2012, 20:45   #2
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Zusatz zu dem Malwarebyte-Ergebnis:
Nach dem Scan konnte ich das Gefundene nicht in die Quarantäne verschieben sondern nur ignorieren.

Hier nun die OTL.txt. Allerdings hat mir das Programm OTL nur diese Textdatei ausgegeben. Die Extra.txt wurde trotz mehrfachem scannen nicht erstellt.
OTL.txt ist als ZIP da sonst zu groß.
__________________


Alt 09.11.2012, 20:46   #3
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder





Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.
Zitat:
Lesestoff:
Regeln für die Bereinigung
Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:
  • Bitte arbeite alle Schritte der Reihe nach ab. Gib mir bitte zu jedem Schritt Rückmeldung (Logfile oder Antwort).
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread (möglichst in Code-Tags). Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.
  • Mache deinen Namen nur dann unkenntlich, wenn es unbedingt sein muss.
  • Sollte ich nicht nach 3 Tagen geantwortet haben, dann (und nur dann) schicke mir bitte eine PM.
  • Eine Bitte: Mache bitte solange mit, bis ich oder ein anderer Helfer dir mitteilt, dass du "sauber" bist. Das gebietet alleine schon die Höflichkeit und ein Verschwinden der Symptome bedeutet nicht, dass die Schädlinge auch wirklich alle entfernt wurden.
  • Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Wenn du das alles gelesen und verstanden hast, kannst du loslegen!
Schritt 1:
AdwCleaner: Werbeprogramme suchen und löschen

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.
Schritt 2:Customscan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
  • Stelle sicher, dass "Alle Benuzter Scannen" angehakt ist!
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.exe
%PROGRAMFILES(X86)%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /10
%appdata%\*. 
%appdata%\*.* 
%appdata%\*.exe /s
%localappdata%\*. 
%localappdata%\*.*
%localappdata%\*.exe /s
%allusersprofile%\*. 
%allusersprofile%\*.*
%allusersprofile%\*.exe /s
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread (möglichst in CODE-Tags)
__________________
__________________

Alt 09.11.2012, 22:06   #4
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Antwort zu Schritt 1:

# AdwCleaner v2.007 - Datei am 09/11/2012 um 23:00:06 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Eliza - ISIS
# Bootmodus : Normal
# Ausgeführt unter : E:\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\BrowserCompanion
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v16.0.2 (de)

*************************

AdwCleaner[S1].txt - [6759 octets] - [09/11/2012 23:00:06]

########## EOF - C:\AdwCleaner[S1].txt - [6819 octets] ##########

Alt 09.11.2012, 22:27   #5
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Antwort zu Schritt 2:
Es ist abermals nur die OTL.txt erstellt worden, die EXTRA.txt wiederum nicht.
Code:
ATTFilter
OTL logfile created on: 09.11.2012 23:08:31 - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 65,78% Memory free
7,73 Gb Paging File | 6,08 Gb Available in Paging File | 78,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 18,00 Gb Free Space | 30,72% Space Free | Partition Type: NTFS
Drive E: | 224,81 Gb Total Space | 78,80 Gb Free Space | 35,05% Space Free | Partition Type: NTFS
 
Computer Name: ISIS | User Name: Eliza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.09 21:30:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Desktop\OTL.exe
PRC - [2012.10.30 12:42:53 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.30 12:42:38 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.10.30 12:42:37 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- E:\Downloads\iTunesHelper.exe
PRC - [2012.07.03 02:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.02 10:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe
PRC - [2012.02.09 12:43:14 | 000,160,840 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\pdf24\pdf24.exe
PRC - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.01.29 15:18:50 | 000,330,696 | ---- | M] () -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe
PRC - [2010.08.20 21:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2010.07.21 16:36:02 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2009.11.23 12:59:40 | 000,965,592 | ---- | M] (Seagate) -- C:\Program Files (x86)\Seagate\BlackArmorBackup\TimounterMonitor.exe
PRC - [2009.11.23 12:58:44 | 000,376,456 | ---- | M] (Seagate) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009.11.23 12:54:56 | 004,386,472 | ---- | M] (Seagate) -- C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
PRC - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009.06.25 03:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.06.24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009.06.09 17:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.07.02 10:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe
MOD - [2012.05.11 20:34:45 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 20:34:38 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 20:34:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.07.21 16:36:02 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2010.07.21 16:34:20 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2010.07.21 16:34:00 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2010.07.21 16:33:58 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2010.07.21 16:33:52 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2010.07.21 16:33:50 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2010.07.21 16:33:46 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2010.07.21 16:33:22 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
MOD - [2009.10.15 10:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009.07.22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.12.14 06:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.09.08 16:56:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.17 02:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
SRV - [2012.10.30 12:42:53 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.30 12:42:38 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.28 11:28:21 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.01.29 15:18:50 | 000,330,696 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe -- (WTGService)
SRV - [2010.08.20 21:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.14 06:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\STacSV64.exe -- (STacSV)
SRV - [2009.11.23 12:58:54 | 000,829,088 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009.08.18 04:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.06.23 23:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.09 17:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2009.05.21 15:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009.03.02 19:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.30 12:42:55 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.09.24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.09.13 14:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.05 12:00:37 | 001,581,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\tdrpm174.sys -- (tdrpman174)
DRV:64bit: - [2011.01.05 12:00:36 | 000,926,752 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011.01.05 12:00:28 | 000,237,600 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\snman380.sys -- (snapman380)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.07 13:17:41 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.14 06:28:54 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.10.12 12:00:52 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.08 17:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.08.24 04:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.08.23 03:02:30 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.08.20 17:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.24 07:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009.07.23 19:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009.07.17 02:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.17 02:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.09 10:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.04 12:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009.07.02 01:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009.07.01 11:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009.07.01 05:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.01 05:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.01 05:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.25 10:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 09:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 09:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.07.24 10:04:34 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{73F473C6-8D47-47B0-936C-4F375FD57F58}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{5A71B0E6-D10A-44DC-B731-1B64DF92271A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7IRFC_de
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/?p=us"
FF - prefs.js..extensions.enabledAddons: adblockpopups@jessehakanen.net:0.4
FF - prefs.js..extensions.enabledAddons: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.2.1
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.11
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..keyword.URL: "hxxp://www.searchplusnetwork.com/?sp=vit4&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Downloads\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.29 08:18:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.28 11:28:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.28 11:28:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.28 11:28:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.28 11:28:18 | 000,000,000 | ---D | M]
 
[2012.03.05 13:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Extensions
[2012.11.01 15:41:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Firefox\Profiles\y103kx4v.default\extensions
[2012.04.26 05:27:31 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Firefox\Profiles\y103kx4v.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012.11.01 15:41:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Firefox\Profiles\y103kx4v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.28 14:24:56 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Firefox\Profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com
[2012.09.20 11:01:11 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\Firefox\Profiles\y103kx4v.default\extensions\ich@maltegoetz.de
[2012.06.25 10:23:17 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012.09.28 21:20:19 | 000,010,449 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012.08.30 18:20:19 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.26 10:48:11 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.03.05 13:50:46 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012.10.11 21:54:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012.09.02 00:24:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\170f337942c410233f577de5778810a6_expire
[2012.09.07 16:35:19 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire
[2012.08.12 12:51:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
[2012.08.20 21:05:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b507b6d0186efd3615b9b9233c5f708_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire
[2012.08.28 14:04:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012.10.21 18:41:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire
[2012.09.04 14:43:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire
[2012.09.04 14:43:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ccfda3ab1ab5bbc5d7af38840ba022b_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire
[2012.08.20 07:07:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9803c283e94e743374151c4bbe60a5df_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire
[2012.09.19 18:57:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire
[2012.08.27 19:40:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b5bc7084382de95cb69790e5d10db338_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire
[2012.10.30 12:05:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire
[2012.10.29 09:11:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire
[2012.08.20 07:07:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire
[2012.08.12 22:04:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d2458fd784f4eb7cff549c598cd14651_expire
[2012.08.26 16:46:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d83bb387de1d7c4401815e133de06c6b_expire
[2012.09.06 16:51:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
[2012.10.31 08:21:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\df4525cd4117d8ae1c7453b139759242_expire
[2012.09.19 18:57:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire
[2012.08.26 09:24:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e72174145ae7671ff95578a2089c26b2_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire
[2012.10.21 18:41:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2012.07.28 14:24:51 | 000,002,792 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\searchplugins\Plusnetwork.xml
[2012.10.28 11:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.28 11:28:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.28 11:28:21 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.03 17:07:32 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.07.19 10:50:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.14 08:27:33 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.19 10:50:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.19 10:50:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.19 10:50:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.19 10:50:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2997508001-3045223707-2186418640-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\BlackArmorBackup\TimounterMonitor.exe (Seagate)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BlackArmorBackupMonitor.exe] C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe (Seagate)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] E:\Downloads\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk =  File not found
O4 - Startup: C:\Users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\Eliza.Isis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\Eliza.Isis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Eliza.Isis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Eliza.Isis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77E33041-8CEA-4356-B7DD-820C5FDFBCC8}: NameServer = 172.17.25.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCE05F12-FB08-474C-8FEA-A07183AC047A}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{345a270f-ea54-11df-a4d7-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{345a270f-ea54-11df-a4d7-b8ac6f514268}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{345a2712-ea54-11df-a4d7-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{345a2712-ea54-11df-a4d7-b8ac6f514268}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{345a274c-ea54-11df-a4d7-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{345a274c-ea54-11df-a4d7-b8ac6f514268}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{345a274f-ea54-11df-a4d7-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{345a274f-ea54-11df-a4d7-b8ac6f514268}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8631cb85-8794-11df-8883-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{8631cb85-8794-11df-8883-b8ac6f514268}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8631cba7-8794-11df-8883-b8ac6f514268}\Shell - "" = AutoRun
O33 - MountPoints2\{8631cba7-8794-11df-8883-b8ac6f514268}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - Service
SafeBootMin:64bit: MCODS - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: mcmscsvc - Service
SafeBootNet:64bit: MCODS - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.09 21:30:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Desktop\OTL.exe
[2012.11.09 12:33:52 | 000,000,000 | ---D | C] -- C:\Users\Eliza.Isis\AppData\Roaming\Malwarebytes
[2012.11.09 12:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.09 12:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.09 12:33:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.09 12:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.09 11:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012.11.09 11:37:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2012.11.09 11:02:14 | 000,000,000 | ---D | C] -- E:\Desktop\wichtige datein
[2012.11.09 10:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.11.09 10:12:05 | 000,000,000 | ---D | C] -- C:\Users\Eliza.Isis\AppData\Local\Programs
[2012.11.09 09:58:57 | 000,000,000 | ---D | C] -- C:\Users\Eliza.Isis\AppData\Roaming\TeamViewer
[2012.10.28 11:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.28 10:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.10.28 10:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.10.28 10:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.10.28 10:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.10.28 10:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.10.28 10:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.10.27 08:34:35 | 000,000,000 | ---D | C] -- C:\Users\Eliza.Isis\AppData\Roaming\Avira
[2012.10.27 08:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.27 08:28:49 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.27 08:28:49 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.10.27 08:28:49 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.10.27 08:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.27 08:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[1 E:\Desktop\*.tmp files -> E:\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.09 23:09:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.09 23:09:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.09 23:06:56 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.09 23:06:56 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.09 23:06:56 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.09 23:06:56 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.09 23:06:56 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.09 23:02:11 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.09 23:01:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.09 23:01:53 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.09 22:56:56 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.09 21:43:25 | 000,016,863 | ---- | M] () -- E:\Desktop\OTL.zip
[2012.11.09 21:30:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Desktop\OTL.exe
[2012.11.09 19:19:12 | 000,000,000 | ---- | M] () -- C:\Users\Eliza.Isis\defogger_reenable
[2012.11.09 12:33:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.09 11:38:05 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2012.11.07 11:50:44 | 000,389,744 | ---- | M] () -- E:\Desktop\Letter Ana.jpeg
[2012.10.30 12:42:55 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.27 08:29:03 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[1 E:\Desktop\*.tmp files -> E:\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.09 21:43:25 | 000,016,863 | ---- | C] () -- E:\Desktop\OTL.zip
[2012.11.09 19:19:12 | 000,000,000 | ---- | C] () -- C:\Users\Eliza.Isis\defogger_reenable
[2012.11.09 12:33:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.09 11:38:05 | 000,001,288 | ---- | C] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2012.11.07 11:51:04 | 000,389,744 | ---- | C] () -- E:\Desktop\Letter Ana.jpeg
[2012.10.27 08:29:03 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.07 15:10:09 | 000,099,341 | ---- | C] () -- C:\Users\Eliza.Isis\wetter ohne don.jpg
[2012.07.14 10:10:03 | 001,806,123 | ---- | C] () -- C:\Users\Eliza.Isis\Weekly Daily Planner.pdf
[2012.06.20 17:44:19 | 000,197,611 | ---- | C] () -- C:\Users\Eliza.Isis\4395587_460s.jpg
[2012.06.20 17:44:19 | 000,170,759 | ---- | C] () -- C:\Users\Eliza.Isis\4472701_460s.jpg
[2012.06.20 17:44:19 | 000,108,953 | ---- | C] () -- C:\Users\Eliza.Isis\4435726_460s_v1.jpg
[2012.04.22 15:18:43 | 000,389,063 | ---- | C] () -- C:\Users\Eliza.Isis\SDC121103.jpg
[2012.03.27 07:28:35 | 000,020,598 | ---- | C] () -- C:\Users\Eliza.Isis\cover.jpg
[2011.05.13 05:57:27 | 000,000,000 | ---- | C] () -- C:\Users\Eliza.Isis\AppData\Local\{4E6CB673-BA92-4B87-A86A-E2AD62042B4C}
[2011.05.13 05:55:27 | 000,000,000 | ---- | C] () -- C:\Users\Eliza.Isis\AppData\Local\{0D31CC79-8B85-4980-89DB-B55FE8BD0BD3}
[2010.12.30 16:14:24 | 000,005,120 | ---- | C] () -- C:\Users\Eliza.Isis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.14 22:39:34 | 367,005,696 | ---- | C] () -- C:\Users\Eliza.Isis\SN 509.avi
[2010.08.17 18:40:55 | 004,115,805 | ---- | C] () -- C:\Users\Eliza.Isis\Unbenannte Muster.pat
[2010.08.17 18:40:51 | 098,571,661 | ---- | C] () -- C:\Users\Eliza.Isis\Unbenannte Werkzeugspitzen.abr
[2010.07.16 09:51:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Eliza.Isis\AppData\Local\{66fb5139-639a-5857-f529-5bec2a47facc}\n.
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.09 23:12:35 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion
[2012.03.04 10:07:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\calibre
[2010.07.26 18:48:54 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Crayon Physics Deluxe
[2012.11.09 23:03:02 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox
[2010.07.03 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Foxit
[2010.07.03 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Foxit Software
[2012.04.26 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\IrfanView
[2010.08.13 00:24:29 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\KeePass
[2011.01.05 11:49:44 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Leadertech
[2010.11.06 12:47:16 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Scan2PDF
[2011.01.05 16:50:07 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Seagate
[2012.11.09 09:58:57 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\TeamViewer
[2011.01.29 15:18:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010.07.03 14:54:19 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.02.24 04:23:12 | 000,000,000 | ---D | M] -- C:\1033
[2011.07.16 10:35:48 | 000,000,000 | ---D | M] -- C:\Budenberg
[2012.11.01 15:36:43 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2010.07.03 22:20:47 | 000,000,000 | ---D | M] -- C:\dell
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.01.23 05:08:30 | 000,000,000 | ---D | M] -- C:\Drivers
[2010.07.04 09:44:44 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.28 10:25:54 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.09 23:00:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.09 12:33:35 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.11.09 23:11:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.03.05 08:36:10 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.09 19:40:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %SYSTEMDRIVE%\*.* >
[2012.11.09 23:00:09 | 000,006,872 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010.02.24 05:50:19 | 000,003,639 | RH-- | M] () -- C:\dell.sdr
[2012.11.09 23:01:53 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2006.12.02 06:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012.11.09 23:01:52 | 4148,715,520 | -HS- | M] () -- C:\pagefile.sys
 
< %PROGRAMFILES%\*.exe >
 
< %PROGRAMFILES(X86)%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /10 >
 
< %appdata%\*.  >
[2011.01.31 12:36:03 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Adobe
[2010.07.03 18:08:51 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Apple Computer
[2010.07.03 14:54:41 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\ATI
[2012.10.27 08:34:35 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Avira
[2012.11.09 23:12:35 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion
[2012.03.04 10:07:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\calibre
[2010.07.26 18:48:54 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Crayon Physics Deluxe
[2010.07.15 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Creative
[2010.07.03 16:38:35 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\CyberLink
[2010.07.03 14:55:02 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Dell
[2012.11.09 23:03:02 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox
[2012.09.28 15:36:11 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\dvdcss
[2010.07.03 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Foxit
[2010.07.03 17:08:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Foxit Software
[2010.07.05 15:23:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Google
[2010.10.27 17:59:39 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\HP
[2010.07.03 14:54:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Identities
[2012.04.26 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\IrfanView
[2010.08.13 00:24:29 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\KeePass
[2011.01.05 11:49:44 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Leadertech
[2010.07.03 14:57:27 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Macromedia
[2012.11.09 12:33:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Media Center Programs
[2012.03.05 10:36:05 | 000,000,000 | --SD | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Microsoft
[2012.03.05 13:28:00 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Mozilla
[2010.07.15 19:59:21 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Reallusion
[2010.07.03 14:54:43 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Roxio
[2010.11.06 12:47:16 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Scan2PDF
[2011.01.05 16:50:07 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Seagate
[2012.11.09 14:36:55 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Skype
[2012.05.30 15:43:01 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\skypePM
[2012.11.09 09:58:57 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\TeamViewer
[2011.01.29 15:18:52 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent
[2012.08.19 18:04:34 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Roaming\vlc
 
< %appdata%\*.*  >
 
< %appdata%\*.exe /s >
[2012.07.02 10:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe
[2012.07.03 02:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.03 02:21:40 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.03 02:21:46 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eliza.Isis\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2009.06.15 14:51:54 | 000,135,168 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\Del_CD_ROM.exe
[2010.06.07 09:31:41 | 000,042,448 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\InstallWTGService.exe
[2010.06.07 09:31:21 | 000,409,040 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\OSU.exe
[2010.06.07 09:31:06 | 001,148,368 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\Setup.exe
[2010.09.02 15:45:00 | 001,111,504 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\Uninstaller.exe
[2010.09.02 16:27:16 | 007,247,312 | ---- | M] (WebToGo Mobile Internet GmbH) -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\Verbindungsassistent.exe
[2010.09.02 15:44:56 | 000,497,104 | ---- | M] (WebToGo Mobiles Internet GmbH) -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\Verbindungsassistent_SMSMMS.exe
[2010.06.07 09:31:11 | 000,329,168 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\WTGService.exe
[2010.06.07 09:31:36 | 000,243,152 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\Verbindungsassistent\BackUp\WTGVistaUtil.exe
 
< %localappdata%\*.  >
[2011.01.31 12:36:03 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Adobe
[2010.07.03 14:54:11 | 000,000,000 | -HSD | M] -- C:\Users\Eliza.Isis\AppData\Local\Anwendungsdaten
[2010.07.03 18:02:15 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Apple
[2011.06.20 21:34:25 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Apple Computer
[2010.07.03 14:54:41 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\ATI
[2010.07.03 14:54:41 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Broadcom
[2012.02.03 19:56:00 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\DDMSettings
[2012.09.10 10:09:22 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Diagnostics
[2012.10.04 14:19:07 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Google
[2010.11.06 12:42:19 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\HP
[2012.07.02 15:56:27 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Macromedia
[2012.07.28 14:24:50 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Messenger_Plus_Live
[2012.09.08 12:34:14 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Microsoft
[2011.08.04 20:05:07 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Microsoft Games
[2012.05.20 13:36:13 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Microsoft Help
[2010.07.03 16:51:33 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Mozilla
[2012.03.27 10:04:11 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\PDF24
[2010.08.15 10:07:38 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\PowerDVD DX
[2012.11.09 10:12:05 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Programs
[2012.11.09 23:02:30 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\SoftThinks
[2010.07.03 14:54:45 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Stardock_Corporation
[2010.07.03 14:54:40 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\SupportSoft
[2012.11.09 23:15:46 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\Temp
[2010.07.03 14:54:11 | 000,000,000 | -HSD | M] -- C:\Users\Eliza.Isis\AppData\Local\Temporary Internet Files
[2010.07.03 14:54:11 | 000,000,000 | -HSD | M] -- C:\Users\Eliza.Isis\AppData\Local\Verlauf
[2010.07.26 18:47:19 | 000,000,000 | ---D | M] -- C:\Users\Eliza.Isis\AppData\Local\VirtualStore
 
< %localappdata%\*.* >
[2011.09.07 15:58:40 | 000,005,120 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.14 08:20:34 | 000,115,288 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Local\GDIPFONTCACHEV1.DAT
[2012.11.09 23:00:45 | 003,122,397 | -H-- | M] () -- C:\Users\Eliza.Isis\AppData\Local\IconCache.db
[2011.05.13 05:55:27 | 000,000,000 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Local\{0D31CC79-8B85-4980-89DB-B55FE8BD0BD3}
[2011.05.13 05:57:27 | 000,000,000 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Local\{4E6CB673-BA92-4B87-A86A-E2AD62042B4C}
 
< %localappdata%\*.exe /s >
[2012.07.26 11:53:38 | 004,179,293 | ---- | M] (Lavalys, Inc.                                               ) -- C:\Users\Eliza.Isis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYL09JO\everesthome220 (1).exe
[2012.07.26 11:53:44 | 004,179,293 | ---- | M] (Lavalys, Inc.                                               ) -- C:\Users\Eliza.Isis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYL09JO\everesthome220.exe
[2012.10.28 10:12:50 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Users\Eliza.Isis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYL09JO\SetupAdmin[1].exe
[2012.11.09 10:08:42 | 054,304,848 | ---- | M] (Safer-Networking Ltd.                                       ) -- C:\Users\Eliza.Isis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYL09JO\spybotsd-2.0.11-rc3.exe
[2008.04.24 00:44:50 | 000,152,576 | R--- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Eliza.Isis\AppData\Local\Temp\DataCard_Setup64.exe
[2006.10.30 12:37:35 | 000,145,184 | R--- | M] (Microsoft Corporation) -- C:\Users\Eliza.Isis\AppData\Local\Temp\ose00000.exe
[2008.02.19 23:16:48 | 000,007,168 | R--- | M] () -- C:\Users\Eliza.Isis\AppData\Local\Temp\ResetDevice.exe
[2839 C:\Users\Eliza.Isis\AppData\Local\Temp\*.tmp files -> C:\Users\Eliza.Isis\AppData\Local\Temp\*.tmp -> ]
[2009.07.15 03:35:48 | 000,245,760 | R--- | M] () -- C:\Users\Eliza.Isis\AppData\Local\Temp\HP\OJ4500vG510a-f_Basic_13\setup\hpwlpd01.exe
[2012.10.23 10:47:48 | 007,859,112 | ---- | M] (TeamViewer GmbH) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\TeamViewer.exe
[2012.10.23 11:20:24 | 003,785,560 | ---- | M] (TeamViewer) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_.exe
[2012.10.23 10:47:48 | 002,285,480 | ---- | M] (TeamViewer GmbH) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Desktop.exe
[2012.10.23 10:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe
[2012.10.23 10:40:39 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\tv_w32.exe
[2012.10.23 10:40:39 | 000,129,448 | ---- | M] (TeamViewer GmbH) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\tv_x64.exe
[2012.10.23 11:20:09 | 000,477,600 | ---- | M] (TeamViewer) -- C:\Users\Eliza.Isis\AppData\Local\Temp\TeamViewer\Version7\uninstall.exe
 
< %allusersprofile%\*.  >
[2012.10.28 10:26:40 | 000,000,000 | ---D | M] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2011.01.31 12:36:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2012.10.28 10:22:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2010.07.03 18:03:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2010.06.23 23:18:19 | 000,000,000 | ---D | M] -- C:\ProgramData\ATI
[2012.10.27 08:28:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2010.07.15 19:59:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Creative
[2010.07.05 15:20:38 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2010.06.23 23:18:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Dell
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2012.01.29 08:18:33 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010.07.03 17:10:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2010.07.05 15:38:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Hewlett-Packard
[2010.10.27 17:55:24 | 000,000,000 | ---D | M] -- C:\ProgramData\HP
[2010.02.24 04:42:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Macrovision
[2012.11.09 12:33:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2010.07.03 11:25:03 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2010.11.07 11:44:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Media Center Programs
[2012.11.09 10:37:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft
[2012.10.11 07:40:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2012.05.05 14:38:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2010.02.24 04:25:28 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr
[2011.01.05 12:02:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Seagate
[2012.08.19 19:47:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2010.02.24 04:42:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Sonic
[2012.11.09 10:18:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2011.01.05 11:53:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2010.02.24 04:25:31 | 000,000,000 | ---D | M] -- C:\ProgramData\SupportSoft
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010.02.24 04:43:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall
[2010.07.03 10:33:41 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012.07.09 19:43:46 | 000,000,000 | ---D | M] -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}
[2010.07.03 18:03:47 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
 
< %allusersprofile%\*.* >
[2010.07.16 09:51:21 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.10.27 18:00:46 | 000,000,393 | ---- | M] () -- C:\ProgramData\hpzinstall.log
 
< %allusersprofile%\*.exe /s >
[2010.08.17 00:29:52 | 002,177,492 | ---- | M] (Fin-Fin Patch-Team                                                                                                                                                                                                                                                                                          ) -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\finfin90seger.exe
[2010.08.06 18:35:04 | 000,146,432 | ---- | M] () -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\HDInstall\485D1967\66C1EE2F\teobackup.exe
[1998.09.07 21:40:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\HDInstall\B3709F8\73F976D9\REGSVR32.EXE
[2010.08.14 18:20:54 | 000,537,088 | ---- | M] (Fin-Fin Patch-Team) -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\HDInstall\D471873A\66C1EE2F\FinFin.exe
[2010.08.14 13:55:14 | 000,946,688 | ---- | M] (FUJITSU LIMITED.) -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\HDInstall\E3C83EA8\66C1EE2F\teoboot.exe
[1997.11.04 15:20:28 | 000,193,024 | ---- | M] (Astonish Inc.    www.astonishinc.com ) -- C:\ProgramData\{82918CE8-C331-410C-B8AA-7F70EE7C31D1}\HDInstall\F9A333EF\66C1EE2F\photobook.exe
[2012.08.21 13:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
[2012.08.21 13:01:20 | 000,131,544 | ---- | M] (GEAR Software, Inc.) -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\10364\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\10364\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\10364\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\10364\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11509\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11509\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11509\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11509\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11588\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11588\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11588\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\11588\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\13816\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\13816\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\13816\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\13816\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\14445\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\14445\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\14445\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\14445\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\15593\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\15593\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\15593\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\15593\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16185\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16185\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16185\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16185\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16311\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16311\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16311\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\16311\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\17045\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\17045\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\17045\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\17045\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\18647\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\18647\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\18647\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\18647\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\20434\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\20434\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\20434\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\20434\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2073\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2073\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2073\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2073\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21841\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21841\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21841\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21841\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21867\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21867\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21867\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\21867\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2215\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2215\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2215\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2215\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23196\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23196\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23196\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23196\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23683\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23683\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23683\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\23683\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2389\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2389\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2389\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\2389\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\24276\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\24276\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\24276\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\24276\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27264\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27264\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27264\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27264\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27908\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27908\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27908\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\27908\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\28200\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\28200\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\28200\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\28200\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\29100\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\29100\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\29100\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\29100\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30526\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30526\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30526\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30526\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30533\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30533\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30533\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\30533\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\32677\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\32677\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\32677\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\32677\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\3898\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\3898\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\3898\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\3898\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4133\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4133\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4133\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4133\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4464\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4464\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4464\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\4464\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\6933\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\6933\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\6933\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\6933\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8060\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8060\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8060\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8060\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8098\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8098\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8098\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8098\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8647\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8647\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8647\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8647\ReaderUpdater.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8912\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8912\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8912\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.1\8912\ReaderUpdater.exe
[2010.11.10 22:03:57 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA0000000001}\setup.exe
[2012.10.28 10:12:50 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\ProgramData\Apple Computer\Installer Cache\iTunes 10.7.0.21\SetupAdmin.exe
[2012.10.30 12:42:30 | 000,619,808 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\ProgramData\Avira\AntiVir Desktop\TEMP\SELFUPDATE\update.exe
[2012.10.30 12:42:30 | 000,046,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\ProgramData\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
[2009.02.27 09:13:26 | 000,204,448 | ---- | M] () -- C:\ProgramData\Dell\DellDock\uninstaller.exe
[2012.01.29 08:18:26 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\ControlPanel\Uninstaller.exe
[2012.01.29 08:18:27 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\DesktopService\Uninstaller.exe
[2012.01.29 08:18:33 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\DivXPlusShortcuts\Uninstaller.exe
[2012.01.29 08:18:25 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe
[2012.01.29 08:18:28 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\ProgramData\DivX\OVSHelper\Uninstaller.exe
[2010.07.09 14:43:59 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\ProgramData\DivX\Qt4.5\Uninstaller.exe
[2012.01.29 08:17:04 | 000,927,072 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\Setup\DivXSetup.exe
[2012.01.29 08:18:29 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\Update\Uninstaller.exe
[2012.01.29 08:18:32 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\ProgramData\DivX\WebPlayer\Uninstaller.exe
[2011.08.11 07:07:37 | 000,527,024 | ---- | M] (Google Inc.) -- C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2008.09.26 16:19:04 | 001,021,216 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\agent.exe
[2007.03.20 22:25:36 | 000,205,744 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\dwusplay.exe
[2008.09.26 16:19:06 | 000,279,840 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\ISDM.exe
[2008.09.26 16:19:04 | 000,079,136 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\issch.exe
[2008.09.26 16:19:04 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
[2009.10.19 19:12:58 | 004,419,568 | ---- | M] (Sonic Solutions) -- C:\ProgramData\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 176 bytes -> E:\Desktop\Letter Ana.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >
         


Alt 09.11.2012, 23:11   #6
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Hm. Da ist auch noch was unschönes. Aber der Reihe nach:

Schritt 1:
Fix mit OTL

Zitat:
Warnung: Dieses Skript wurde nur für diesen User und diese spezielle Situation geschrieben. Auf anderen Computern ausgeführt kann es nachhaltige Schäden anrichten!
Hinweis: Wenn du deinen Benutzernamen unkenntlich gemacht hast, musst du wieder deinen richtigen Namen einsetzen, ansonsten wird das Skript nicht funktionieren.
  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..keyword.URL: "hxxp://www.searchplusnetwork.com/?sp=vit4&q="
[2012.10.11 21:54:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache
[2012.07.28 14:24:51 | 000,002,792 | ---- | M] () -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\searchplugins\Plusnetwork.xml
[2012.10.11 21:54:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012.09.02 00:24:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\170f337942c410233f577de5778810a6_expire
[2012.09.07 16:35:19 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire
[2012.08.12 12:51:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
[2012.08.20 21:05:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b507b6d0186efd3615b9b9233c5f708_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire
[2012.08.28 14:04:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012.10.21 18:41:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire
[2012.09.04 14:43:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire
[2012.09.04 14:43:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ccfda3ab1ab5bbc5d7af38840ba022b_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire
[2012.08.20 07:07:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9803c283e94e743374151c4bbe60a5df_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire
[2012.09.19 18:57:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire
[2012.08.27 19:40:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b5bc7084382de95cb69790e5d10db338_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire
[2012.10.30 12:05:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire
[2012.10.29 09:11:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire
[2012.08.20 07:07:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire
[2012.08.12 22:04:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d2458fd784f4eb7cff549c598cd14651_expire
[2012.08.26 16:46:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d83bb387de1d7c4401815e133de06c6b_expire
[2012.09.06 16:51:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
[2012.10.31 08:21:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\df4525cd4117d8ae1c7453b139759242_expire
[2012.09.19 18:57:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire
[2012.08.26 09:24:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e72174145ae7671ff95578a2089c26b2_expire
[2012.11.09 23:04:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012.11.09 23:04:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire
[2012.10.21 18:41:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire
[2012.11.09 23:04:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012.11.07 12:37:41 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire




:commands
[Emptytemp]
         
  • Schliesse bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop. ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
  • Kopiere nun den Inhalt hier in deinen Thread, möglichst in Code-Tags.

Hinweis: Die Ausführung des Kommandos kann einige Minuten dauern und OTL scheint in dieser Zeit nicht zu reagieren. Bitte geduldig sein!

Schritt 2:
Scan mit aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
Schritt 3:
Scan mit dem TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Klicke auf Change parameters, setze einen Haken bei Detect TDLFS file system und bestätige mit OK.
  • Drücke Start Scan
  • Warnung:
    Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________
--> ad.adserverplus erscheint immer wieder

Alt 09.11.2012, 23:34   #7
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Antwort zu Schritt 1:
Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: bbrs_002@blabbers.com:1.0.5 removed from extensions.enabledAddons
Prefs.js: "hxxp://www.searchplusnetwork.com/?sp=vit4&q=" removed from keyword.URL
File C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache not found.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\searchplugins\Plusnetwork.xml moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\170f337942c410233f577de5778810a6_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b507b6d0186efd3615b9b9233c5f708_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ccfda3ab1ab5bbc5d7af38840ba022b_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9803c283e94e743374151c4bbe60a5df_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b5bc7084382de95cb69790e5d10db338_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d2458fd784f4eb7cff549c598cd14651_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d83bb387de1d7c4401815e133de06c6b_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\df4525cd4117d8ae1c7453b139759242_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e72174145ae7671ff95578a2089c26b2_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire moved successfully.
C:\Users\Eliza.Isis\AppData\Roaming\mozilla\firefox\profiles\y103kx4v.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Eliza
->Temp folder emptied: 588069 bytes
->Temporary Internet Files folder emptied: 14784981 bytes
->Java cache emptied: 7797526 bytes
->Flash cache emptied: 405 bytes
 
User: Eliza.Isis
->Temp folder emptied: 75241615 bytes
->Temporary Internet Files folder emptied: 589054731 bytes
->Java cache emptied: 14129413 bytes
->FireFox cache emptied: 742533812 bytes
->Flash cache emptied: 53030 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4414 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36046003 bytes
RecycleBin emptied: 4127814367 bytes
 
Total Files Cleaned = 5.348,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11102012_002538

Files\Folders moved on Reboot...
C:\Users\Eliza.Isis\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Antwort zu Schritt 2:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-10 00:36:05
-----------------------------
00:36:05.566    OS Version: Windows x64 6.1.7601 Service Pack 1
00:36:05.566    Number of processors: 4 586 0x2502
00:36:05.566    ComputerName: ISIS  UserName: 
00:36:05.909    Initialize success
00:36:57.246    AVAST engine defs: 12110900
00:37:24.030    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:37:24.030    Disk 0 Vendor: SAMSUNG_HM320II 2AC101C4 Size: 305245MB BusType: 11
00:37:24.061    Disk 0 MBR read successfully
00:37:24.061    Disk 0 MBR scan
00:37:24.077    Disk 0 Windows 7 default MBR code
00:37:24.092    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
00:37:24.123    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 80325
00:37:24.155    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        59998 MB offset 30800325
00:37:24.155    Disk 0 Partition - 00     05     Extended            230204 MB offset 153677790
00:37:24.217    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       230203 MB offset 153677824
00:37:24.264    Disk 0 scanning C:\Windows\system32\drivers
00:37:48.194    Service scanning
00:38:21.141    Modules scanning
00:38:21.157    Disk 0 trace - called modules:
00:38:21.344    ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
00:38:21.360    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b7e790]
00:38:21.360    3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa8004a86930]
00:38:21.375    5 stdflt.sys[fffff88001bf5a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004927680]
00:38:22.202    AVAST engine scan C:\Windows
00:38:26.742    AVAST engine scan C:\Windows\system32
00:44:30.151    AVAST engine scan C:\Windows\system32\drivers
00:44:47.810    AVAST engine scan C:\Users\Eliza.Isis
00:46:46.448    AVAST engine scan C:\ProgramData
00:48:29.331    Scan finished successfully
00:48:55.726    Disk 0 MBR has been saved successfully to "E:\Desktop\MBR.dat"
00:48:55.742    The log file has been saved successfully to "E:\Desktop\aswMBR.txt"
         
Antwort für Schritt 3:
Hierbei hat er aber anscheinend nichts gefunden.
Code:
ATTFilter
00:51:05.0722 2728  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:51:05.0800 2728  ============================================================
00:51:05.0800 2728  Current date / time: 2012/11/10 00:51:05.0800
00:51:05.0800 2728  SystemInfo:
00:51:05.0800 2728  
00:51:05.0800 2728  OS Version: 6.1.7601 ServicePack: 1.0
00:51:05.0800 2728  Product type: Workstation
00:51:05.0800 2728  ComputerName: ISIS
00:51:05.0800 2728  UserName: Eliza
00:51:05.0800 2728  Windows directory: C:\Windows
00:51:05.0800 2728  System windows directory: C:\Windows
00:51:05.0800 2728  Running under WOW64
00:51:05.0800 2728  Processor architecture: Intel x64
00:51:05.0800 2728  Number of processors: 4
00:51:05.0800 2728  Page size: 0x1000
00:51:05.0800 2728  Boot type: Normal boot
00:51:05.0800 2728  ============================================================
00:51:06.0985 2728  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:51:07.0001 2728  ============================================================
00:51:07.0001 2728  \Device\Harddisk0\DR0:
00:51:07.0001 2728  MBR partitions:
00:51:07.0001 2728  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
00:51:07.0001 2728  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x752F619
00:51:07.0016 2728  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x928F000, BlocksNum 0x1C19D800
00:51:07.0016 2728  ============================================================
00:51:07.0048 2728  C: <-> \Device\Harddisk0\DR0\Partition2
00:51:07.0079 2728  E: <-> \Device\Harddisk0\DR0\Partition3
00:51:07.0079 2728  ============================================================
00:51:07.0079 2728  Initialize success
00:51:07.0079 2728  ============================================================
00:51:25.0892 5848  ============================================================
00:51:25.0892 5848  Scan started
00:51:25.0892 5848  Mode: Manual; TDLFS; 
00:51:25.0892 5848  ============================================================
00:51:26.0953 5848  ================ Scan system memory ========================
00:51:26.0953 5848  System memory - ok
00:51:26.0953 5848  ================ Scan services =============================
00:51:27.0172 5848  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:51:27.0172 5848  1394ohci - ok
00:51:27.0218 5848  [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
00:51:27.0234 5848  Acceler - ok
00:51:27.0281 5848  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:51:27.0281 5848  ACPI - ok
00:51:27.0312 5848  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:51:27.0312 5848  AcpiPmi - ok
00:51:27.0374 5848  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
00:51:27.0390 5848  adp94xx - ok
00:51:27.0421 5848  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
00:51:27.0421 5848  adpahci - ok
00:51:27.0452 5848  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
00:51:27.0452 5848  adpu320 - ok
00:51:27.0484 5848  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:51:27.0484 5848  AeLookupSvc - ok
00:51:27.0593 5848  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe
00:51:27.0593 5848  AESTFilters - ok
00:51:27.0655 5848  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
00:51:27.0655 5848  AFD - ok
00:51:27.0702 5848  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
00:51:27.0702 5848  agp440 - ok
00:51:27.0733 5848  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
00:51:27.0733 5848  ALG - ok
00:51:27.0764 5848  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:51:27.0764 5848  aliide - ok
00:51:27.0811 5848  [ 16D2883EA6296333435DF0C8B7D164B8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:51:27.0811 5848  AMD External Events Utility - ok
00:51:27.0827 5848  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
00:51:27.0827 5848  amdide - ok
00:51:27.0858 5848  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
00:51:27.0858 5848  AmdK8 - ok
00:51:27.0889 5848  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:51:27.0889 5848  AmdPPM - ok
00:51:27.0936 5848  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:51:27.0936 5848  amdsata - ok
00:51:27.0952 5848  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
00:51:27.0967 5848  amdsbs - ok
00:51:27.0983 5848  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:51:27.0983 5848  amdxata - ok
00:51:28.0186 5848  [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:51:28.0186 5848  AntiVirSchedulerService - ok
00:51:28.0217 5848  [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:51:28.0217 5848  AntiVirService - ok
00:51:28.0279 5848  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
00:51:28.0279 5848  AppID - ok
00:51:28.0295 5848  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:51:28.0295 5848  AppIDSvc - ok
00:51:28.0342 5848  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
00:51:28.0342 5848  Appinfo - ok
00:51:28.0435 5848  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:51:28.0435 5848  Apple Mobile Device - ok
00:51:28.0482 5848  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
00:51:28.0482 5848  arc - ok
00:51:28.0498 5848  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
00:51:28.0498 5848  arcsas - ok
00:51:28.0529 5848  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:51:28.0529 5848  AsyncMac - ok
00:51:28.0576 5848  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
00:51:28.0576 5848  atapi - ok
00:51:28.0607 5848  [ 506934DF94E3197F4A1BBE8FBEAB0CCD ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
00:51:28.0607 5848  AtiHdmiService - ok
00:51:28.0778 5848  [ C9F90FEE4FDC829382B9130A92FB744C ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
00:51:28.0919 5848  atikmdag - ok
00:51:28.0981 5848  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:51:28.0981 5848  AudioEndpointBuilder - ok
00:51:29.0012 5848  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:51:29.0012 5848  AudioSrv - ok
00:51:29.0059 5848  [ 25B63A3C24A5E0223A35DE2F0D9E0FAF ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
00:51:29.0059 5848  avgntflt - ok
00:51:29.0090 5848  [ F702D64E64FF3AF7F4D9B7789D00DE27 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
00:51:29.0090 5848  avipbb - ok
00:51:29.0106 5848  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
00:51:29.0106 5848  avkmgr - ok
00:51:29.0153 5848  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:51:29.0153 5848  AxInstSV - ok
00:51:29.0200 5848  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
00:51:29.0215 5848  b06bdrv - ok
00:51:29.0262 5848  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:51:29.0262 5848  b57nd60a - ok
00:51:29.0371 5848  [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:51:29.0371 5848  BBSvc - ok
00:51:29.0434 5848  [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:51:29.0434 5848  BBUpdate - ok
00:51:29.0465 5848  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
00:51:29.0465 5848  BCM42RLY - ok
00:51:29.0558 5848  [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
00:51:29.0590 5848  BCM43XX - ok
00:51:29.0652 5848  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:51:29.0652 5848  BDESVC - ok
00:51:29.0683 5848  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:51:29.0683 5848  Beep - ok
00:51:29.0761 5848  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
00:51:29.0777 5848  BFE - ok
00:51:29.0839 5848  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
00:51:29.0855 5848  BITS - ok
00:51:29.0870 5848  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:51:29.0870 5848  blbdrive - ok
00:51:29.0948 5848  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:51:29.0964 5848  Bonjour Service - ok
00:51:30.0011 5848  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:51:30.0026 5848  bowser - ok
00:51:30.0058 5848  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:51:30.0058 5848  BrFiltLo - ok
00:51:30.0089 5848  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:51:30.0089 5848  BrFiltUp - ok
00:51:30.0120 5848  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
00:51:30.0136 5848  Browser - ok
00:51:30.0151 5848  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:51:30.0167 5848  Brserid - ok
00:51:30.0182 5848  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:51:30.0182 5848  BrSerWdm - ok
00:51:30.0198 5848  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:51:30.0198 5848  BrUsbMdm - ok
00:51:30.0214 5848  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:51:30.0214 5848  BrUsbSer - ok
00:51:30.0276 5848  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
00:51:30.0276 5848  BthEnum - ok
00:51:30.0323 5848  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
00:51:30.0323 5848  BTHMODEM - ok
00:51:30.0338 5848  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:51:30.0338 5848  BthPan - ok
00:51:30.0385 5848  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
00:51:30.0401 5848  BTHPORT - ok
00:51:30.0432 5848  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
00:51:30.0432 5848  bthserv - ok
00:51:30.0463 5848  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
00:51:30.0479 5848  BTHUSB - ok
00:51:30.0510 5848  [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
00:51:30.0526 5848  btwaudio - ok
00:51:30.0557 5848  [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
00:51:30.0572 5848  btwavdt - ok
00:51:30.0635 5848  [ 6DDE1E97BE4D50253DFB9090A6A62524 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:51:30.0650 5848  btwdins - ok
00:51:30.0666 5848  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
00:51:30.0666 5848  btwl2cap - ok
00:51:30.0682 5848  [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
00:51:30.0682 5848  btwrchid - ok
00:51:30.0713 5848  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:51:30.0728 5848  cdfs - ok
00:51:30.0775 5848  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:51:30.0775 5848  cdrom - ok
00:51:30.0838 5848  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
00:51:30.0838 5848  CertPropSvc - ok
00:51:30.0853 5848  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
00:51:30.0853 5848  circlass - ok
00:51:30.0900 5848  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
00:51:30.0916 5848  CLFS - ok
00:51:30.0994 5848  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:51:31.0009 5848  clr_optimization_v2.0.50727_32 - ok
00:51:31.0072 5848  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:51:31.0087 5848  clr_optimization_v2.0.50727_64 - ok
00:51:31.0196 5848  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:51:31.0212 5848  clr_optimization_v4.0.30319_32 - ok
00:51:31.0228 5848  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:51:31.0228 5848  clr_optimization_v4.0.30319_64 - ok
00:51:31.0259 5848  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:51:31.0259 5848  CmBatt - ok
00:51:31.0290 5848  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:51:31.0290 5848  cmdide - ok
00:51:31.0337 5848  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
00:51:31.0352 5848  CNG - ok
00:51:31.0384 5848  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:51:31.0384 5848  Compbatt - ok
00:51:31.0446 5848  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
00:51:31.0446 5848  CompositeBus - ok
00:51:31.0462 5848  COMSysApp - ok
00:51:31.0477 5848  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
00:51:31.0477 5848  crcdisk - ok
00:51:31.0555 5848  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:51:31.0555 5848  CryptSvc - ok
00:51:31.0571 5848  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:51:31.0586 5848  CtClsFlt - ok
00:51:31.0633 5848  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:51:31.0633 5848  DcomLaunch - ok
00:51:31.0664 5848  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
00:51:31.0680 5848  defragsvc - ok
00:51:31.0711 5848  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:51:31.0711 5848  DfsC - ok
00:51:31.0758 5848  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:51:31.0758 5848  Dhcp - ok
00:51:31.0774 5848  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
00:51:31.0774 5848  discache - ok
00:51:31.0805 5848  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
00:51:31.0805 5848  Disk - ok
00:51:31.0852 5848  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:51:31.0852 5848  Dnscache - ok
00:51:31.0914 5848  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
00:51:31.0914 5848  DockLoginService - ok
00:51:31.0961 5848  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:51:31.0961 5848  dot3svc - ok
00:51:32.0008 5848  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
00:51:32.0023 5848  Dot4 - ok
00:51:32.0086 5848  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
00:51:32.0086 5848  Dot4Print - ok
00:51:32.0101 5848  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
00:51:32.0101 5848  dot4usb - ok
00:51:32.0132 5848  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
00:51:32.0132 5848  DPS - ok
00:51:32.0179 5848  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:51:32.0179 5848  drmkaud - ok
00:51:32.0242 5848  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:51:32.0257 5848  DXGKrnl - ok
00:51:32.0288 5848  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
00:51:32.0288 5848  EapHost - ok
00:51:32.0382 5848  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
00:51:32.0413 5848  ebdrv - ok
00:51:32.0460 5848  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
00:51:32.0460 5848  EFS - ok
00:51:32.0538 5848  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:51:32.0569 5848  ehRecvr - ok
00:51:32.0600 5848  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
00:51:32.0616 5848  ehSched - ok
00:51:32.0678 5848  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
00:51:32.0678 5848  elxstor - ok
00:51:32.0725 5848  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:51:32.0725 5848  ErrDev - ok
00:51:32.0788 5848  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
00:51:32.0788 5848  EventSystem - ok
00:51:32.0819 5848  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
00:51:32.0834 5848  exfat - ok
00:51:32.0850 5848  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:51:32.0850 5848  fastfat - ok
00:51:32.0912 5848  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
00:51:32.0912 5848  Fax - ok
00:51:32.0959 5848  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:51:32.0959 5848  fdc - ok
00:51:32.0975 5848  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:51:32.0975 5848  fdPHost - ok
00:51:33.0022 5848  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:51:33.0022 5848  FDResPub - ok
00:51:33.0053 5848  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:51:33.0053 5848  FileInfo - ok
00:51:33.0084 5848  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:51:33.0084 5848  Filetrace - ok
00:51:33.0100 5848  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:51:33.0100 5848  flpydisk - ok
00:51:33.0131 5848  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:51:33.0131 5848  FltMgr - ok
00:51:33.0178 5848  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
00:51:33.0209 5848  FontCache - ok
00:51:33.0271 5848  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:51:33.0287 5848  FontCache3.0.0.0 - ok
00:51:33.0302 5848  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:51:33.0302 5848  FsDepends - ok
00:51:33.0349 5848  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:51:33.0349 5848  Fs_Rec - ok
00:51:33.0380 5848  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:51:33.0396 5848  fvevol - ok
00:51:33.0427 5848  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
00:51:33.0427 5848  gagp30kx - ok
00:51:33.0458 5848  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:51:33.0458 5848  GEARAspiWDM - ok
00:51:33.0521 5848  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
00:51:33.0536 5848  gpsvc - ok
00:51:33.0630 5848  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:51:33.0630 5848  gupdate - ok
00:51:33.0677 5848  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:51:33.0677 5848  gupdatem - ok
00:51:33.0708 5848  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:51:33.0724 5848  gusvc - ok
00:51:33.0739 5848  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:51:33.0739 5848  hcw85cir - ok
00:51:33.0802 5848  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
00:51:33.0802 5848  HDAudBus - ok
00:51:33.0833 5848  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
00:51:33.0833 5848  HECIx64 - ok
00:51:33.0864 5848  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
00:51:33.0864 5848  HidBatt - ok
00:51:33.0880 5848  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
00:51:33.0880 5848  HidBth - ok
00:51:33.0911 5848  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
00:51:33.0911 5848  HidIr - ok
00:51:33.0942 5848  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
00:51:33.0942 5848  hidserv - ok
00:51:33.0973 5848  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
00:51:33.0973 5848  HidUsb - ok
00:51:34.0004 5848  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:51:34.0020 5848  hkmsvc - ok
00:51:34.0051 5848  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:51:34.0051 5848  HomeGroupListener - ok
00:51:34.0082 5848  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:51:34.0098 5848  HomeGroupProvider - ok
00:51:34.0145 5848  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:51:34.0145 5848  HpSAMD - ok
00:51:34.0207 5848  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:51:34.0207 5848  HTTP - ok
00:51:34.0270 5848  [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
00:51:34.0270 5848  hwdatacard - ok
00:51:34.0316 5848  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:51:34.0316 5848  hwpolicy - ok
00:51:34.0363 5848  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
00:51:34.0363 5848  i8042prt - ok
00:51:34.0410 5848  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:51:34.0410 5848  iaStorV - ok
00:51:34.0488 5848  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:51:34.0535 5848  idsvc - ok
00:51:34.0582 5848  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
00:51:34.0582 5848  iirsp - ok
00:51:34.0644 5848  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
00:51:34.0660 5848  IKEEXT - ok
00:51:34.0691 5848  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
00:51:34.0691 5848  Impcd - ok
00:51:34.0738 5848  [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
00:51:34.0738 5848  InstallFilterService - ok
00:51:34.0769 5848  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
00:51:34.0769 5848  intelide - ok
00:51:34.0800 5848  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:51:34.0800 5848  intelppm - ok
00:51:34.0831 5848  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:51:34.0831 5848  IPBusEnum - ok
00:51:34.0878 5848  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:51:34.0878 5848  IpFilterDriver - ok
00:51:34.0940 5848  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:51:34.0940 5848  iphlpsvc - ok
00:51:34.0987 5848  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:51:34.0987 5848  IPMIDRV - ok
00:51:35.0003 5848  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:51:35.0003 5848  IPNAT - ok
00:51:35.0065 5848  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:51:35.0081 5848  iPod Service - ok
00:51:35.0112 5848  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:51:35.0112 5848  IRENUM - ok
00:51:35.0143 5848  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:51:35.0143 5848  isapnp - ok
00:51:35.0174 5848  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:51:35.0174 5848  iScsiPrt - ok
00:51:35.0206 5848  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
00:51:35.0206 5848  kbdclass - ok
00:51:35.0268 5848  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:51:35.0268 5848  kbdhid - ok
00:51:35.0299 5848  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
00:51:35.0299 5848  KeyIso - ok
00:51:35.0346 5848  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:51:35.0346 5848  KSecDD - ok
00:51:35.0377 5848  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:51:35.0377 5848  KSecPkg - ok
00:51:35.0408 5848  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:51:35.0408 5848  ksthunk - ok
00:51:35.0440 5848  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:51:35.0455 5848  KtmRm - ok
00:51:35.0502 5848  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:51:35.0518 5848  LanmanServer - ok
00:51:35.0549 5848  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:51:35.0549 5848  LanmanWorkstation - ok
00:51:35.0596 5848  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:51:35.0596 5848  lltdio - ok
00:51:35.0627 5848  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:51:35.0627 5848  lltdsvc - ok
00:51:35.0658 5848  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:51:35.0658 5848  lmhosts - ok
00:51:35.0705 5848  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
00:51:35.0705 5848  LSI_FC - ok
00:51:35.0720 5848  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
00:51:35.0720 5848  LSI_SAS - ok
00:51:35.0752 5848  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:51:35.0752 5848  LSI_SAS2 - ok
00:51:35.0767 5848  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:51:35.0767 5848  LSI_SCSI - ok
00:51:35.0783 5848  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:51:35.0798 5848  luafv - ok
00:51:35.0845 5848  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:51:35.0845 5848  Mcx2Svc - ok
00:51:35.0861 5848  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
00:51:35.0861 5848  megasas - ok
00:51:35.0892 5848  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
00:51:35.0892 5848  MegaSR - ok
00:51:35.0970 5848  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:51:35.0986 5848  Microsoft Office Groove Audit Service - ok
00:51:36.0032 5848  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
00:51:36.0032 5848  MMCSS - ok
00:51:36.0048 5848  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
00:51:36.0048 5848  Modem - ok
00:51:36.0079 5848  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:51:36.0079 5848  monitor - ok
00:51:36.0142 5848  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
00:51:36.0142 5848  mouclass - ok
00:51:36.0188 5848  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:51:36.0188 5848  mouhid - ok
00:51:36.0251 5848  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:51:36.0251 5848  mountmgr - ok
00:51:36.0329 5848  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:51:36.0344 5848  MozillaMaintenance - ok
00:51:36.0376 5848  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:51:36.0376 5848  mpio - ok
00:51:36.0407 5848  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:51:36.0407 5848  mpsdrv - ok
00:51:36.0469 5848  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:51:36.0469 5848  MpsSvc - ok
00:51:36.0516 5848  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:51:36.0516 5848  MRxDAV - ok
00:51:36.0563 5848  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:51:36.0563 5848  mrxsmb - ok
00:51:36.0625 5848  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:51:36.0625 5848  mrxsmb10 - ok
00:51:36.0656 5848  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:51:36.0656 5848  mrxsmb20 - ok
00:51:36.0703 5848  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:51:36.0703 5848  msahci - ok
00:51:36.0750 5848  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:51:36.0750 5848  msdsm - ok
00:51:36.0781 5848  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
00:51:36.0781 5848  MSDTC - ok
00:51:36.0828 5848  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:51:36.0828 5848  Msfs - ok
00:51:36.0844 5848  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:51:36.0844 5848  mshidkmdf - ok
00:51:36.0875 5848  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:51:36.0875 5848  msisadrv - ok
00:51:36.0906 5848  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:51:36.0906 5848  MSiSCSI - ok
00:51:36.0922 5848  msiserver - ok
00:51:36.0937 5848  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:51:36.0937 5848  MSKSSRV - ok
00:51:36.0968 5848  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:51:36.0968 5848  MSPCLOCK - ok
00:51:36.0984 5848  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:51:37.0000 5848  MSPQM - ok
00:51:37.0046 5848  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:51:37.0046 5848  MsRPC - ok
00:51:37.0093 5848  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
00:51:37.0093 5848  mssmbios - ok
00:51:37.0124 5848  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:51:37.0124 5848  MSTEE - ok
00:51:37.0140 5848  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
00:51:37.0140 5848  MTConfig - ok
00:51:37.0156 5848  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:51:37.0156 5848  Mup - ok
00:51:37.0202 5848  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
00:51:37.0202 5848  napagent - ok
00:51:37.0234 5848  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:51:37.0249 5848  NativeWifiP - ok
00:51:37.0327 5848  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:51:37.0327 5848  NDIS - ok
00:51:37.0358 5848  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:51:37.0358 5848  NdisCap - ok
00:51:37.0390 5848  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:51:37.0390 5848  NdisTapi - ok
00:51:37.0452 5848  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:51:37.0452 5848  Ndisuio - ok
00:51:37.0514 5848  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:51:37.0546 5848  NdisWan - ok
00:51:37.0624 5848  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:51:37.0655 5848  NDProxy - ok
00:51:37.0687 5848  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:51:37.0687 5848  Net Driver HPZ12 - ok
00:51:37.0718 5848  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:51:37.0718 5848  NetBIOS - ok
00:51:37.0765 5848  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:51:37.0765 5848  NetBT - ok
00:51:37.0796 5848  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
00:51:37.0796 5848  Netlogon - ok
00:51:37.0843 5848  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
00:51:37.0859 5848  Netman - ok
00:51:37.0874 5848  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
00:51:37.0890 5848  netprofm - ok
00:51:37.0921 5848  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:51:37.0937 5848  NetTcpPortSharing - ok
00:51:37.0968 5848  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
00:51:37.0968 5848  nfrd960 - ok
00:51:38.0015 5848  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:51:38.0030 5848  NlaSvc - ok
00:51:38.0046 5848  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:51:38.0046 5848  Npfs - ok
00:51:38.0077 5848  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
00:51:38.0077 5848  nsi - ok
00:51:38.0093 5848  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:51:38.0093 5848  nsiproxy - ok
00:51:38.0171 5848  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:51:38.0186 5848  Ntfs - ok
00:51:38.0217 5848  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
00:51:38.0217 5848  Null - ok
00:51:38.0280 5848  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:51:38.0280 5848  nvraid - ok
00:51:38.0311 5848  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:51:38.0311 5848  nvstor - ok
00:51:38.0358 5848  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:51:38.0358 5848  nv_agp - ok
00:51:38.0483 5848  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:51:38.0514 5848  odserv - ok
00:51:38.0545 5848  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:51:38.0545 5848  ohci1394 - ok
00:51:38.0607 5848  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:51:38.0623 5848  ose - ok
00:51:38.0654 5848  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:51:38.0670 5848  p2pimsvc - ok
00:51:38.0702 5848  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:51:38.0718 5848  p2psvc - ok
00:51:38.0749 5848  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:51:38.0749 5848  Parport - ok
00:51:38.0780 5848  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:51:38.0780 5848  partmgr - ok
00:51:38.0796 5848  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:51:38.0811 5848  PcaSvc - ok
00:51:38.0858 5848  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
00:51:38.0858 5848  pci - ok
00:51:38.0874 5848  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
00:51:38.0874 5848  pciide - ok
00:51:38.0889 5848  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:51:38.0905 5848  pcmcia - ok
00:51:38.0920 5848  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:51:38.0920 5848  pcw - ok
00:51:38.0952 5848  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:51:38.0952 5848  PEAUTH - ok
00:51:39.0045 5848  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:51:39.0061 5848  PerfHost - ok
00:51:39.0139 5848  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
00:51:39.0154 5848  pla - ok
00:51:39.0217 5848  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:51:39.0232 5848  PlugPlay - ok
00:51:39.0264 5848  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:51:39.0279 5848  Pml Driver HPZ12 - ok
00:51:39.0310 5848  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:51:39.0310 5848  PNRPAutoReg - ok
00:51:39.0326 5848  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:51:39.0342 5848  PNRPsvc - ok
00:51:39.0388 5848  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:51:39.0404 5848  PolicyAgent - ok
00:51:39.0435 5848  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
00:51:39.0435 5848  Power - ok
00:51:39.0482 5848  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:51:39.0482 5848  PptpMiniport - ok
00:51:39.0513 5848  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
00:51:39.0529 5848  Processor - ok
00:51:39.0560 5848  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:51:39.0576 5848  ProfSvc - ok
00:51:39.0591 5848  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:51:39.0591 5848  ProtectedStorage - ok
00:51:39.0654 5848  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:51:39.0654 5848  Psched - ok
00:51:39.0685 5848  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
00:51:39.0685 5848  PxHlpa64 - ok
00:51:39.0747 5848  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
00:51:39.0778 5848  ql2300 - ok
00:51:39.0810 5848  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
00:51:39.0810 5848  ql40xx - ok
00:51:39.0841 5848  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
00:51:39.0856 5848  QWAVE - ok
00:51:39.0872 5848  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:51:39.0872 5848  QWAVEdrv - ok
00:51:39.0872 5848  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:51:39.0888 5848  RasAcd - ok
00:51:39.0919 5848  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:51:39.0919 5848  RasAgileVpn - ok
00:51:39.0950 5848  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
00:51:39.0950 5848  RasAuto - ok
00:51:39.0981 5848  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:51:39.0997 5848  Rasl2tp - ok
00:51:40.0044 5848  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
00:51:40.0059 5848  RasMan - ok
00:51:40.0075 5848  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:51:40.0075 5848  RasPppoe - ok
00:51:40.0090 5848  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:51:40.0090 5848  RasSstp - ok
00:51:40.0137 5848  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:51:40.0137 5848  rdbss - ok
00:51:40.0168 5848  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:51:40.0168 5848  rdpbus - ok
00:51:40.0200 5848  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:51:40.0200 5848  RDPCDD - ok
00:51:40.0215 5848  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:51:40.0215 5848  RDPENCDD - ok
00:51:40.0246 5848  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:51:40.0246 5848  RDPREFMP - ok
00:51:40.0293 5848  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:51:40.0309 5848  RDPWD - ok
00:51:40.0356 5848  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:51:40.0356 5848  rdyboost - ok
00:51:40.0387 5848  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:51:40.0387 5848  RemoteAccess - ok
00:51:40.0418 5848  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:51:40.0418 5848  RemoteRegistry - ok
00:51:40.0449 5848  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:51:40.0449 5848  RFCOMM - ok
00:51:40.0480 5848  [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
00:51:40.0480 5848  rimmptsk - ok
00:51:40.0512 5848  [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci         C:\Windows\system32\DRIVERS\rimspe64.sys
00:51:40.0527 5848  rimspci - ok
00:51:40.0543 5848  [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
00:51:40.0543 5848  rimsptsk - ok
00:51:40.0574 5848  [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe64.sys
00:51:40.0574 5848  risdpcie - ok
00:51:40.0605 5848  [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
00:51:40.0605 5848  rismxdp - ok
00:51:40.0621 5848  [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe64.sys
00:51:40.0621 5848  rixdpcie - ok
00:51:40.0652 5848  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:51:40.0652 5848  RpcEptMapper - ok
00:51:40.0683 5848  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
00:51:40.0683 5848  RpcLocator - ok
00:51:40.0746 5848  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
00:51:40.0746 5848  RpcSs - ok
00:51:40.0808 5848  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:51:40.0808 5848  rspndr - ok
00:51:40.0839 5848  [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
00:51:40.0839 5848  RTL8167 - ok
00:51:40.0855 5848  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
00:51:40.0855 5848  SamSs - ok
00:51:40.0902 5848  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:51:40.0902 5848  sbp2port - ok
00:51:40.0948 5848  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:51:40.0948 5848  SCardSvr - ok
00:51:40.0980 5848  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:51:40.0980 5848  scfilter - ok
00:51:41.0026 5848  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
00:51:41.0042 5848  Schedule - ok
00:51:41.0073 5848  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:51:41.0089 5848  SCPolicySvc - ok
00:51:41.0120 5848  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:51:41.0120 5848  SDRSVC - ok
00:51:41.0167 5848  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:51:41.0167 5848  secdrv - ok
00:51:41.0214 5848  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
00:51:41.0214 5848  seclogon - ok
00:51:41.0245 5848  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
00:51:41.0245 5848  SENS - ok
00:51:41.0276 5848  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:51:41.0276 5848  SensrSvc - ok
00:51:41.0292 5848  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:51:41.0292 5848  Serenum - ok
00:51:41.0307 5848  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:51:41.0307 5848  Serial - ok
00:51:41.0354 5848  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
00:51:41.0354 5848  sermouse - ok
00:51:41.0401 5848  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:51:41.0401 5848  SessionEnv - ok
00:51:41.0401 5848  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:51:41.0401 5848  sffdisk - ok
00:51:41.0432 5848  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:51:41.0432 5848  sffp_mmc - ok
00:51:41.0448 5848  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:51:41.0448 5848  sffp_sd - ok
00:51:41.0494 5848  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
00:51:41.0494 5848  sfloppy - ok
00:51:41.0557 5848  [ E1974A92AC0914A3859359A0A8C82C68 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:51:41.0572 5848  SftService - ok
00:51:41.0682 5848  [ E5B4AD148D806860B9F956C63A9598CD ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
00:51:41.0682 5848  SgtSch2Svc - ok
00:51:41.0728 5848  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:51:41.0744 5848  SharedAccess - ok
00:51:41.0775 5848  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:51:41.0791 5848  ShellHWDetection - ok
00:51:41.0822 5848  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:51:41.0822 5848  SiSRaid2 - ok
00:51:41.0838 5848  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
00:51:41.0838 5848  SiSRaid4 - ok
00:51:41.0916 5848  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:51:41.0994 5848  SkypeUpdate - ok
00:51:42.0025 5848  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:51:42.0025 5848  Smb - ok
00:51:42.0103 5848  [ 001901F10423616CA0D4AECDCCE8B855 ] snapman380      C:\Windows\system32\DRIVERS\snman380.sys
00:51:42.0118 5848  snapman380 - ok
00:51:42.0150 5848  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:51:42.0165 5848  SNMPTRAP - ok
00:51:42.0165 5848  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:51:42.0165 5848  spldr - ok
00:51:42.0212 5848  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
00:51:42.0212 5848  Spooler - ok
00:51:42.0337 5848  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
00:51:42.0368 5848  sppsvc - ok
00:51:42.0384 5848  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:51:42.0384 5848  sppuinotify - ok
00:51:42.0446 5848  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
00:51:42.0446 5848  sprtsvc_DellSupportCenter - ok
00:51:42.0493 5848  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:51:42.0508 5848  srv - ok
00:51:42.0540 5848  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:51:42.0540 5848  srv2 - ok
00:51:42.0571 5848  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:51:42.0571 5848  srvnet - ok
00:51:42.0602 5848  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:51:42.0618 5848  SSDPSRV - ok
00:51:42.0649 5848  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:51:42.0649 5848  SstpSvc - ok
00:51:42.0774 5848  [ 7AA12DB4BB2CB414C3525E1C02DA911F ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\STacSV64.exe
00:51:42.0774 5848  STacSV - ok
00:51:42.0805 5848  [ C48E0745D33897C7A73394214F2B9B4F ] stdflt          C:\Windows\system32\DRIVERS\stdflt.sys
00:51:42.0805 5848  stdflt - ok
00:51:42.0836 5848  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
00:51:42.0836 5848  stexstor - ok
00:51:42.0883 5848  [ 2D7C3CA0FDB0F438671C89FA1804674F ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
00:51:42.0883 5848  STHDA - ok
00:51:42.0945 5848  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
00:51:42.0961 5848  stisvc - ok
00:51:42.0992 5848  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
00:51:42.0992 5848  swenum - ok
00:51:43.0023 5848  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
00:51:43.0039 5848  swprv - ok
00:51:43.0086 5848  [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:51:43.0086 5848  SynTP - ok
00:51:43.0179 5848  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
00:51:43.0210 5848  SysMain - ok
00:51:43.0242 5848  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:51:43.0242 5848  TabletInputService - ok
00:51:43.0273 5848  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:51:43.0273 5848  TapiSrv - ok
00:51:43.0320 5848  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
00:51:43.0320 5848  TBS - ok
00:51:43.0398 5848  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:51:43.0429 5848  Tcpip - ok
00:51:43.0460 5848  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:51:43.0476 5848  TCPIP6 - ok
00:51:43.0507 5848  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:51:43.0507 5848  tcpipreg - ok
00:51:43.0538 5848  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:51:43.0538 5848  TDPIPE - ok
00:51:43.0632 5848  [ 0B7757583EBBD877C275859899FEF5CB ] tdrpman174      C:\Windows\system32\DRIVERS\tdrpm174.sys
00:51:43.0663 5848  tdrpman174 - ok
00:51:43.0694 5848  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:51:43.0694 5848  TDTCP - ok
00:51:43.0756 5848  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:51:43.0756 5848  tdx - ok
00:51:43.0803 5848  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
00:51:43.0803 5848  TermDD - ok
00:51:43.0866 5848  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
00:51:43.0866 5848  TermService - ok
00:51:43.0897 5848  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
00:51:43.0897 5848  Themes - ok
00:51:43.0928 5848  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
00:51:43.0928 5848  THREADORDER - ok
00:51:43.0990 5848  [ F741B146F00DCC340AF5B0E32A874F1B ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
00:51:44.0006 5848  timounter - ok
00:51:44.0037 5848  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
00:51:44.0037 5848  TrkWks - ok
00:51:44.0115 5848  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:51:44.0115 5848  TrustedInstaller - ok
00:51:44.0162 5848  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:51:44.0162 5848  tssecsrv - ok
00:51:44.0224 5848  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:51:44.0224 5848  TsUsbFlt - ok
00:51:44.0287 5848  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:51:44.0287 5848  tunnel - ok
00:51:44.0334 5848  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
00:51:44.0334 5848  uagp35 - ok
00:51:44.0380 5848  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:51:44.0380 5848  udfs - ok
00:51:44.0427 5848  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:51:44.0427 5848  UI0Detect - ok
00:51:44.0474 5848  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:51:44.0474 5848  uliagpkx - ok
00:51:44.0521 5848  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
00:51:44.0521 5848  umbus - ok
00:51:44.0552 5848  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
00:51:44.0552 5848  UmPass - ok
00:51:44.0583 5848  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
00:51:44.0583 5848  upnphost - ok
00:51:44.0630 5848  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:51:44.0630 5848  usbccgp - ok
00:51:44.0677 5848  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:51:44.0677 5848  usbcir - ok
00:51:44.0708 5848  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:51:44.0708 5848  usbehci - ok
00:51:44.0739 5848  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:51:44.0755 5848  usbhub - ok
00:51:44.0770 5848  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:51:44.0770 5848  usbohci - ok
00:51:44.0802 5848  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:51:44.0802 5848  usbprint - ok
00:51:44.0848 5848  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:51:44.0848 5848  usbscan - ok
00:51:44.0895 5848  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:51:44.0895 5848  USBSTOR - ok
00:51:44.0911 5848  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:51:44.0911 5848  usbuhci - ok
00:51:44.0973 5848  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:51:44.0989 5848  usbvideo - ok
00:51:45.0020 5848  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
00:51:45.0020 5848  UxSms - ok
00:51:45.0051 5848  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
00:51:45.0051 5848  VaultSvc - ok
00:51:45.0082 5848  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:51:45.0082 5848  vdrvroot - ok
00:51:45.0129 5848  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
00:51:45.0145 5848  vds - ok
00:51:45.0192 5848  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:51:45.0192 5848  vga - ok
00:51:45.0207 5848  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:51:45.0207 5848  VgaSave - ok
00:51:45.0238 5848  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:51:45.0238 5848  vhdmp - ok
00:51:45.0270 5848  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:51:45.0285 5848  viaide - ok
00:51:45.0301 5848  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:51:45.0301 5848  volmgr - ok
00:51:45.0348 5848  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:51:45.0348 5848  volmgrx - ok
00:51:45.0394 5848  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:51:45.0394 5848  volsnap - ok
00:51:45.0426 5848  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
00:51:45.0426 5848  vsmraid - ok
00:51:45.0504 5848  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
00:51:45.0519 5848  VSS - ok
00:51:45.0535 5848  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:51:45.0550 5848  vwifibus - ok
00:51:45.0566 5848  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:51:45.0582 5848  vwififlt - ok
00:51:45.0613 5848  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:51:45.0613 5848  vwifimp - ok
00:51:45.0644 5848  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
00:51:45.0660 5848  W32Time - ok
00:51:45.0675 5848  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
00:51:45.0691 5848  WacomPen - ok
00:51:45.0753 5848  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:51:45.0753 5848  WANARP - ok
00:51:45.0769 5848  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:51:45.0769 5848  Wanarpv6 - ok
00:51:45.0831 5848  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
00:51:45.0847 5848  wbengine - ok
00:51:45.0894 5848  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:51:45.0894 5848  WbioSrvc - ok
00:51:45.0940 5848  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:51:45.0940 5848  wcncsvc - ok
00:51:45.0956 5848  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:51:45.0972 5848  WcsPlugInService - ok
00:51:45.0987 5848  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
00:51:45.0987 5848  Wd - ok
00:51:46.0018 5848  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:51:46.0034 5848  Wdf01000 - ok
00:51:46.0050 5848  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:51:46.0065 5848  WdiServiceHost - ok
00:51:46.0065 5848  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:51:46.0065 5848  WdiSystemHost - ok
00:51:46.0096 5848  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
00:51:46.0112 5848  WebClient - ok
00:51:46.0143 5848  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:51:46.0143 5848  Wecsvc - ok
00:51:46.0174 5848  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:51:46.0174 5848  wercplsupport - ok
00:51:46.0221 5848  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:51:46.0221 5848  WerSvc - ok
00:51:46.0252 5848  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:51:46.0252 5848  WfpLwf - ok
00:51:46.0299 5848  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:51:46.0299 5848  WimFltr - ok
00:51:46.0330 5848  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:51:46.0330 5848  WIMMount - ok
00:51:46.0346 5848  WinDefend - ok
00:51:46.0346 5848  WinHttpAutoProxySvc - ok
00:51:46.0408 5848  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:51:46.0424 5848  Winmgmt - ok
00:51:46.0502 5848  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
00:51:46.0533 5848  WinRM - ok
00:51:46.0596 5848  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:51:46.0596 5848  Wlansvc - ok
00:51:46.0674 5848  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
00:51:46.0674 5848  wltrysvc - ok
00:51:46.0720 5848  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:51:46.0720 5848  WmiAcpi - ok
00:51:46.0752 5848  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:51:46.0767 5848  wmiApSrv - ok
00:51:46.0798 5848  WMPNetworkSvc - ok
00:51:46.0814 5848  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:51:46.0830 5848  WPCSvc - ok
00:51:46.0861 5848  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:51:46.0861 5848  WPDBusEnum - ok
00:51:46.0876 5848  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:51:46.0876 5848  ws2ifsl - ok
00:51:46.0923 5848  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
00:51:46.0923 5848  wscsvc - ok
00:51:46.0923 5848  WSearch - ok
00:51:47.0001 5848  [ A583F4BF607EBC5709578433207A76A8 ] WTGService      C:\Program Files (x86)\Verbindungsassistent\wtgservice.exe
00:51:47.0001 5848  WTGService - ok
00:51:47.0110 5848  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:51:47.0126 5848  wuauserv - ok
00:51:47.0142 5848  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:51:47.0142 5848  WudfPf - ok
00:51:47.0204 5848  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:51:47.0204 5848  WUDFRd - ok
00:51:47.0251 5848  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:51:47.0251 5848  wudfsvc - ok
00:51:47.0298 5848  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:51:47.0298 5848  WwanSvc - ok
00:51:47.0329 5848  ================ Scan global ===============================
00:51:47.0360 5848  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:51:47.0407 5848  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:51:47.0422 5848  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:51:47.0454 5848  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:51:47.0500 5848  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:51:47.0500 5848  [Global] - ok
00:51:47.0500 5848  ================ Scan MBR ==================================
00:51:47.0516 5848  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:51:47.0968 5848  \Device\Harddisk0\DR0 - ok
00:51:47.0968 5848  ================ Scan VBR ==================================
00:51:47.0984 5848  [ 275B0B884E271347FDCB1D9B3129432F ] \Device\Harddisk0\DR0\Partition1
00:51:48.0000 5848  \Device\Harddisk0\DR0\Partition1 - ok
00:51:48.0015 5848  [ BE15A2E776C35CC3D2650B405F0EF110 ] \Device\Harddisk0\DR0\Partition2
00:51:48.0031 5848  \Device\Harddisk0\DR0\Partition2 - ok
00:51:48.0031 5848  [ 4C46A00F60D08DAB5EA12A5806E1CA4C ] \Device\Harddisk0\DR0\Partition3
00:51:48.0031 5848  \Device\Harddisk0\DR0\Partition3 - ok
00:51:48.0031 5848  ============================================================
00:51:48.0031 5848  Scan finished
00:51:48.0031 5848  ============================================================
00:51:48.0046 5528  Detected object count: 0
00:51:48.0046 5528  Actual detected object count: 0
         

Alt 10.11.2012, 09:15   #8
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Gut, dann bitte jetzt Combofix ausführen.

Scan mit Combofix
Zitat:
WARNUNG:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 10.11.2012, 11:41   #9
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Hier der Log von Combofix:
Code:
ATTFilter
ComboFix 12-11-09.02 - Eliza 10.11.2012  12:11:11.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3957.2335 [GMT 1:00]
ausgeführt von:: e:\desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-10-10 bis 2012-11-10  ))))))))))))))))))))))))))))))
.
.
2012-11-10 11:21 . 2012-11-10 11:21	--------	d-----w-	c:\users\Eliza\AppData\Local\temp
2012-11-10 11:21 . 2012-11-10 11:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-09 11:33 . 2012-11-09 11:33	--------	d-----w-	c:\users\Eliza.Isis\AppData\Roaming\Malwarebytes
2012-11-09 11:33 . 2012-11-09 11:33	--------	d-----w-	c:\programdata\Malwarebytes
2012-11-09 11:33 . 2012-11-09 11:33	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-09 11:33 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-11-09 10:37 . 2012-11-09 10:37	--------	d-----w-	c:\program files (x86)\Panda Security
2012-11-09 09:13 . 2012-11-09 09:18	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-11-09 09:12 . 2012-11-09 09:12	--------	d-----w-	c:\users\Eliza.Isis\AppData\Local\Programs
2012-11-09 08:58 . 2012-11-09 08:58	--------	d-----w-	c:\users\Eliza.Isis\AppData\Roaming\TeamViewer
2012-11-09 07:38 . 2012-10-12 07:19	9291768	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D4C9D990-1BA9-4EE8-94FD-2BA5A691E887}\mpengine.dll
2012-10-28 09:26 . 2012-08-21 12:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-10-28 09:25 . 2012-10-28 09:25	--------	d-----w-	c:\program files\iPod
2012-10-28 09:25 . 2012-10-28 09:26	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-28 09:25 . 2012-10-28 09:26	--------	d-----w-	c:\program files\iTunes
2012-10-28 09:20 . 2012-10-28 09:20	--------	d-----w-	c:\program files\Bonjour
2012-10-28 09:20 . 2012-10-28 09:20	--------	d-----w-	c:\program files (x86)\Bonjour
2012-10-27 07:34 . 2012-10-27 07:34	--------	d-----w-	c:\users\Eliza.Isis\AppData\Roaming\Avira
2012-10-27 07:28 . 2012-10-30 11:42	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-10-27 07:28 . 2012-09-24 07:58	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-10-27 07:28 . 2012-09-13 13:52	99248	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-10-27 07:28 . 2012-10-27 07:28	--------	d-----w-	c:\programdata\Avira
2012-10-27 07:28 . 2012-10-27 07:28	--------	d-----w-	c:\program files (x86)\Avira
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 06:40 . 2011-03-14 18:24	65309168	----a-w-	c:\windows\system32\MRT.exe
2012-09-14 19:19 . 2012-10-10 19:46	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 19:46	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 19:46	1659760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 19:46	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 19:46	3968880	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 19:46	3914096	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 19:46	220160	----a-w-	c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 19:46	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 09:02	17810944	----a-w-	c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 09:02	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 09:02	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 09:02	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 09:02	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 09:02	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 09:02	237056	----a-w-	c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 09:02	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 09:02	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 09:02	816640	----a-w-	c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 09:02	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 09:02	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 09:02	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 09:03	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 09:03	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 09:02	248320	----a-w-	c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 09:02	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 09:02	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 09:02	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 09:02	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 09:03	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 09:03	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 17:40	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 17:40	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 17:40	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 17:40	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 09:24	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-08-21 12:01 . 2010-07-03 17:03	125872	----a-w-	c:\windows\system32\GEARAspi64.dll
2012-08-21 12:01 . 2010-07-03 17:03	106928	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48 . 2012-10-10 19:46	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 19:46	243200	----a-w-	c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 19:46	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 19:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 19:46	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 19:46	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 19:46	1162240	----a-w-	c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 19:46	338432	----a-w-	c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 19:46	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 19:46	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 19:46	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 19:46	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 19:46	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 19:46	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 19:46	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 19:46	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-09 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2010-07-09 1548288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BlackArmorBackupMonitor.exe"="c:\program files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe" [2009-11-23 4386472]
"AcronisTimounterMonitor"="c:\program files (x86)\Seagate\BlackArmorBackup\TimounterMonitor.exe" [2009-11-23 965592]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"PDFPrint"="c:\program files (x86)\pdf24\pdf24.exe" [2012-02-09 160840]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-10-30 384800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="e:\downloads\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2010-07-21 165184]
.
c:\users\Eliza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Eliza.Isis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
Dropbox.lnk - c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-3 26868192]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
tbhcn.lnk - c:\users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-7-2 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-07-23 18792]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-08 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-30 84256]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-11-23 829088]
S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\wtgservice.exe [2011-01-29 330696]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-07-24 23912]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 51898032
*NewlyCreated* - ASWMBR
*Deregistered* - 51898032
*Deregistered* - aswMBR
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-03 16:09]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-03 16:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Eliza.Isis\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-12-14 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2009-11-23 376456]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{77E33041-8CEA-4356-B7DD-820C5FDFBCC8}: NameServer = 172.17.25.200
FF - ProfilePath - c:\users\Eliza.Isis\AppData\Roaming\Mozilla\Firefox\Profiles\y103kx4v.default\
FF - prefs.js: browser.startup.homepage - hxxp://de.yahoo.com/?p=us
FF - ExtSQL: 2012-09-28 22:20; youtubeunblocker@unblocker.yt; c:\users\Eliza.Isis\AppData\Roaming\Mozilla\Firefox\Profiles\y103kx4v.default\extensions\youtubeunblocker@unblocker.yt.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Budenberg Software Win - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-11-10  12:38:53
ComboFix-quarantined-files.txt  2012-11-10 11:38
.
Vor Suchlauf: 10 Verzeichnis(se), 21.110.554.624 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 20.967.038.976 Bytes frei
.
- - End Of File - - 52BBE563D7EE448FC10234D4CE9ED69D
         

Alt 10.11.2012, 12:35   #10
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Gut!

Wir müssen jetzt noch ein paar Kontrollen machen.

Schritt 1:
Quick-Scan mit Malwarebytes

Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quickscan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
Schritt 2:
ESET Online Scanner

Zitat:
Wichtig:
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten!
Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Bitte hier klicken --->
    • Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden, installieren und starten.
    • IE-User müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use/Ja, ich stimme ... zu und drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives/Archive prüfen" und entferne den Haken bei Remove Found Threads/Entdeckte Bedrohungen entfernen.
  • drücken. Die Signaturen werden herunter geladen und der Scan beginnt automatisch und kann sehr lange dauern!
Wenn der Scan beendet wurde
  • Klicke und dann
  • Speichere das Logfile als ESET.txt auf dem Desktop.
  • Klicke Back und Finish
Bitte poste die ESET.txt hier oder teile mir mit, dass nichts gefunden wurde.
Schritt 3:
Java Update (Windows XP, Vista, 7)
Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version und speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version (Java 7 Update 9) herunter laden.
  • Während der Installation entferne den Haken bei:
Wenn die Installation beendet wurde:
  • Start > Systemsteuerung > Programme und deinstalliere alle älteren Java Versionen, falls vorhanden, und starte deinen Rechner neu.
Nach dem Neustart:
  • Öffne erneut die Systemsteuerung > Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen...
  • Gehe sicher, dass überall ein Haken gesetzt ist und klicke zweimal OK.
Schritt 4:
Scan mit SecurityCheck
Downloade Dir bitte SecurityCheck
  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 10.11.2012, 13:49   #11
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Na das hört sich ja schon mal aufmunternd an!
Bei dem Malwarebytescan wurde schon mal nichts gefunden! An den nächsten mach ich mich gleich.
Der Log zu dem Malwarebyte-Scan:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Eliza :: ISIS [Administrator]

Schutz: Aktiviert

10.11.2012 14:06:49
mbam-log-2012-11-10 (14-06-49).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 229825
Laufzeit: 4 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 10.11.2012, 14:02   #12
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



In Ordnung ... aber bitte:

Zitat:
Lesestoff:
Zwischendurch Posten
Du hast mir nur ein Teilergebnis gepostet. Bitte melde dich nur, wenn du alles abgearbeitet hast oder zwischendurch eine Frage hast. Wenn du mir mehrmals antwortest, sehe ich deine weiteren Antworten nicht mehr automatisch und könnte dein Thema übersehen.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 10.11.2012, 20:27   #13
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Ergebnis der 4 Schritte:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Eliza :: ISIS [Administrator]

Schutz: Aktiviert

10.11.2012 14:06:49
mbam-log-2012-11-10 (14-06-49).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 229825
Laufzeit: 4 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Der Eset online scan hat leider wieder was gefunden:
Code:
ATTFilter
C:\Users\Eliza.Isis\AppData\Roaming\BrowserCompanion\tbhcn.exe	Win32/BrowserCompanion application
E:\Desktop\Programme\SoftonicDownloader_fuer_scan2pdf.exe	a variant of Win32/SoftonicDownloader.A application
E:\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe	multiple threats
E:\Downloads\SoftonicDownloader_fuer_freemind.exe	a variant of Win32/SoftonicDownloader.D application
E:\Downloads\SoftonicDownloader_fuer_scan2pdf.exe	a variant of Win32/SoftonicDownloader.A application
F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-01-09 190001\Backup files 1.zip	a variant of Win32/SoftonicDownloader.A application
F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-01-09 190001\Backup files 3.zip	a variant of Win32/SoftonicDownloader.A application
F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-12-18 011616\Backup files 2.zip	multiple threats
Operating memory	Win32/BrowserCompanion application
         
Schritt 3
Java up to date, alte Versionen deinstalliert, Einstellungen geändert wie angegeben

Schritt 4
Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.54  
 Windows 7 Service Pack 1 x64   
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.65.1.1000  
 Panda Cloud Cleaner   
 Java 7 Update 9  
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 11.3.300.262 Flash Player out of Date!  
 Adobe Reader X 10.0.1 Adobe Reader out of Date!  
 Mozilla Firefox (16.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 11.11.2012, 15:35   #14
ryder
/// TB-Ausbilder
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Prima!

Die Funde sind nicht tragisch sondern installieren nur Werbung. Siehe unten!


Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich.
Hinweis: Solltest du Defogger benutzt haben, kannst du jetzt re-enable drücken.

Schritt 1:
ESET-Funde löschen
  • Suche bitte die folgenden Dateien und lösche sie: Rechtsklick > Löschen
    Code:
    ATTFilter
    E:\Desktop\Programme\SoftonicDownloader_fuer_scan2pdf.exe	a variant of Win32/SoftonicDownloader.A application
    E:\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe	multiple threats
    E:\Downloads\SoftonicDownloader_fuer_freemind.exe	a variant of Win32/SoftonicDownloader.D application
    E:\Downloads\SoftonicDownloader_fuer_scan2pdf.exe	a variant of Win32/SoftonicDownloader.A application
    F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-01-09 190001\Backup files 1.zip	a variant of Win32/SoftonicDownloader.A application
    F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-01-09 190001\Backup files 3.zip	a variant of Win32/SoftonicDownloader.A application
    F:\ISIS\Backup Set 2011-01-09 190001\Backup Files 2011-12-18 011616\Backup files 2.zip	multiple threats
             
  • Leere den Papierkorb: Rechtsklick > Papierkorb leeren

Schritt 2:
Systemwiederherstellungspunkte löschen mit OTL
  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
    Code:
    ATTFilter
    :Commands
    [CLEARALLRESTOREPOINTS]
             
  • Schliesse bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
  • Kopiere nun den Inhalt hier in Deinen Thread.
Zitat:
Lesestoff:
Softwaredownloader
Es gibt im Internet Downloadportale, die statt die Datei selbst anzubieten, dem User einen Downloader unterjubelt. Startet man diesen, dann wird erst das gewünschte Programm von der Webseite des Anbieters geladen. Üblicherweise installiert dieser Downloader auch Werbeprogramme auf deinem Rechner. Besonders bekannt dafür ist z.B. Softonic. Daber merke dir bitte für die Zukunft:

Schritt 3:
Toolbereinigung mit OTL
  • Starte bitte OTL und klicke auf Bereinigung.
  • Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben.
  • Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.
Schritt 4:
AdwCleaner entfernen
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Uninstall.
  • Bestätige mit Ja.
Schritt 5:
ESET deinstallieren (Optional)

Ich empfehle dir dein System einmal pro Woche mit ESET zu scannen. Möchtest du ESET aber entfernen:
Drücke bitte die + R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Code:
ATTFilter
"%ProgramFiles%\Eset\Eset Online Scanner\OnlineScannerUninstaller.exe"
         
Abschließend noch Tipps zu folgenden Themen:
  • Systemupdates
  • Softwareupdates
  • Sicherheitssoftware
  • Sicheres Surfen

Zitat:
Lesestoff:
Systemupdates
Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt:
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

Zitat:
Lesestoff:
Softwareupdates
Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:Auch nicht gelistete Programme sind natürlich wichtig. Ob es für diese eine neue Version gibt, kannst du auf deren Herstellerwebseite oder ganz bequem mit diesen Tools überprüfen:

Zitat:
Lesestoff:
Sicherheitssoftware
Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
  • Wenn du deine Antivirenlösung wechseln solltest, findest du hier Tools mit denen du die Überreste nach der Deinstallation deines alten Scanners entfernen kannst.
  • Installiere niemals mehr als einen Virenscanner. Deren Hintergrundwächter würden sich gegenseitig behindern und dein System ausbremsen.
  • Ein Browserplugin, das dich vor betrügerischen Webseiten schützt, kann dir gute Dienste leisten, wenn du dich nicht gut auskennst (siehe oben).
  • Sorge dafür, dass deine Sicherheitslösung ständig up-to-date ist und sich automatisch Updates besorgt. Wenn du auf manuelle Updates setzt bist du meistens zu spät, da die Virendatenbanken oft täglich sogar mehrfach erneuert werden.
  • Einen zusätzlichen Schutz (und dieser wäre auch erlaubt) bietet ein spezieller Malwarescanner. Hier empfehle ich dir dringend Malwarebytes und einmal wöchentlich damit zu scannen. In der kostenpflichtigen Version hat es sogar einen Hintergrundwächter. Hierfür haben wir eine Anleitung für dich.
Zuletzt empfehle ich dir deine Daten regelmässig (am besten automatisch) zu sichern. Dies kann eine professionelle Backuplösung, externe Festplatten, Brennen auf DVDs oder Überspielen auf ein Online-Laufwerk wie z.B. Dropbox sein. Erzeuge so viele Kopien wie möglich und halte sie aktuell. Nur so bist du auf den schlimmsten Fall vorbereitet, wenn dein Computer - wodurch auch immer - unbrauchbar werden sollte. Leider passiert das ja immer unangekündigt und immer dann wenn man ihn am Nötigsten braucht. Also sorge vor!

Zitat:
Lesestoff:
Sicheres Surfen
Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
  • Klicke nicht irgendwo hin, nur weil es bunt ist und leuchtet, in einer Ecke aufpoppt oder so aussieht, als wäre es eine Systemmeldung.
  • Lade dir keine illegale Software, keine Cracks, keine Keygens, keine Gametrainer usw ... die Webseiten, die so etwas anbieten, sind meist nicht seriös und die angeblichen Helfer sind meist verseuchter als du es dir ausmalen würdest. Es spielt dabei keine Rolle, ob du diese Dateien über einen Browser oder Filesharingprogramme beziehst.
  • Öffne keine Emailanhänge von Leuten, die du nicht kennst, Emails mit seltsamen Rechtschreibfehlern oder starte Dateien, die dir eine Webseite anbietet, ohne dass du sie wolltest.
  • Lasse niemand an deinem Computer surfen, der diese Regeln nicht auch befolgt.
  • Verlasse dich nicht darauf, dass dein Virenscanner schon alles findet. Keine Sicherheitslösung ist 100% sicher!

Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
  • WOT (Web of trust) Dieses Add-On warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst. Hinweis: Avast enthält ein solches Plugin bereits.
  • Sandboxie schafft eine zusätzliche isolierte Programmumgebung, damit dein Browser wie ein Kleinkind im Sandkasten sicher ist. (Anleitung: Sandboxie)
  • Securebanking ist ein Software, die Verbindungen untersucht und dir meldet, wenn jemand "mithört". Wie der Name sagt, wurde es entwickelt, damit Onlinebanking wirklich sicher ist. Mehr Infos auf der Homepage: Secure Banking

Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.

Damit wünsche ich dir noch viel Spaß beim Surfen im Internet

... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 11.11.2012, 17:25   #15
Julia.M
 
ad.adserverplus erscheint immer wieder - Standard

ad.adserverplus erscheint immer wieder



Also erstmal:
Alle empfohlenen Schritte wurden ausgeführt.
Hier noch der Inhalt der Textdatei von OTL:
Code:
ATTFilter
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 11112012_175918
         
Und jetzt: Ein wirklich großes Dankeschön! Ich war zuvor am verzweifeln und die Hilfe war wirklich super! Werde af jeden Fall etwas spenden, noch zusätzliche Scans machen (wie empfohlen, ca. 1 mal die Woche) und mehr Backups machen!

Eine Frage hätte ich jedoch noch kurz: Gestern bei dem Check aller Festplatten und externen Festplatten war eine von mir nicht möglich (war leider zu dem Zeitpunkt 140km von mir entfernt). Sie war, wenn ich jetzt nicht komplett falsch liege, nie in dem Zeitraum angeschlossen wo mein Computer infiziert war. Gibt es aber noch einmal etwas womit ich ganz sicher sein kann das sie nicht infiziert ist?

Ich bedanke mich auf jeden Fall nochmal für deine Hilfe und Zeit!

Antwort

Themen zu ad.adserverplus erscheint immer wieder
anhang, bereits, brauche, erschein, erscheint, fenst, google, googlen, immer wieder, inter, interne, internet, log, malwarebyte, neues, systemscan, tagen, troja, trojaner, vollständige, wirklich, öffnet



Ähnliche Themen: ad.adserverplus erscheint immer wieder


  1. trivia games - nervendes fenster erscheint immer wieder
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (22)
  2. update.exe erscheint immer wieder und ich kann es nicht löschen.
    Plagegeister aller Art und deren Bekämpfung - 15.08.2015 (20)
  3. Windows 8.1: Fenster blinken und bei Videos erscheint immer wieder die Playleiste trotz keiner Mausbewegung
    Log-Analyse und Auswertung - 03.05.2015 (6)
  4. Continue Live Installation erscheint immer wieder...
    Log-Analyse und Auswertung - 12.04.2015 (11)
  5. pop.optinal.globalupdate.a wird von malewarebytes gefunden, aber erscheint immer wieder
    Plagegeister aller Art und deren Bekämpfung - 13.08.2014 (15)
  6. TR/Trash.Gen erscheint immer wieder mit neuem Nummern-Anhängsel
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (8)
  7. TR Trash Gen wir jede Stunde gefunden und in Quarantäne verschoben. Erscheint immer wieder
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (5)
  8. ad.adserverplus.. erscheint ständig ;Windows7 ; avira meldet nichts
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (3)
  9. ad.adserverplus.com - Fenster erscheint auf diversen Seiten
    Log-Analyse und Auswertung - 23.07.2012 (41)
  10. http://ad.adserverplus.com/ erscheint beim Besuchen diverser Webseits!
    Log-Analyse und Auswertung - 05.07.2012 (7)
  11. Spyware: Wie lösche ich Troj/ZAccess-AH? Erscheint immer wieder!
    Plagegeister aller Art und deren Bekämpfung - 22.02.2012 (1)
  12. Viren erscheint nach Neustart immer wieder (setup.....)
    Plagegeister aller Art und deren Bekämpfung - 21.05.2011 (41)
  13. AV Security Suite erscheint trotz MalewareBytes immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.07.2010 (6)
  14. Antivirus 2009 fenster erscheint immer wieder
    Mülltonne - 07.01.2009 (1)
  15. iexplore.exe erscheint immer wieder im Task-Manager
    Log-Analyse und Auswertung - 10.08.2008 (3)
  16. Gefixter Eintrag erscheint immer wieder
    Log-Analyse und Auswertung - 24.04.2007 (8)
  17. Gefixter HJT-Eintrag erscheint immer wieder!?
    Log-Analyse und Auswertung - 04.12.2005 (13)

Zum Thema ad.adserverplus erscheint immer wieder - Seit einigen Tagen öffnet sich bei mir immer wieder ein neues Fenst von ad.adserverplus wenn ich im Internet surfe. Mit googlen bin ich leider nicht weitergekommen. Ich könnte daher wirklich - ad.adserverplus erscheint immer wieder...
Archiv
Du betrachtest: ad.adserverplus erscheint immer wieder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.