Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Hostprozess wurde geschlossen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.02.2013, 08:36   #1
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Hallo,ich habe ein Problem mit meinen Laptop seit einiger zeit schreibt er immer wieder Windows Hostprozess wird geschlossen mit dem Konnte ich einiger massen Leben obwohl ich nicht weis wozu ich den Brauche seit 2 Tagen Schreibt er aber auch das er ein Speicherproblem hat,er bleit hängen oder sehr häufig auch ein absturz mit blauen bild und da steht er hat Probleme mit Hardware mein englisch ist nicht gut und ich verstehe nichts habe jetzt euren Malwarebyts drüberlaufen lassen anhang schick ich mit bitte helft mir aber bitte genau beschreiben danke

TrixiMalwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.19.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Trixi :: TRIXI-PC [Administrator]

Schutz: Aktiviert

19.02.2013 08:26:09
mbam-log-2013-02-19 (08-26-09).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205467
Laufzeit: 4 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 9
HKCR\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\YontooIEClient.Layers.1 (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\YontooIEClient.Layers (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Program Files\Yontoo Layers\YontooIEClient.dll (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 19.02.2013, 12:21   #2
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 19.02.2013, 13:51   #3
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.02.2013 13:17:46 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Trixi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,72% Memory free
6,18 Gb Paging File | 5,07 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,57 Gb Total Space | 36,02 Gb Free Space | 32,29% Space Free | Partition Type: NTFS
Drive D: | 111,55 Gb Total Space | 25,89 Gb Free Space | 23,21% Space Free | Partition Type: NTFS
 
Computer Name: TRIXI-PC | User Name: Trixi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Trixi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (wjyftn) -- System32\drivers\gdmk.sys File not found
DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (RTL8187B) -- system32\DRIVERS\wg111v3.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (SQTECH905C) -- C:\Windows\System32\drivers\Capt905c.sys (Service & Quality Technology.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN AT: Hotmail, Outlook, Messenger, Skype, Unterhaltung, Nachrichten & Lifestyle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 1A CF 58 E2 2A CA 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deAT327
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=c_TfnxvsSHwxAAAcJ-mdcB0uTtI?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=UT2
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=6Oy9p1n3l1
IE - HKCU\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/result.htm?q={searchTerms}&SearchMashine=true
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.08.03 07:52:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.12.30 15:29:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.12.30 15:29:41 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\E-Mail - Verknüpfung.lnk =  File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D737064F-4555-4481-BF59-F79621FCA544}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O27 - HKLM IFEO\acer elock management.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\enmtray.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\epower_dmc.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\epresentationlauncher.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\eragent.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\esettings.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googledesktop.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googledesktopsetup.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\wordview.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{87250374-1eb4-11df-9a28-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{87250374-1eb4-11df-9a28-000000000000}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: BitTorrent DNA - hkey= - key= -  File not found
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= -  File not found
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
MsConfig - StartUpReg: IgfxTray - hkey= - key= -  File not found
MsConfig - StartUpReg: IncrediMail - hkey= - key= - C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
MsConfig - StartUpReg: LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: MSC - hkey= - key= - c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
MsConfig - StartUpReg: Persistence - hkey= - key= -  File not found
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SynTPStart - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.19 08:38:43 | 000,000,000 | ---D | C] -- C:\Avenger
[2013.02.19 08:23:46 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\Malwarebytes
[2013.02.19 08:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.19 08:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.19 08:23:27 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.19 08:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.18 17:45:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.18 16:45:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Trixi\Desktop\OTL.exe
[2013.02.18 15:26:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.02.18 15:21:36 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013.02.12 07:29:41 | 000,000,000 | ---D | C] -- C:\Users\Trixi\Desktop\Neuer Ordner
[2013.02.09 14:24:13 | 000,032,032 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013.02.09 14:24:13 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013.02.09 14:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.02.09 14:23:36 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\TuneUp Software
[2013.02.09 14:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013.02.09 14:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.02.09 14:21:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.02.09 14:21:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.29 19:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.01.23 16:00:59 | 000,000,000 | -HSD | C] -- C:\found.003
[2013.01.22 08:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2013.01.21 08:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.21 08:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.19 12:55:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.19 12:21:15 | 004,658,348 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.19 12:21:15 | 001,864,396 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.19 12:21:15 | 001,452,680 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.19 12:21:15 | 001,318,674 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.19 12:16:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 12:16:24 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 12:16:24 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Trixi.job
[2013.02.19 12:16:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.19 12:16:08 | 303,769,927 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.19 10:41:01 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Trixi.job
[2013.02.19 08:23:35 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.18 19:45:01 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Trixi.job
[2013.02.18 17:56:55 | 000,597,473 | ---- | M] () -- C:\Users\Trixi\Desktop\OTL.rar
[2013.02.18 16:45:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trixi\Desktop\OTL.exe
[2013.02.18 16:30:54 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.18 15:51:31 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.18 15:47:22 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 13:16:13 | 000,001,647 | ---- | M] () -- C:\Users\Trixi\Documents\Dokument.rtf
[2013.02.13 19:17:24 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.02.13 18:16:40 | 000,385,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.13 12:44:56 | 000,189,440 | ---- | M] () -- C:\Users\Trixi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.09 14:24:08 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.02.09 14:24:08 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.28 14:19:32 | 000,032,032 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013.01.28 14:19:28 | 000,021,792 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013.01.25 11:01:45 | 000,047,565 | ---- | M] () -- C:\Users\Trixi\Desktop\Kardinalschnitte
[2013.01.22 08:46:46 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
 
========== Files Created - No Company Name ==========
 
[2013.02.19 08:46:34 | 303,769,927 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.19 08:23:35 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.18 17:56:55 | 000,597,473 | ---- | C] () -- C:\Users\Trixi\Desktop\OTL.rar
[2013.02.15 13:16:13 | 000,001,647 | ---- | C] () -- C:\Users\Trixi\Documents\Dokument.rtf
[2013.02.10 16:42:35 | 000,385,000 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.09 14:24:08 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.02.09 14:24:08 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.02.09 14:24:07 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.29 19:23:11 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013.01.29 19:23:11 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.27 19:29:02 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Trixi.job
[2013.01.27 19:29:01 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Trixi.job
[2013.01.27 19:29:00 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Trixi.job
[2013.01.25 11:01:45 | 000,047,565 | ---- | C] () -- C:\Users\Trixi\Desktop\Kardinalschnitte
[2013.01.25 10:40:21 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
[2013.01.22 08:46:46 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.12.30 15:22:04 | 000,233,456 | ---- | C] () -- C:\Windows\hpoins47.dat
[2011.12.30 08:45:02 | 000,000,000 | ---- | C] () -- C:\Users\Trixi\AppData\Local\{866EB13C-254B-4340-8B4A-328F094BE8BD}
[2011.11.26 14:57:54 | 000,000,000 | ---- | C] () -- C:\Windows\ka.ini
[2011.06.23 14:44:17 | 000,000,278 | ---- | C] () -- C:\Users\Trixi\AppData\Roaming\burnaware.ini
[2010.10.09 08:15:55 | 000,016,384 | ---- | C] () -- C:\Users\Trixi\Sicherung.BJF
[2010.03.25 10:18:45 | 002,583,110 | ---- | C] () -- C:\Users\Trixi\DSCN0205.JPG
[2010.03.25 10:18:39 | 002,753,223 | ---- | C] () -- C:\Users\Trixi\DSCN0208.JPG
[2010.03.25 10:18:33 | 002,846,489 | ---- | C] () -- C:\Users\Trixi\DSCN0235.JPG
[2010.01.20 16:21:11 | 000,000,128 | ---- | C] () -- C:\Users\Trixi\AppData\Roaming\default.rss
[2010.01.18 12:37:27 | 002,805,455 | ---- | C] () -- C:\Users\Trixi\DSCN0238.JPG
[2009.12.09 10:24:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.01 19:43:51 | 000,000,680 | ---- | C] () -- C:\Users\Trixi\AppData\Local\d3d9caps.dat
[2009.05.11 11:17:04 | 000,189,440 | ---- | C] () -- C:\Users\Trixi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.19 15:30:04 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Ashampoo
[2013.01.22 08:48:59 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\BitTorrent
[2010.09.24 19:11:59 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Boilsoft
[2011.06.23 14:02:04 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DeepBurner
[2012.09.30 19:02:20 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DVDVideoSoft
[2012.09.30 19:01:44 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.21 17:35:41 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Ebner
[2012.12.26 18:19:43 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\MOVAVI
[2012.09.30 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\OpenCandy
[2009.11.23 13:31:58 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\OpenOffice.org
[2009.05.11 16:49:20 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Opera
[2010.01.21 10:47:50 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\PC Suite
[2010.10.22 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Samsung
[2013.02.09 14:23:36 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\TuneUp Software
[2013.01.28 13:00:15 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.10 05:01:10 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.11.26 11:02:30 | 000,000,000 | ---D | M] -- C:\0e9734bf7def2c435119c257f7b7ea
[2012.11.13 15:52:38 | 000,000,000 | ---D | M] -- C:\3a5a7332157a32e3e1cc78
[2009.02.23 17:40:40 | 000,000,000 | ---D | M] -- C:\Acer
[2013.02.19 08:38:43 | 000,000,000 | ---D | M] -- C:\Avenger
[2009.02.24 02:21:55 | 000,000,000 | ---D | M] -- C:\Book
[2009.07.02 15:11:13 | 000,000,000 | -HSD | M] -- C:\Boot
[2013.02.18 16:30:49 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.05.11 09:45:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.05.11 09:58:18 | 000,000,000 | ---D | M] -- C:\Elements
[2011.01.06 00:25:42 | 000,000,000 | ---D | M] -- C:\extensions
[2010.06.05 13:20:15 | 000,000,000 | ---D | M] -- C:\found.000
[2010.10.18 15:47:43 | 000,000,000 | ---D | M] -- C:\found.001
[2013.02.10 12:24:24 | 000,000,000 | -HSD | M] -- C:\found.002
[2013.01.23 16:00:59 | 000,000,000 | -HSD | M] -- C:\found.003
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.19 08:23:27 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.19 08:23:29 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.05.11 09:45:46 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.01.03 20:34:02 | 000,000,000 | ---D | M] -- C:\sj666
[2013.02.19 13:19:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.09.24 19:19:46 | 000,000,000 | ---D | M] -- C:\Torrent_DVD
[2010.10.22 19:10:55 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.19 12:16:08 | 000,000,000 | ---D | M] -- C:\Windows
[2013.02.18 17:45:35 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,606 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.11.28 10:00:29 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.11.28 10:00:30 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.28 23:09:26 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.27 19:29:00 | 000,000,366 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateXML_Trixi.job
[2013.01.27 19:29:01 | 000,000,370 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateFiles_Trixi.job
[2013.01.27 19:29:02 | 000,000,376 | ---- | C] () -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Trixi.job
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2010.01.18 12:36:46 | 002,583,110 | ---- | M] () -- C:\Users\Trixi\DSCN0205.JPG
[2010.01.18 12:37:02 | 002,753,223 | ---- | M] () -- C:\Users\Trixi\DSCN0208.JPG
[2010.01.18 12:37:14 | 002,846,489 | ---- | M] () -- C:\Users\Trixi\DSCN0235.JPG
[2010.01.18 12:37:27 | 002,805,455 | ---- | M] () -- C:\Users\Trixi\DSCN0238.JPG
[2013.02.19 13:16:59 | 004,980,736 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat
[2013.02.19 13:16:59 | 000,262,144 | -H-- | M] () -- C:\Users\Trixi\ntuser.dat.LOG1
[2009.06.28 10:59:05 | 000,262,144 | -H-- | M] () -- C:\Users\Trixi\ntuser.dat.LOG2
[2009.06.28 10:59:05 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
[2009.06.28 10:59:05 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.1.regtrans-ms
[2009.06.28 10:59:06 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.2.regtrans-ms
[2009.06.28 10:59:05 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.blf
[2010.06.16 22:43:15 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.16 22:43:15 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.05.11 10:33:03 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2013.02.19 08:38:00 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TM.blf
[2013.02.19 08:38:00 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010.06.18 09:42:47 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TMContainer00000000000000000002.regtrans-ms
[2009.05.11 09:49:34 | 000,000,020 | -HS- | M] () -- C:\Users\Trixi\ntuser.ini
[2010.10.09 08:17:06 | 000,016,384 | ---- | M] () -- C:\Users\Trixi\Sicherung.BJF
[2010.09.01 19:27:29 | 000,027,136 | -HS- | M] () -- C:\Users\Trixi\Thumbs.db
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---


Ich hoffe es war so richtig,

Danke
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.02.2013 13:17:46 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Trixi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 56,72% Memory free
6,18 Gb Paging File | 5,07 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,57 Gb Total Space | 36,02 Gb Free Space | 32,29% Space Free | Partition Type: NTFS
Drive D: | 111,55 Gb Total Space | 25,89 Gb Free Space | 23,21% Space Free | Partition Type: NTFS
 
Computer Name: TRIXI-PC | User Name: Trixi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Trixi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\7.1.391.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\7.1.391.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (wjyftn) -- System32\drivers\gdmk.sys File not found
DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (RTL8187B) -- system32\DRIVERS\wg111v3.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (SQTECH905C) -- C:\Windows\System32\drivers\Capt905c.sys (Service & Quality Technology.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (ovt519) -- C:\Windows\System32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN AT: Hotmail, Outlook, Messenger, Skype, Unterhaltung, Nachrichten & Lifestyle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 1A CF 58 E2 2A CA 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deAT327
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=c_TfnxvsSHwxAAAcJ-mdcB0uTtI?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=UT2
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=6Oy9p1n3l1
IE - HKCU\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/result.htm?q={searchTerms}&SearchMashine=true
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.08.03 07:52:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.12.30 15:29:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.12.30 15:29:41 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Programme\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\E-Mail - Verknüpfung.lnk =  File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D737064F-4555-4481-BF59-F79621FCA544}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O27 - HKLM IFEO\acer elock management.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\enmtray.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\epower_dmc.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\epresentationlauncher.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\eragent.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\esettings.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googledesktop.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googledesktopsetup.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\wordview.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{87250374-1eb4-11df-9a28-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{87250374-1eb4-11df-9a28-000000000000}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: BitTorrent DNA - hkey= - key= -  File not found
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= -  File not found
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
MsConfig - StartUpReg: IgfxTray - hkey= - key= -  File not found
MsConfig - StartUpReg: IncrediMail - hkey= - key= - C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
MsConfig - StartUpReg: LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
MsConfig - StartUpReg: LManager - hkey= - key= - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
MsConfig - StartUpReg: MSC - hkey= - key= - c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
MsConfig - StartUpReg: Persistence - hkey= - key= -  File not found
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SynTPStart - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.19 08:38:43 | 000,000,000 | ---D | C] -- C:\Avenger
[2013.02.19 08:23:46 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\Malwarebytes
[2013.02.19 08:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.19 08:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.19 08:23:27 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.19 08:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.18 17:45:35 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.18 16:45:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Trixi\Desktop\OTL.exe
[2013.02.18 15:26:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.02.18 15:21:36 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013.02.12 07:29:41 | 000,000,000 | ---D | C] -- C:\Users\Trixi\Desktop\Neuer Ordner
[2013.02.09 14:24:13 | 000,032,032 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013.02.09 14:24:13 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013.02.09 14:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.02.09 14:23:36 | 000,000,000 | ---D | C] -- C:\Users\Trixi\AppData\Roaming\TuneUp Software
[2013.02.09 14:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013.02.09 14:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.02.09 14:21:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.02.09 14:21:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.29 19:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.01.23 16:00:59 | 000,000,000 | -HSD | C] -- C:\found.003
[2013.01.22 08:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2013.01.21 08:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.01.21 08:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.19 12:55:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.19 12:21:15 | 004,658,348 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.19 12:21:15 | 001,864,396 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.19 12:21:15 | 001,452,680 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.19 12:21:15 | 001,318,674 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.19 12:16:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 12:16:24 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 12:16:24 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Trixi.job
[2013.02.19 12:16:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.19 12:16:08 | 303,769,927 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.19 10:41:01 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Trixi.job
[2013.02.19 08:23:35 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.18 19:45:01 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Trixi.job
[2013.02.18 17:56:55 | 000,597,473 | ---- | M] () -- C:\Users\Trixi\Desktop\OTL.rar
[2013.02.18 16:45:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trixi\Desktop\OTL.exe
[2013.02.18 16:30:54 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.18 15:51:31 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.18 15:47:22 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 13:16:13 | 000,001,647 | ---- | M] () -- C:\Users\Trixi\Documents\Dokument.rtf
[2013.02.13 19:17:24 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.02.13 18:16:40 | 000,385,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.13 12:44:56 | 000,189,440 | ---- | M] () -- C:\Users\Trixi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.09 14:24:08 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.02.09 14:24:08 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.01.28 14:19:32 | 000,032,032 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013.01.28 14:19:28 | 000,021,792 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013.01.25 11:01:45 | 000,047,565 | ---- | M] () -- C:\Users\Trixi\Desktop\Kardinalschnitte
[2013.01.22 08:46:46 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
 
========== Files Created - No Company Name ==========
 
[2013.02.19 08:46:34 | 303,769,927 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.19 08:23:35 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.18 17:56:55 | 000,597,473 | ---- | C] () -- C:\Users\Trixi\Desktop\OTL.rar
[2013.02.15 13:16:13 | 000,001,647 | ---- | C] () -- C:\Users\Trixi\Documents\Dokument.rtf
[2013.02.10 16:42:35 | 000,385,000 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.09 14:24:08 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.02.09 14:24:08 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.02.09 14:24:07 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.29 19:23:11 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013.01.29 19:23:11 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.27 19:29:02 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Trixi.job
[2013.01.27 19:29:01 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Trixi.job
[2013.01.27 19:29:00 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Trixi.job
[2013.01.25 11:01:45 | 000,047,565 | ---- | C] () -- C:\Users\Trixi\Desktop\Kardinalschnitte
[2013.01.25 10:40:21 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
[2013.01.22 08:46:46 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.12.30 15:22:04 | 000,233,456 | ---- | C] () -- C:\Windows\hpoins47.dat
[2011.12.30 08:45:02 | 000,000,000 | ---- | C] () -- C:\Users\Trixi\AppData\Local\{866EB13C-254B-4340-8B4A-328F094BE8BD}
[2011.11.26 14:57:54 | 000,000,000 | ---- | C] () -- C:\Windows\ka.ini
[2011.06.23 14:44:17 | 000,000,278 | ---- | C] () -- C:\Users\Trixi\AppData\Roaming\burnaware.ini
[2010.10.09 08:15:55 | 000,016,384 | ---- | C] () -- C:\Users\Trixi\Sicherung.BJF
[2010.03.25 10:18:45 | 002,583,110 | ---- | C] () -- C:\Users\Trixi\DSCN0205.JPG
[2010.03.25 10:18:39 | 002,753,223 | ---- | C] () -- C:\Users\Trixi\DSCN0208.JPG
[2010.03.25 10:18:33 | 002,846,489 | ---- | C] () -- C:\Users\Trixi\DSCN0235.JPG
[2010.01.20 16:21:11 | 000,000,128 | ---- | C] () -- C:\Users\Trixi\AppData\Roaming\default.rss
[2010.01.18 12:37:27 | 002,805,455 | ---- | C] () -- C:\Users\Trixi\DSCN0238.JPG
[2009.12.09 10:24:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.01 19:43:51 | 000,000,680 | ---- | C] () -- C:\Users\Trixi\AppData\Local\d3d9caps.dat
[2009.05.11 11:17:04 | 000,189,440 | ---- | C] () -- C:\Users\Trixi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.19 15:30:04 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Ashampoo
[2013.01.22 08:48:59 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\BitTorrent
[2010.09.24 19:11:59 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Boilsoft
[2011.06.23 14:02:04 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DeepBurner
[2012.09.30 19:02:20 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DVDVideoSoft
[2012.09.30 19:01:44 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.21 17:35:41 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Ebner
[2012.12.26 18:19:43 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\MOVAVI
[2012.09.30 19:01:22 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\OpenCandy
[2009.11.23 13:31:58 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\OpenOffice.org
[2009.05.11 16:49:20 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Opera
[2010.01.21 10:47:50 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\PC Suite
[2010.10.22 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\Samsung
[2013.02.09 14:23:36 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\TuneUp Software
[2013.01.28 13:00:15 | 000,000,000 | ---D | M] -- C:\Users\Trixi\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.10 05:01:10 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.11.26 11:02:30 | 000,000,000 | ---D | M] -- C:\0e9734bf7def2c435119c257f7b7ea
[2012.11.13 15:52:38 | 000,000,000 | ---D | M] -- C:\3a5a7332157a32e3e1cc78
[2009.02.23 17:40:40 | 000,000,000 | ---D | M] -- C:\Acer
[2013.02.19 08:38:43 | 000,000,000 | ---D | M] -- C:\Avenger
[2009.02.24 02:21:55 | 000,000,000 | ---D | M] -- C:\Book
[2009.07.02 15:11:13 | 000,000,000 | -HSD | M] -- C:\Boot
[2013.02.18 16:30:49 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.05.11 09:45:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.05.11 09:58:18 | 000,000,000 | ---D | M] -- C:\Elements
[2011.01.06 00:25:42 | 000,000,000 | ---D | M] -- C:\extensions
[2010.06.05 13:20:15 | 000,000,000 | ---D | M] -- C:\found.000
[2010.10.18 15:47:43 | 000,000,000 | ---D | M] -- C:\found.001
[2013.02.10 12:24:24 | 000,000,000 | -HSD | M] -- C:\found.002
[2013.01.23 16:00:59 | 000,000,000 | -HSD | M] -- C:\found.003
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.19 08:23:27 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.19 08:23:29 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.05.11 09:45:46 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.01.03 20:34:02 | 000,000,000 | ---D | M] -- C:\sj666
[2013.02.19 13:19:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.09.24 19:19:46 | 000,000,000 | ---D | M] -- C:\Torrent_DVD
[2010.10.22 19:10:55 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.19 12:16:08 | 000,000,000 | ---D | M] -- C:\Windows
[2013.02.18 17:45:35 | 000,000,000 | ---D | M] -- C:\_OTL
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,606 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.11.28 10:00:29 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.11.28 10:00:30 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.28 23:09:26 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.27 19:29:00 | 000,000,366 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateXML_Trixi.job
[2013.01.27 19:29:01 | 000,000,370 | ---- | C] () -- C:\Windows\Tasks\ReclaimerUpdateFiles_Trixi.job
[2013.01.27 19:29:02 | 000,000,376 | ---- | C] () -- C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Trixi.job
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2010.01.18 12:36:46 | 002,583,110 | ---- | M] () -- C:\Users\Trixi\DSCN0205.JPG
[2010.01.18 12:37:02 | 002,753,223 | ---- | M] () -- C:\Users\Trixi\DSCN0208.JPG
[2010.01.18 12:37:14 | 002,846,489 | ---- | M] () -- C:\Users\Trixi\DSCN0235.JPG
[2010.01.18 12:37:27 | 002,805,455 | ---- | M] () -- C:\Users\Trixi\DSCN0238.JPG
[2013.02.19 13:16:59 | 004,980,736 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat
[2013.02.19 13:16:59 | 000,262,144 | -H-- | M] () -- C:\Users\Trixi\ntuser.dat.LOG1
[2009.06.28 10:59:05 | 000,262,144 | -H-- | M] () -- C:\Users\Trixi\ntuser.dat.LOG2
[2009.06.28 10:59:05 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
[2009.06.28 10:59:05 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.1.regtrans-ms
[2009.06.28 10:59:06 | 001,048,576 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.2.regtrans-ms
[2009.06.28 10:59:05 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.blf
[2010.06.16 22:43:15 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.16 22:43:15 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.05.11 10:33:03 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2013.02.19 08:38:00 | 000,065,536 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TM.blf
[2013.02.19 08:38:00 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010.06.18 09:42:47 | 000,524,288 | -HS- | M] () -- C:\Users\Trixi\ntuser.dat{d969dfba-7ab4-11df-849a-000000000000}.TMContainer00000000000000000002.regtrans-ms
[2009.05.11 09:49:34 | 000,000,020 | -HS- | M] () -- C:\Users\Trixi\ntuser.ini
[2010.10.09 08:17:06 | 000,016,384 | ---- | M] () -- C:\Users\Trixi\Sicherung.BJF
[2010.09.01 19:27:29 | 000,027,136 | -HS- | M] () -- C:\Users\Trixi\Thumbs.db
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---
__________________

Alt 19.02.2013, 17:26   #4
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Hi,
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O4 - Startup: C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\E-Mail - Verknüpfung.lnk =  File not found
O4 - HKLM..\Run: []  File not found
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 18:57   #5
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



All processes killed
========== OTL ==========
C:\Users\Trixi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\E-Mail - Verknüpfung.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Trixi
->Temp folder emptied: 2211913 bytes
->Temporary Internet Files folder emptied: 754066 bytes
->Java cache emptied: 39510957 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 10220223 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 132511 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 50,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02192013_185239

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 19.02.2013, 18:58   #6
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Windows Hostprozess wurde geschlossen

Alt 19.02.2013, 19:12   #7
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Hi

habe alles gemacht aber bitte wie kann ich ein logfile speichern

Alt 19.02.2013, 19:42   #8
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



wo das log gespeichert ist, steht in der Anleitung.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 20:07   #9
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Hi,ich hoffe das ist das was du brauchst



19:56:21.0861 1528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:56:22.0161 1528 ============================================================
19:56:22.0161 1528 Current date / time: 2013/02/19 19:56:22.0161
19:56:22.0161 1528 SystemInfo:
19:56:22.0161 1528
19:56:22.0161 1528 OS Version: 6.0.6002 ServicePack: 2.0
19:56:22.0161 1528 Product type: Workstation
19:56:22.0161 1528 ComputerName: TRIXI-PC
19:56:22.0162 1528 UserName: Trixi
19:56:22.0162 1528 Windows directory: C:\Windows
19:56:22.0162 1528 System windows directory: C:\Windows
19:56:22.0162 1528 Processor architecture: Intel x86
19:56:22.0162 1528 Number of processors: 2
19:56:22.0162 1528 Page size: 0x1000
19:56:22.0162 1528 Boot type: Normal boot
19:56:22.0162 1528 ============================================================
19:56:24.0054 1528 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:56:24.0063 1528 ============================================================
19:56:24.0063 1528 \Device\Harddisk0\DR0:
19:56:24.0063 1528 MBR partitions:
19:56:24.0063 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0xDF21800
19:56:24.0063 1528 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2AA000, BlocksNum 0xDF1B000
19:56:24.0063 1528 ============================================================
19:56:24.0106 1528 C: <-> \Device\Harddisk0\DR0\Partition1
19:56:24.0218 1528 D: <-> \Device\Harddisk0\DR0\Partition2
19:56:24.0218 1528 ============================================================
19:56:24.0218 1528 Initialize success
19:56:24.0218 1528 ============================================================
19:56:32.0039 3784 ============================================================
19:56:32.0039 3784 Scan started
19:56:32.0039 3784 Mode: Manual; SigCheck; TDLFS;
19:56:32.0039 3784 ============================================================
19:56:32.0598 3784 ================ Scan system memory ========================
19:56:32.0598 3784 System memory - ok
19:56:32.0599 3784 ================ Scan services =============================
19:56:33.0144 3784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:56:33.0366 3784 ACPI - ok
19:56:33.0428 3784 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:33.0446 3784 AdobeFlashPlayerUpdateSvc - ok
19:56:33.0496 3784 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:33.0536 3784 adp94xx - ok
19:56:33.0587 3784 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:33.0608 3784 adpahci - ok
19:56:33.0626 3784 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:56:33.0643 3784 adpu160m - ok
19:56:33.0657 3784 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:33.0675 3784 adpu320 - ok
19:56:33.0738 3784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:33.0986 3784 AeLookupSvc - ok
19:56:34.0028 3784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:56:34.0079 3784 AFD - ok
19:56:34.0136 3784 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:34.0158 3784 agp440 - ok
19:56:34.0206 3784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:56:34.0240 3784 aic78xx - ok
19:56:34.0262 3784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:56:34.0393 3784 ALG - ok
19:56:34.0410 3784 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:34.0430 3784 aliide - ok
19:56:34.0463 3784 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:56:34.0484 3784 amdagp - ok
19:56:34.0492 3784 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:34.0513 3784 amdide - ok
19:56:34.0546 3784 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:56:34.0605 3784 AmdK7 - ok
19:56:34.0612 3784 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:34.0656 3784 AmdK8 - ok
19:56:34.0691 3784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:34.0743 3784 Appinfo - ok
19:56:34.0785 3784 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:56:34.0801 3784 arc - ok
19:56:34.0834 3784 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:34.0850 3784 arcsas - ok
19:56:34.0874 3784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:34.0919 3784 AsyncMac - ok
19:56:34.0945 3784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:34.0961 3784 atapi - ok
19:56:35.0014 3784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:35.0043 3784 AudioEndpointBuilder - ok
19:56:35.0059 3784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:56:35.0084 3784 Audiosrv - ok
19:56:35.0146 3784 [ AA6B367CA7DA571DFC3374EC137D87A5 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:56:35.0209 3784 b57nd60x - ok
19:56:35.0335 3784 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:56:35.0365 3784 BBSvc - ok
19:56:35.0415 3784 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:56:35.0448 3784 BBUpdate - ok
19:56:35.0483 3784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:35.0527 3784 Beep - ok
19:56:35.0575 3784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:56:35.0655 3784 BFE - ok
19:56:35.0776 3784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:56:35.0847 3784 BITS - ok
19:56:35.0874 3784 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:35.0931 3784 blbdrive - ok
19:56:35.0958 3784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:35.0980 3784 bowser - ok
19:56:36.0010 3784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:56:36.0042 3784 BrFiltLo - ok
19:56:36.0065 3784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:56:36.0105 3784 BrFiltUp - ok
19:56:36.0131 3784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:56:36.0197 3784 Browser - ok
19:56:36.0216 3784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:56:36.0450 3784 Brserid - ok
19:56:36.0472 3784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:56:36.0552 3784 BrSerWdm - ok
19:56:36.0576 3784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:56:36.0661 3784 BrUsbMdm - ok
19:56:36.0667 3784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:56:36.0742 3784 BrUsbSer - ok
19:56:36.0782 3784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:56:36.0843 3784 BTHMODEM - ok
19:56:36.0869 3784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:36.0906 3784 cdfs - ok
19:56:36.0946 3784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:36.0969 3784 cdrom - ok
19:56:36.0998 3784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:37.0046 3784 CertPropSvc - ok
19:56:37.0070 3784 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:56:37.0119 3784 circlass - ok
19:56:37.0154 3784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:56:37.0176 3784 CLFS - ok
19:56:37.0243 3784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:37.0258 3784 clr_optimization_v2.0.50727_32 - ok
19:56:37.0338 3784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:37.0380 3784 clr_optimization_v4.0.30319_32 - ok
19:56:37.0399 3784 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:37.0435 3784 CmBatt - ok
19:56:37.0464 3784 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:37.0485 3784 cmdide - ok
19:56:37.0523 3784 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:37.0545 3784 Compbatt - ok
19:56:37.0561 3784 COMSysApp - ok
19:56:37.0573 3784 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:56:37.0594 3784 crcdisk - ok
19:56:37.0615 3784 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:56:37.0669 3784 Crusoe - ok
19:56:37.0704 3784 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:37.0755 3784 CryptSvc - ok
19:56:37.0836 3784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:37.0928 3784 DcomLaunch - ok
19:56:37.0955 3784 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:37.0978 3784 DfsC - ok
19:56:38.0062 3784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:56:38.0237 3784 DFSR - ok
19:56:38.0295 3784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:56:38.0327 3784 Dhcp - ok
19:56:38.0375 3784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:56:38.0403 3784 disk - ok
19:56:38.0438 3784 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
19:56:38.0455 3784 DKbFltr - ok
19:56:38.0499 3784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:38.0532 3784 Dnscache - ok
19:56:38.0568 3784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:38.0601 3784 dot3svc - ok
19:56:38.0662 3784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:56:38.0721 3784 DPS - ok
19:56:38.0737 3784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:38.0775 3784 drmkaud - ok
19:56:38.0865 3784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:38.0909 3784 DXGKrnl - ok
19:56:38.0971 3784 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:56:39.0024 3784 E1G60 - ok
19:56:39.0072 3784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:39.0112 3784 EapHost - ok
19:56:39.0173 3784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:56:39.0195 3784 Ecache - ok
19:56:39.0295 3784 [ 668DCA122FFC7F10BECA6055E15FFABD ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
19:56:39.0323 3784 eDataSecurity Service - ok
19:56:39.0415 3784 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:39.0455 3784 ehRecvr - ok
19:56:39.0469 3784 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:56:39.0528 3784 ehSched - ok
19:56:39.0548 3784 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:56:39.0572 3784 ehstart - ok
19:56:39.0614 3784 [ E28516FED46251119ADDAF4CF33BA401 ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
19:56:39.0663 3784 eLockService ( UnsignedFile.Multi.Generic ) - warning
19:56:39.0664 3784 eLockService - detected UnsignedFile.Multi.Generic (1)
19:56:39.0786 3784 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:56:39.0821 3784 elxstor - ok
19:56:39.0897 3784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:56:39.0996 3784 EMDMgmt - ok
19:56:40.0051 3784 [ 44E8E86CEEB0D9F0F934B5EDC21E0444 ] eNet Service C:\Acer\Empowering Technology\eNet\eNet Service.exe
19:56:40.0159 3784 eNet Service ( UnsignedFile.Multi.Generic ) - warning
19:56:40.0159 3784 eNet Service - detected UnsignedFile.Multi.Generic (1)
19:56:40.0182 3784 [ 59FCCAF915BA89DD98CADF08DA91AFEE ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
19:56:40.0231 3784 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
19:56:40.0231 3784 eRecoveryService - detected UnsignedFile.Multi.Generic (1)
19:56:40.0253 3784 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:40.0293 3784 ErrDev - ok
19:56:40.0332 3784 [ A9745687A57CDD71237915859ABA8DAC ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
19:56:40.0353 3784 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
19:56:40.0353 3784 eSettingsService - detected UnsignedFile.Multi.Generic (1)
19:56:40.0388 3784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:56:40.0412 3784 EventSystem - ok
19:56:40.0499 3784 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:56:40.0602 3784 EvtEng ( UnsignedFile.Multi.Generic ) - warning
19:56:40.0602 3784 EvtEng - detected UnsignedFile.Multi.Generic (1)
19:56:40.0631 3784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:40.0687 3784 exfat - ok
19:56:40.0766 3784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:40.0811 3784 fastfat - ok
19:56:40.0843 3784 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:40.0899 3784 fdc - ok
19:56:40.0918 3784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:40.0959 3784 fdPHost - ok
19:56:40.0975 3784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:41.0058 3784 FDResPub - ok
19:56:41.0078 3784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:41.0099 3784 FileInfo - ok
19:56:41.0110 3784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:41.0157 3784 Filetrace - ok
19:56:41.0176 3784 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:41.0231 3784 flpydisk - ok
19:56:41.0257 3784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:41.0285 3784 FltMgr - ok
19:56:41.0366 3784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:56:41.0460 3784 FontCache - ok
19:56:41.0583 3784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:56:41.0618 3784 FontCache3.0.0.0 - ok
19:56:41.0664 3784 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
19:56:41.0690 3784 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
19:56:41.0690 3784 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
19:56:41.0754 3784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:41.0809 3784 Fs_Rec - ok
19:56:41.0843 3784 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:56:41.0875 3784 gagp30kx - ok
19:56:41.0957 3784 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:56:41.0986 3784 GoogleDesktopManager-051210-111108 - ok
19:56:42.0050 3784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:42.0163 3784 gpsvc - ok
19:56:42.0209 3784 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca700772851a00 C:\Program Files\Google\Update\GoogleUpdate.exe
19:56:42.0237 3784 gupdate1ca700772851a00 - ok
19:56:42.0275 3784 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:56:42.0286 3784 gupdatem - ok
19:56:42.0344 3784 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:42.0361 3784 gusvc - ok
19:56:42.0402 3784 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:42.0466 3784 HdAudAddService - ok
19:56:42.0533 3784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:42.0618 3784 HDAudBus - ok
19:56:42.0632 3784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:56:42.0680 3784 HidBth - ok
19:56:42.0691 3784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:56:42.0739 3784 HidIr - ok
19:56:42.0768 3784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:56:42.0801 3784 hidserv - ok
19:56:42.0828 3784 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:42.0863 3784 HidUsb - ok
19:56:42.0881 3784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:42.0923 3784 hkmsvc - ok
19:56:42.0939 3784 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:56:42.0969 3784 HpCISSs - ok
19:56:43.0053 3784 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:56:43.0067 3784 hpqcxs08 - ok
19:56:43.0104 3784 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:56:43.0242 3784 hpqddsvc - ok
19:56:43.0291 3784 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
19:56:43.0336 3784 HPSLPSVC - ok
19:56:43.0386 3784 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:56:43.0417 3784 HSFHWAZL - ok
19:56:43.0480 3784 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:56:43.0628 3784 HSF_DPV - ok
19:56:43.0660 3784 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:56:43.0689 3784 HSXHWAZL - ok
19:56:43.0760 3784 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:43.0841 3784 HTTP - ok
19:56:43.0868 3784 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:56:43.0882 3784 i2omp - ok
19:56:43.0921 3784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:43.0968 3784 i8042prt - ok
19:56:44.0145 3784 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:56:44.0203 3784 IAANTMON - ok
19:56:44.0241 3784 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:56:44.0259 3784 iaStor - ok
19:56:44.0282 3784 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:56:44.0302 3784 iaStorV - ok
19:56:44.0367 3784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:56:44.0456 3784 idsvc - ok
19:56:44.0611 3784 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:56:44.0842 3784 igfx - ok
19:56:44.0857 3784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:56:44.0877 3784 iirsp - ok
19:56:44.0953 3784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:45.0030 3784 IKEEXT - ok
19:56:45.0066 3784 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
19:56:45.0082 3784 int15 - ok
19:56:45.0218 3784 [ B795745F7E51AA20D46753EC5A811ACA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:56:45.0336 3784 IntcAzAudAddService - ok
19:56:45.0354 3784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:45.0383 3784 intelide - ok
19:56:45.0419 3784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:45.0505 3784 intelppm - ok
19:56:45.0545 3784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:45.0625 3784 IPBusEnum - ok
19:56:45.0640 3784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:45.0683 3784 IpFilterDriver - ok
19:56:45.0729 3784 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:45.0774 3784 iphlpsvc - ok
19:56:45.0779 3784 IpInIp - ok
19:56:45.0800 3784 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:56:45.0841 3784 IPMIDRV - ok
19:56:45.0862 3784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:56:45.0890 3784 IPNAT - ok
19:56:45.0939 3784 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:56:45.0981 3784 irda - ok
19:56:46.0000 3784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:46.0042 3784 IRENUM - ok
19:56:46.0061 3784 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
19:56:46.0126 3784 Irmon - ok
19:56:46.0140 3784 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:46.0166 3784 isapnp - ok
19:56:46.0200 3784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:46.0217 3784 iScsiPrt - ok
19:56:46.0228 3784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:56:46.0242 3784 iteatapi - ok
19:56:46.0277 3784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:56:46.0289 3784 iteraid - ok
19:56:46.0297 3784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:46.0310 3784 kbdclass - ok
19:56:46.0332 3784 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:46.0362 3784 kbdhid - ok
19:56:46.0383 3784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:56:46.0417 3784 KeyIso - ok
19:56:46.0463 3784 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:56:46.0488 3784 KMWDFILTER - ok
19:56:46.0563 3784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:46.0598 3784 KSecDD - ok
19:56:46.0656 3784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:46.0695 3784 KtmRm - ok
19:56:46.0734 3784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:46.0768 3784 LanmanServer - ok
19:56:46.0792 3784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:46.0829 3784 LanmanWorkstation - ok
19:56:46.0901 3784 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:56:46.0913 3784 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:56:46.0913 3784 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:56:46.0942 3784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:46.0978 3784 lltdio - ok
19:56:47.0007 3784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:47.0052 3784 lltdsvc - ok
19:56:47.0071 3784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:47.0133 3784 lmhosts - ok
19:56:47.0157 3784 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:56:47.0173 3784 LSI_FC - ok
19:56:47.0194 3784 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:56:47.0209 3784 LSI_SAS - ok
19:56:47.0227 3784 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:56:47.0243 3784 LSI_SCSI - ok
19:56:47.0257 3784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:47.0309 3784 luafv - ok
19:56:47.0356 3784 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:56:47.0369 3784 MBAMProtector - ok
19:56:47.0448 3784 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:56:47.0478 3784 MBAMScheduler - ok
19:56:47.0523 3784 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:56:47.0572 3784 MBAMService - ok
19:56:47.0608 3784 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:47.0633 3784 Mcx2Svc - ok
19:56:47.0674 3784 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:56:47.0708 3784 mdmxsdk - ok
19:56:47.0729 3784 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:56:47.0746 3784 megasas - ok
19:56:47.0797 3784 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:56:47.0829 3784 MegaSR - ok
19:56:47.0857 3784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:56:47.0902 3784 MMCSS - ok
19:56:47.0919 3784 MobilityService - ok
19:56:47.0927 3784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:56:47.0965 3784 Modem - ok
19:56:47.0975 3784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:48.0003 3784 monitor - ok
19:56:48.0016 3784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:48.0030 3784 mouclass - ok
19:56:48.0041 3784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:48.0074 3784 mouhid - ok
19:56:48.0093 3784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:56:48.0121 3784 MountMgr - ok
19:56:48.0158 3784 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:56:48.0180 3784 MpFilter - ok
19:56:48.0198 3784 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:48.0214 3784 mpio - ok
19:56:48.0356 3784 [ A69630D039C38018689190234F866D77 ] MpKsl41705bc3 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AC49364-DA7A-4DC7-95BA-1E0A7EDDFC40}\MpKsl41705bc3.sys
19:56:48.0369 3784 MpKsl41705bc3 - ok
19:56:48.0403 3784 [ A69630D039C38018689190234F866D77 ] MpKslfa646321 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AC49364-DA7A-4DC7-95BA-1E0A7EDDFC40}\MpKslfa646321.sys
19:56:48.0438 3784 MpKslfa646321 - ok
19:56:48.0463 3784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:48.0535 3784 mpsdrv - ok
19:56:48.0631 3784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:48.0682 3784 MpsSvc - ok
19:56:48.0704 3784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:56:48.0740 3784 Mraid35x - ok
19:56:48.0772 3784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:48.0797 3784 MRxDAV - ok
19:56:48.0828 3784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:48.0947 3784 mrxsmb - ok
19:56:48.0984 3784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:49.0021 3784 mrxsmb10 - ok
19:56:49.0051 3784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:49.0089 3784 mrxsmb20 - ok
19:56:49.0116 3784 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:49.0137 3784 msahci - ok
19:56:49.0157 3784 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:49.0192 3784 msdsm - ok
19:56:49.0229 3784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:56:49.0273 3784 MSDTC - ok
19:56:49.0298 3784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:49.0347 3784 Msfs - ok
19:56:49.0364 3784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:49.0378 3784 msisadrv - ok
19:56:49.0403 3784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:49.0445 3784 MSiSCSI - ok
19:56:49.0449 3784 msiserver - ok
19:56:49.0468 3784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:49.0495 3784 MSKSSRV - ok
19:56:49.0567 3784 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:56:49.0583 3784 MsMpSvc - ok
19:56:49.0589 3784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:49.0630 3784 MSPCLOCK - ok
19:56:49.0640 3784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:49.0671 3784 MSPQM - ok
19:56:49.0698 3784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:49.0718 3784 MsRPC - ok
19:56:49.0761 3784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:49.0776 3784 mssmbios - ok
19:56:49.0794 3784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:49.0832 3784 MSTEE - ok
19:56:49.0846 3784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:49.0861 3784 Mup - ok
19:56:49.0889 3784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:56:49.0932 3784 napagent - ok
19:56:49.0979 3784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:50.0007 3784 NativeWifiP - ok
19:56:50.0067 3784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:50.0107 3784 NDIS - ok
19:56:50.0137 3784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:50.0175 3784 NdisTapi - ok
19:56:50.0193 3784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:50.0231 3784 Ndisuio - ok
19:56:50.0250 3784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:50.0289 3784 NdisWan - ok
19:56:50.0302 3784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:50.0339 3784 NDProxy - ok
19:56:50.0398 3784 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:56:50.0418 3784 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:56:50.0418 3784 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:56:50.0431 3784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:50.0474 3784 NetBIOS - ok
19:56:50.0527 3784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:56:50.0564 3784 netbt - ok
19:56:50.0577 3784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:56:50.0593 3784 Netlogon - ok
19:56:50.0623 3784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:56:50.0673 3784 Netman - ok
19:56:50.0691 3784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:56:50.0731 3784 netprofm - ok
19:56:50.0758 3784 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:50.0774 3784 NetTcpPortSharing - ok
19:56:51.0089 3784 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
19:56:51.0411 3784 NETw3v32 - ok
19:56:51.0776 3784 [ 38D720E0C8B0ECB9A019980265679798 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
19:56:53.0366 3784 NETw4v32 - ok
19:56:55.0072 3784 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
19:56:57.0391 3784 NETw5v32 - ok
19:56:57.0485 3784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:56:57.0515 3784 nfrd960 - ok
19:56:57.0568 3784 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:56:57.0615 3784 NisDrv - ok
19:56:57.0669 3784 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:56:57.0718 3784 NisSrv - ok
19:56:57.0748 3784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:57.0817 3784 NlaSvc - ok
19:56:57.0856 3784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:57.0915 3784 Npfs - ok
19:56:57.0941 3784 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
19:56:58.0002 3784 NSCIRDA - ok
19:56:58.0020 3784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:56:58.0077 3784 nsi - ok
19:56:58.0102 3784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:58.0145 3784 nsiproxy - ok
19:56:58.0201 3784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:58.0269 3784 Ntfs - ok
19:56:58.0302 3784 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
19:56:58.0322 3784 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
19:56:58.0322 3784 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
19:56:58.0344 3784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:56:58.0408 3784 ntrigdigi - ok
19:56:58.0413 3784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:56:58.0440 3784 Null - ok
19:56:58.0457 3784 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:58.0474 3784 nvraid - ok
19:56:58.0488 3784 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:58.0501 3784 nvstor - ok
19:56:58.0537 3784 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:58.0553 3784 nv_agp - ok
19:56:58.0557 3784 NwlnkFlt - ok
19:56:58.0562 3784 NwlnkFwd - ok
19:56:58.0593 3784 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:56:58.0628 3784 ohci1394 - ok
19:56:58.0710 3784 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:58.0723 3784 ose - ok
19:56:58.0779 3784 [ 4CDADEC3DC1300EE1D313EA5494E6472 ] ovt519 C:\Windows\system32\Drivers\ov519vid.sys
19:56:58.0808 3784 ovt519 ( UnsignedFile.Multi.Generic ) - warning
19:56:58.0808 3784 ovt519 - detected UnsignedFile.Multi.Generic (1)
19:56:58.0897 3784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:56:58.0987 3784 p2pimsvc - ok
19:56:59.0003 3784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:59.0042 3784 p2psvc - ok
19:56:59.0084 3784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:56:59.0193 3784 Parport - ok
19:56:59.0225 3784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:59.0247 3784 partmgr - ok
19:56:59.0254 3784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:56:59.0324 3784 Parvdm - ok
19:56:59.0366 3784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:59.0404 3784 PcaSvc - ok
19:56:59.0443 3784 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:56:59.0493 3784 pccsmcfd - ok
19:56:59.0560 3784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:56:59.0586 3784 pci - ok
19:56:59.0604 3784 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:59.0624 3784 pciide - ok
19:56:59.0664 3784 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:56:59.0691 3784 pcmcia - ok
19:56:59.0749 3784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:59.0887 3784 PEAUTH - ok
19:56:59.0986 3784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:57:00.0113 3784 pla - ok
19:57:00.0167 3784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:57:00.0227 3784 PlugPlay - ok
19:57:00.0245 3784 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:57:00.0266 3784 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:57:00.0266 3784 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:57:00.0304 3784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:57:00.0344 3784 PNRPAutoReg - ok
19:57:00.0382 3784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:57:00.0433 3784 PNRPsvc - ok
19:57:00.0479 3784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:57:00.0526 3784 PolicyAgent - ok
19:57:00.0557 3784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:57:00.0607 3784 PptpMiniport - ok
19:57:00.0639 3784 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:57:00.0687 3784 Processor - ok
19:57:00.0761 3784 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:57:00.0814 3784 ProfSvc - ok
19:57:00.0836 3784 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:57:00.0858 3784 ProtectedStorage - ok
19:57:00.0896 3784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:57:00.0930 3784 PSched - ok
19:57:00.0985 3784 [ 18DE162F9B83079C24CD96F59292F5ED ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
19:57:01.0003 3784 PSDFilter - ok
19:57:01.0028 3784 [ BC1457A28E76AB3106D43802AC22A627 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
19:57:01.0043 3784 PSDNServ - ok
19:57:01.0072 3784 [ AC151E5B0943304E368C98EC78B5FC4F ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
19:57:01.0088 3784 psdvdisk - ok
19:57:01.0233 3784 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:57:01.0355 3784 ql2300 - ok
19:57:01.0383 3784 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:57:01.0415 3784 ql40xx - ok
19:57:01.0445 3784 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:57:01.0488 3784 QWAVE - ok
19:57:01.0537 3784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:57:01.0560 3784 QWAVEdrv - ok
19:57:01.0571 3784 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:57:01.0607 3784 RasAcd - ok
19:57:01.0622 3784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:57:01.0662 3784 RasAuto - ok
19:57:01.0675 3784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:57:01.0706 3784 Rasl2tp - ok
19:57:01.0746 3784 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:57:01.0777 3784 RasMan - ok
19:57:01.0802 3784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:57:01.0841 3784 RasPppoe - ok
19:57:01.0867 3784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:57:01.0884 3784 RasSstp - ok
19:57:01.0914 3784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:57:01.0950 3784 rdbss - ok
19:57:01.0969 3784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:57:02.0005 3784 RDPCDD - ok
19:57:02.0042 3784 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:57:02.0074 3784 rdpdr - ok
19:57:02.0079 3784 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:57:02.0119 3784 RDPENCDD - ok
19:57:02.0158 3784 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:57:02.0207 3784 RDPWD - ok
19:57:02.0299 3784 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:57:02.0461 3784 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
19:57:02.0461 3784 RegSrvc - detected UnsignedFile.Multi.Generic (1)
19:57:02.0503 3784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:57:02.0532 3784 RemoteAccess - ok
19:57:02.0562 3784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:57:02.0598 3784 RemoteRegistry - ok
19:57:02.0626 3784 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:57:02.0672 3784 RpcLocator - ok
19:57:02.0720 3784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:57:02.0751 3784 RpcSs - ok
19:57:02.0775 3784 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:57:02.0808 3784 rspndr - ok
19:57:02.0828 3784 RTL8187B - ok
19:57:02.0849 3784 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:57:02.0865 3784 SamSs - ok
19:57:02.0875 3784 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:57:02.0890 3784 sbp2port - ok
19:57:02.0919 3784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:57:02.0960 3784 SCardSvr - ok
19:57:03.0010 3784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:57:03.0100 3784 Schedule - ok
19:57:03.0122 3784 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:57:03.0149 3784 SCPolicySvc - ok
19:57:03.0191 3784 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:57:03.0238 3784 sdbus - ok
19:57:03.0258 3784 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:57:03.0311 3784 SDRSVC - ok
19:57:03.0357 3784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:57:03.0436 3784 secdrv - ok
19:57:03.0451 3784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:57:03.0506 3784 seclogon - ok
19:57:03.0534 3784 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:57:03.0585 3784 SENS - ok
19:57:03.0607 3784 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:57:03.0667 3784 Serenum - ok
19:57:03.0699 3784 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:57:03.0746 3784 Serial - ok
19:57:03.0751 3784 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:57:03.0778 3784 sermouse - ok
19:57:03.0843 3784 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:57:03.0875 3784 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:57:03.0875 3784 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:57:03.0929 3784 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:57:03.0964 3784 SessionEnv - ok
19:57:03.0986 3784 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:57:04.0015 3784 sffdisk - ok
19:57:04.0020 3784 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:57:04.0049 3784 sffp_mmc - ok
19:57:04.0065 3784 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:57:04.0087 3784 sffp_sd - ok
19:57:04.0110 3784 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:57:04.0148 3784 sfloppy - ok
19:57:04.0181 3784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:57:04.0222 3784 SharedAccess - ok
19:57:04.0251 3784 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:57:04.0295 3784 ShellHWDetection - ok
19:57:04.0318 3784 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:57:04.0333 3784 sisagp - ok
19:57:04.0351 3784 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:57:04.0382 3784 SiSRaid2 - ok
19:57:04.0394 3784 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:57:04.0411 3784 SiSRaid4 - ok
19:57:04.0457 3784 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:57:04.0472 3784 SkypeUpdate - ok
19:57:04.0641 3784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:57:04.0928 3784 slsvc - ok
19:57:04.0975 3784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:57:05.0025 3784 SLUINotify - ok
19:57:05.0055 3784 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:57:05.0089 3784 Smb - ok
19:57:05.0133 3784 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:57:05.0167 3784 SNMPTRAP - ok
19:57:05.0190 3784 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:57:05.0210 3784 spldr - ok
19:57:05.0240 3784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:57:05.0295 3784 Spooler - ok
19:57:05.0332 3784 [ D2F4F32B59440011174B4F8137AF4E0C ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:57:05.0352 3784 SQLWriter - ok
19:57:05.0385 3784 [ 4FEE5EDF7DB4FF93F542062AC6FECB0C ] SQTECH905C C:\Windows\system32\Drivers\Capt905c.sys
19:57:05.0439 3784 SQTECH905C ( UnsignedFile.Multi.Generic ) - warning
19:57:05.0439 3784 SQTECH905C - detected UnsignedFile.Multi.Generic (1)
19:57:05.0476 3784 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:57:05.0527 3784 srv - ok
19:57:05.0579 3784 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:57:05.0624 3784 srv2 - ok
19:57:05.0654 3784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:57:05.0689 3784 srvnet - ok
19:57:05.0740 3784 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:57:05.0834 3784 SSDPSRV - ok
19:57:05.0856 3784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:57:05.0911 3784 SstpSvc - ok
19:57:05.0966 3784 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:57:06.0020 3784 StillCam - ok
19:57:06.0073 3784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:57:06.0160 3784 stisvc - ok
19:57:06.0195 3784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:57:06.0226 3784 swenum - ok
19:57:06.0278 3784 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:57:06.0349 3784 swprv - ok
19:57:06.0376 3784 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:57:06.0415 3784 Symc8xx - ok
19:57:06.0439 3784 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:57:06.0469 3784 Sym_hi - ok
19:57:06.0496 3784 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:57:06.0526 3784 Sym_u3 - ok
19:57:06.0565 3784 [ C5F25D490D0915732508FD421BF76D93 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:57:06.0595 3784 SynTP - ok
19:57:06.0674 3784 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:57:06.0774 3784 SysMain - ok
19:57:06.0811 3784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:57:06.0851 3784 TabletInputService - ok
19:57:06.0899 3784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:57:06.0959 3784 TapiSrv - ok
19:57:06.0999 3784 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:57:07.0076 3784 TBS - ok
19:57:07.0136 3784 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:57:07.0221 3784 Tcpip - ok
19:57:07.0262 3784 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:57:07.0352 3784 Tcpip6 - ok
19:57:07.0396 3784 [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:57:07.0464 3784 tcpipreg - ok
19:57:07.0506 3784 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:57:07.0576 3784 TDPIPE - ok
19:57:07.0599 3784 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:57:07.0652 3784 TDTCP - ok
19:57:07.0681 3784 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:57:07.0704 3784 tdx - ok
19:57:07.0721 3784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:57:07.0737 3784 TermDD - ok
19:57:07.0774 3784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:57:07.0816 3784 TermService - ok
19:57:07.0857 3784 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:57:07.0875 3784 Themes - ok
19:57:07.0895 3784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:57:07.0923 3784 THREADORDER - ok
19:57:07.0967 3784 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
19:57:08.0002 3784 tifm21 - ok
19:57:08.0026 3784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:57:08.0056 3784 TrkWks - ok
19:57:08.0105 3784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:57:08.0137 3784 TrustedInstaller - ok
19:57:08.0172 3784 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:57:08.0200 3784 tssecsrv - ok
19:57:08.0468 3784 [ FC740E4FF236B72CA59B8F762D30C7F3 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
19:57:08.0595 3784 TuneUp.UtilitiesSvc - ok
19:57:08.0641 3784 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
19:57:08.0656 3784 TuneUpUtilitiesDrv - ok
19:57:08.0671 3784 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:57:08.0707 3784 tunmp - ok
19:57:08.0762 3784 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:57:08.0783 3784 tunnel - ok
19:57:08.0809 3784 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:57:08.0831 3784 uagp35 - ok
19:57:08.0870 3784 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:57:08.0926 3784 udfs - ok
19:57:08.0959 3784 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:57:08.0987 3784 UI0Detect - ok
19:57:09.0001 3784 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:57:09.0015 3784 uliagpkx - ok
19:57:09.0029 3784 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:57:09.0049 3784 uliahci - ok
19:57:09.0055 3784 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:57:09.0071 3784 UlSata - ok
19:57:09.0084 3784 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:57:09.0099 3784 ulsata2 - ok
19:57:09.0118 3784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:57:09.0147 3784 umbus - ok
19:57:09.0167 3784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:57:09.0213 3784 upnphost - ok
19:57:09.0231 3784 upperdev - ok
19:57:09.0265 3784 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:57:09.0295 3784 usbaudio - ok
19:57:09.0319 3784 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:57:09.0342 3784 usbccgp - ok
19:57:09.0354 3784 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:57:09.0404 3784 usbcir - ok
19:57:09.0433 3784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:57:09.0471 3784 usbehci - ok
19:57:09.0520 3784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:57:09.0552 3784 usbhub - ok
19:57:09.0574 3784 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:57:09.0635 3784 usbohci - ok
19:57:09.0651 3784 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:57:09.0697 3784 usbprint - ok
19:57:09.0740 3784 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:57:09.0773 3784 usbscan - ok
19:57:09.0803 3784 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:57:09.0843 3784 USBSTOR - ok
19:57:09.0855 3784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:57:09.0889 3784 usbuhci - ok
19:57:09.0916 3784 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:57:09.0960 3784 usbvideo - ok
19:57:09.0986 3784 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:57:10.0010 3784 UxSms - ok
19:57:10.0056 3784 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:57:10.0110 3784 vds - ok
19:57:10.0148 3784 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:57:10.0211 3784 vga - ok
19:57:10.0223 3784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:57:10.0255 3784 VgaSave - ok
19:57:10.0274 3784 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:57:10.0289 3784 viaagp - ok
19:57:10.0320 3784 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:57:10.0347 3784 ViaC7 - ok
19:57:10.0359 3784 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:57:10.0373 3784 viaide - ok
19:57:10.0387 3784 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:57:10.0402 3784 volmgr - ok
19:57:10.0457 3784 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:57:10.0479 3784 volmgrx - ok
19:57:10.0526 3784 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:57:10.0545 3784 volsnap - ok
19:57:10.0566 3784 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:57:10.0583 3784 vsmraid - ok
19:57:10.0669 3784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:57:10.0799 3784 VSS - ok
19:57:10.0832 3784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:57:10.0882 3784 W32Time - ok
19:57:10.0907 3784 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:57:10.0996 3784 WacomPen - ok
19:57:11.0015 3784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:57:11.0061 3784 Wanarp - ok
19:57:11.0067 3784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:57:11.0099 3784 Wanarpv6 - ok
19:57:11.0135 3784 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:57:11.0203 3784 wcncsvc - ok
19:57:11.0230 3784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:57:11.0265 3784 WcsPlugInService - ok
19:57:11.0285 3784 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:57:11.0313 3784 Wd - ok
19:57:11.0343 3784 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:57:11.0388 3784 Wdf01000 - ok
19:57:11.0410 3784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:57:11.0464 3784 WdiServiceHost - ok
19:57:11.0470 3784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:57:11.0514 3784 WdiSystemHost - ok
19:57:11.0554 3784 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:57:11.0594 3784 WebClient - ok
19:57:11.0626 3784 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:57:11.0681 3784 Wecsvc - ok
19:57:11.0713 3784 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:57:11.0762 3784 wercplsupport - ok
19:57:11.0802 3784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:57:11.0840 3784 WerSvc - ok
19:57:11.0891 3784 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:57:11.0952 3784 winachsf - ok
19:57:12.0067 3784 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:57:12.0098 3784 WinDefend - ok
19:57:12.0106 3784 WinHttpAutoProxySvc - ok
19:57:12.0245 3784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:57:12.0270 3784 Winmgmt - ok
19:57:12.0322 3784 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:57:12.0416 3784 WinRM - ok
19:57:12.0426 3784 wjyftn - ok
19:57:12.0483 3784 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:57:12.0541 3784 Wlansvc - ok
19:57:12.0621 3784 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:57:12.0869 3784 wlidsvc - ok
19:57:12.0902 3784 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:57:12.0950 3784 WmiAcpi - ok
19:57:13.0040 3784 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:57:13.0094 3784 wmiApSrv - ok
19:57:13.0177 3784 [ C8F8AAC50B5B0BF821AB7D7126056B30 ] WMIService C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
19:57:13.0232 3784 WMIService ( UnsignedFile.Multi.Generic ) - warning
19:57:13.0232 3784 WMIService - detected UnsignedFile.Multi.Generic (1)
19:57:13.0320 3784 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:57:13.0407 3784 WMPNetworkSvc - ok
19:57:13.0446 3784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:57:13.0506 3784 WPCSvc - ok
19:57:13.0535 3784 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:57:13.0595 3784 WPDBusEnum - ok
19:57:13.0627 3784 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:57:13.0649 3784 WpdUsb - ok
19:57:13.0791 3784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:57:13.0858 3784 WPFFontCache_v0400 - ok
19:57:13.0883 3784 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:57:13.0941 3784 ws2ifsl - ok
19:57:13.0965 3784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:57:13.0983 3784 wscsvc - ok
19:57:13.0988 3784 WSearch - ok
19:57:14.0074 3784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:57:14.0213 3784 wuauserv - ok
19:57:14.0237 3784 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:57:14.0263 3784 WudfPf - ok
19:57:14.0295 3784 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:57:14.0323 3784 WUDFRd - ok
19:57:14.0356 3784 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:57:14.0375 3784 wudfsvc - ok
19:57:14.0406 3784 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:57:14.0444 3784 XAudio - ok
19:57:14.0475 3784 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:57:14.0498 3784 XAudioService - ok
19:57:14.0549 3784 ================ Scan global ===============================
19:57:14.0572 3784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:57:14.0607 3784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:57:14.0630 3784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:57:14.0674 3784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:57:14.0685 3784 [Global] - ok
19:57:14.0686 3784 ================ Scan MBR ==================================
19:57:14.0701 3784 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
19:57:17.0543 3784 \Device\Harddisk0\DR0 - ok
19:57:17.0543 3784 ================ Scan VBR ==================================
19:57:17.0577 3784 [ 46CF572282B7731E1514CC2BBDF79A96 ] \Device\Harddisk0\DR0\Partition1
19:57:17.0612 3784 \Device\Harddisk0\DR0\Partition1 - ok
19:57:17.0634 3784 [ 1C50B896183ED336F3780A6BD56DA305 ] \Device\Harddisk0\DR0\Partition2
19:57:17.0659 3784 \Device\Harddisk0\DR0\Partition2 - ok
19:57:17.0659 3784 ============================================================
19:57:17.0659 3784 Scan finished
19:57:17.0660 3784 ============================================================
19:57:17.0673 3336 Detected object count: 15
19:57:17.0674 3336 Actual detected object count: 15
19:57:48.0059 3336 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0059 3336 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0064 3336 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0064 3336 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0068 3336 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0069 3336 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0074 3336 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0074 3336 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0078 3336 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0078 3336 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0083 3336 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0083 3336 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0087 3336 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0088 3336 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0088 3336 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0089 3336 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0093 3336 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0094 3336 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0098 3336 ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0098 3336 ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0102 3336 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0103 3336 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0108 3336 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0108 3336 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0113 3336 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0113 3336 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0114 3336 SQTECH905C ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0114 3336 SQTECH905C ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:48.0118 3336 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:48.0118 3336 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 19.02.2013, 20:09   #10
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



passt.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 20:59   #11
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-18.02 - Trixi 19.02.2013  20:47:21.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.43.1031.18.3061.1986 [GMT 1:00]
ausgeführt von:: c:\users\Trixi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-19 bis 2013-02-19  ))))))))))))))))))))))))))))))
.
.
2013-02-19 19:53 . 2013-02-19 19:53	--------	d-----w-	c:\users\Trixi\AppData\Local\temp
2013-02-19 19:53 . 2013-02-19 19:53	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-19 19:25 . 2013-02-19 19:25	29904	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D92465C8-D0CE-4396-9F80-FADA36E7257B}\MpKsl776acab3.sys
2013-02-19 19:13 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D92465C8-D0CE-4396-9F80-FADA36E7257B}\mpengine.dll
2013-02-19 07:23 . 2013-02-19 07:23	--------	d-----w-	c:\users\Trixi\AppData\Roaming\Malwarebytes
2013-02-19 07:23 . 2013-02-19 07:23	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-19 07:23 . 2013-02-19 07:23	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2013-02-19 07:23 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-18 16:45 . 2013-02-18 16:45	--------	d-----w-	C:\_OTL
2013-02-18 15:04 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-14 12:30 . 2012-10-23 05:04	740840	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4499B488-32AC-4BB5-A181-28576B5592A6}\gapaengine.dll
2013-02-13 16:27 . 2013-01-04 01:38	2048512	----a-w-	c:\windows\system32\win32k.sys
2013-02-13 16:27 . 2012-11-08 03:48	1314816	----a-w-	c:\windows\system32\quartz.dll
2013-02-13 16:27 . 2013-01-04 11:28	914792	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 16:27 . 2013-01-04 01:55	31232	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2013-02-13 16:27 . 2013-01-05 05:26	3550072	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 16:27 . 2013-01-05 05:26	3602808	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-02-09 13:24 . 2013-01-28 13:19	32032	----a-w-	c:\windows\system32\TURegOpt.exe
2013-02-09 13:24 . 2013-01-28 13:19	21792	----a-w-	c:\windows\system32\authuitu.dll
2013-02-09 13:23 . 2013-02-09 13:23	--------	d-----w-	c:\users\Trixi\AppData\Roaming\TuneUp Software
2013-02-09 13:23 . 2013-02-09 13:24	--------	d-----w-	c:\program files\TuneUp Utilities 2013
2013-02-09 13:22 . 2013-02-09 13:23	--------	d-----w-	c:\programdata\TuneUp Software
2013-02-09 13:21 . 2013-02-09 13:31	--------	d-sh--w-	c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-09 13:21 . 2013-02-09 13:21	--------	d--h--w-	c:\programdata\Common Files
2013-01-23 15:00 . 2013-01-23 15:00	--------	d-----w-	C:\found.003
2013-01-22 07:46 . 2013-01-22 07:46	--------	d-----w-	c:\program files\uTorrent
2013-01-21 07:27 . 2013-01-21 07:27	--------	d-----w-	c:\program files\Common Files\Java
2013-01-21 07:26 . 2013-01-21 07:26	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-01-21 07:26 . 2013-01-21 07:26	--------	d-----w-	c:\program files\Java
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 13:55 . 2012-09-28 22:09	74096	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-08 13:55 . 2012-09-28 22:09	697712	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-30 10:53 . 2009-10-03 06:10	232336	------w-	c:\windows\system32\MpSigStub.exe
2013-01-21 07:26 . 2010-06-21 11:43	473072	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-20 14:59 . 2013-01-20 14:59	195296	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2010-10-24 20:25	100328	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2012-12-16 13:12 . 2012-12-23 09:42	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-23 09:42	293376	----a-w-	c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}"= "c:\program files\BittorrentBar_DE\tbBitt.dll" [2010-12-09 3911776]
"{990af1c2-5a27-4460-8149-ecc6bc122af3}"= "c:\program files\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll" [2011-06-27 175912]
.
[HKEY_CLASSES_ROOT\clsid\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
.
[HKEY_CLASSES_ROOT\clsid\{990af1c2-5a27-4460-8149-ecc6bc122af3}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51	3911776	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
2010-12-09 11:51	3911776	----a-w-	c:\program files\BittorrentBar_DE\tbBitt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{990af1c2-5a27-4460-8149-ecc6bc122af3}]
2011-06-27 10:05	175912	----a-w-	c:\program files\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}"= "c:\program files\BittorrentBar_DE\tbBitt.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{990af1c2-5a27-4460-8149-ecc6bc122af3}"= "c:\program files\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll" [2011-06-27 175912]
.
[HKEY_CLASSES_ROOT\clsid\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{990af1c2-5a27-4460-8149-ecc6bc122af3}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4}"= "c:\program files\BittorrentBar_DE\tbBitt.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 01:00	39472	----a-w-	c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35	946352	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-19 14:39	41208	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2008-01-03 00:55	521776	----a-w-	c:\acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25	125952	----a-w-	c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-09-14 15:06	30192	----a-w-	c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-11 19:13	166424	----a-w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-10-03 14:44	178712	----a-w-	c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-11 19:13	141848	----a-w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
2011-08-03 07:55	366024	----a-w-	c:\program files\IncrediMail\bin\IncMail.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-10-11 11:06	62760	----a-w-	c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-01-07 23:51	858632	----a-w-	c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2013-01-27 10:11	947152	----a-w-	c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-11 19:13	133656	----a-w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2008-01-22 13:23	81920	------w-	c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-08 00:25	4853760	----a-w-	c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-21 02:15	1826816	----a-w-	c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-11 08:50	68856	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
2007-09-07 19:35	102400	----a-w-	c:\program files\Synaptics\SynTP\SynTPStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-08-03 06:51	202256	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25	202240	----a-w-	c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL776ACAB3
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-28 13:55]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-28 08:47]
.
2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-28 08:47]
.
2013-02-19 c:\windows\Tasks\ReclaimerUpdateFiles_Trixi.job
- c:\users\Trixi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2013-01-27 15:27]
.
2013-02-19 c:\windows\Tasks\ReclaimerUpdateXML_Trixi.job
- c:\users\Trixi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2013-01-27 15:27]
.
2013-02-19 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Trixi.job
- c:\users\Trixi\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2013-01-27 15:27]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredimail.com?a=6oy9p1n3l1
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0209&m=extensa_5620
IE: Free YouTube Download - c:\users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Trixi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-BitTorrent DNA - c:\users\Trixi\Program Files\DNA\btdna.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-02-19 20:53
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3687985660-2958616181-2635551742-1003\Software\SecuROM\License information*]
"datasecu"=hex:d2,d5,a9,29,41,52,b4,e7,33,3e,a2,3d,57,37,85,51,27,f5,64,fe,4f,
   75,c8,16,71,6d,2c,da,5a,32,93,ce,8e,ba,57,fa,f0,3e,79,7e,c8,1a,2f,61,3c,b0,\
"rkeysecu"=hex:7f,00,1c,dd,8a,24,28,99,ff,12,b7,1b,2b,b1,ab,0e
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-02-19  20:55:05
ComboFix-quarantined-files.txt  2013-02-19 19:55
.
Vor Suchlauf: 17 Verzeichnis(se), 38.625.218.560 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 40.948.408.320 Bytes frei
.
- - End Of File - - 24B4AA35C43C077A5DD9FCB898DFD447
         
--- --- ---

Alt 19.02.2013, 21:10   #12
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 21:46   #13
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



Acer eDataSecurity Management Egis Inc. 23.02.2009 63,2MB 2.8.4354 notwendig
Acer eLock Management Acer Inc. 23.02.2009 13,3MB 2.5.4302 notwendig
Acer Empowering Technology Acer Inc. 27.03.2008 217MB 2.5.4301 notwendig
Acer eNet Management Acer Inc. 23.02.2009 8,71MB 2.6.4303 ,......,
Acer ePower Management Acer Inc. 23.02.2009 16,0MB 2.5.4310
Acer ePresentation Management Acer Inc. 23.02.2009 3,53MB 2.5.4300 ,.....,
Acer eSettings Management Acer Inc. 23.02.2009 13,1MB 2.5.4302
Acer GridVista 23.02.2009 1,51MB 2.72.317 Notwendig
Acer Mobility Center Plug-In Acer Inc. 23.02.2009 4,12MB 1.0.4301 unnötIG
Acer ScreenSaver Acer Inc. 27.03.2008 2.11.20071207 unnötig
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 08.02.2013 11.5.502.149 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 08.02.2013 11.5.502.149 notwendig
Adobe Reader 9.5.3 - Deutsch Adobe Systems Incorporated 13.02.2013 118MB 9.5.3 notwendig
AVS Media Player 4.1.9.95 Online Media Technologies Ltd. 26.12.2012 7,50MB
AVS Update Manager 1.0 Online Media Technologies Ltd. 26.12.2012 11,9MB unnötig
AVS Video Converter 8 Online Media Technologies Ltd. 26.12.2012 39,2MB unötig
AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 26.12.2012 6,75MB unnötig
Bing Bar Microsoft Corporation 10.09.2012 527KB 7.1.391.0 unnötig
BittorrentBar_DE Toolbar BittorrentBar_DE 06.01.2011 3,96MB 6.2.7.3 notwendig
Boilsoft AVI to DVD Converter 4.02 Boilsoft, Inc. 24.09.2010 53,3MB unnötig
Broadcom Gigabit Integrated Controller Broadcom Corporation 27.03.2008 820KB 10.50.08 unbekannt
BurnAware Free 3.3.1 Burnaware Technologies 23.06.2011 21,5MB nötig
CCleaner Piriform 23.01.2013 3,41MB 3.27 nötig
Compatibility Pack für 2007 Office System Microsoft Corporation 26.01.2013 12.0.6612.1000 nötig
Conduit Engine Conduit Ltd. 06.01.2011 3,82MB unbekannt
eMule 10.06.2009 10,9MB nötig
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 28.04.2011 3,23MB nötig
Free Video to MP3 Converter version 4.2.20.421 DVDVideoSoft Limited. 28.04.2011 3,56MB nötig
Free YouTube Download version 2.10.34.421 DVDVideoSoft Limited. 28.04.2011 3,71MB nötig
Free YouTube to MP3 Converter version 3.11.32.918 DVDVideoSoft Ltd. 30.09.2012 17,9MB 3.11.32.918 nötig
Google Desktop Google 15.09.2010 39,0MB 5.9.1005.12335 unnötig
Google Toolbar for Internet Explorer Google Inc. 15.01.2013 6,94MB 7.4.3607.2246 unnötig
HDAUDIO Soft Data Fax Modem with SmartCP 23.02.2009 724KB unbekannt
HP Customer Participation Program 14.0 HP 30.12.2012 179MB 14.0nötig
HP Imaging Device Functions 14.0 HP 30.12.2012 3,37MB 14.0 nötig
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP 30.12.2012 41,3MB 14.0 nötig
HP Smart Web Printing 4.60 HP 30.12.2012 26,3MB 4.60nötig
HP Solution Center 14.0 HP 30.12.2012 3,46MB 14.0 nötig
HP Update Hewlett-Packard 30.12.2012 2,97MB 5.002.002.002nötig
IncrediMail 2.0 IncrediMail Ltd. 03.08.2011 17,8MB 6.2.9.5036nötig
IncrediMail MediaBar Deutsch 2 Toolbar IncrediMail MediaBar Deutsch 2 03.08.2011 4,39MB 6.3.30.0nötig
Intel(R) Graphics Media Accelerator Driver 23.02.2009
Intel(R) Matrix Storage Manager 23.02.2009 3,77MB unbekann
Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 06.02.2011 78,4MB 12.02.0000 unbekannt
Java(TM) 6 Update 38 Oracle 21.01.2013 95,7MB 6.0.380
Launch Manager 23.02.2009 3,23MB unbekannt
Logitech Eyetoy Webcam 08.12.2010 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 19.02.2013 12,2MB 1.70.0.1100 nötig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 16.05.2009 36,9MB unbekannt
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 11.05.2009 27,8MB unbekann
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.06.2010 120MB 4.0.30319 unbekannz
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 26.06.2010 24,5MB 4.0.30319 unbekannt
Microsoft Office Live Add-in 1.5 Microsoft Corporation 05.06.2010 506KB 2.0.4024.1unbekannt
Microsoft Office Outlook Connector Microsoft Corporation 28.11.2009 6,13MB 12.0.6423.1000 umbekannt
Microsoft Office Small Business Connectivity Components Microsoft Corporation 27.03.2008 158KB 2.0.7024.0 unbekannt
Microsoft Office Word Viewer 2003 Microsoft Corporation 10.02.2013 11.0.8173.0unbekannt
Microsoft PowerPoint Viewer Microsoft Corporation 23.12.2012 14.0.6029.1000
Microsoft Primary Interoperability Assemblies 2005 Microsoft Corporation 07.08.2010 7,77MB 8.0.50727.42
Microsoft Security Essentials Microsoft Corporation 18.02.2013 21,8MB 4.2.223.1
Microsoft Silverlight Microsoft Corporation 09.09.2012 4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 27.06.2009 1,74MB 3.1.0000
Microsoft SQL Server Native Client Microsoft Corporation 14.05.2009 2,63MB 9.00.4035.00
Microsoft SQL Server VSS Writer Microsoft Corporation 14.05.2009 699KB 9.00.4035.00
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 28.11.2009 624KB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 28.11.2009 1,44MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 31.07.2009 251KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21.06.2011 294KB 8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 06.11.2009 199KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 18.06.2011 592KB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 05.11.2009 590KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.08.2010 586KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 21.06.2011 594KB 9.0.30729.6161
Movavi Video Converter 12 Movavi 26.12.2012 167MB 12.2.0
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 17.01.2010 34,0KB 4.20.9841.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 17.01.2010 34,0KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 17.01.2010 1,33MB 4.20.9876.0
MyDSC2 My Company Name 07.06.2009 3,45MB 1.0
Nero 9 Trial Nero AG 15.01.2010
NTI Backup NOW! 4.7 NewTech Infosystems 27.03.2008 7,22MB 1.00.0000
NTI CD & DVD-Maker NewTech Infosystems 27.03.2008 40,0MB 7
NTI Shadow NewTech Infosystems 27.03.2008 7,33MB 3.7.6.37
OpenOffice.org 3.1 OpenOffice.org 23.11.2009 371MB 3.1.9420
Opera 12.14 Opera Software ASA 07.02.2013 42,8MB 12.14.1738
PC Connectivity Solution Nokia 21.01.2010 9,25MB 8.15.0.0
PC VGA Camer@ Ihr Firmenname 30.12.2012 48,0KB 1.0.2.7
PhoTags Express Smith Micro Software, Inc. 07.06.2009
Photo Notifier and Animation Creator IncrediMail Ltd. 09.02.2013 2,71MB 1.0.0.1009
PowerDVD CyberLink Corporation 23.02.2009 58,8MB 7.32.3730a.0
QuickTime 18.12.2009 9,46MB
RealPlayer RealNetworks 03.08.2010 86,7MB
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 27.03.2008 15,9MB 6.0.1.5543
Shockwave 07.07.2009
Shop for HP Supplies HP 30.12.2012 179MB 14.0
Skype Toolbars Skype Technologies S.A. 22.06.2011 5,86MB 5.3.7555
Skype™ 5.10 Skype Technologies S.A. 09.09.2012 19,4MB 5.10.116
SLOW-PCfighter SPAMfighter ApS 25.09.2010 13,8MB 1.2.61
Synaptics Pointing Device Driver Synaptics 27.03.2008 13,6MB 10.0.15.0
Texas Instruments PCIxx21/x515/xx12 drivers. Texas Instruments Inc. 27.03.2008 964KB 2.00.0002
TuneUp Utilities 2013 TuneUp Software 09.02.2013 78,5MB 13.0.3020.2
Uninstall 1.0.0.1 28.04.2011 27,7MB
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 14.05.2009 23,2MB 9.00.4035.00
VLC media player 0.9.9 VideoLAN Team 25.05.2009 63,1MB 0.9.9
Windows 7 Upgrade Advisor Microsoft Corporation 13.11.2012 8,77MB 2.0.5000.0unbekannt
Windows Live Essentials Microsoft Corporation 28.11.2009 44,0MB 14.0.8089.0726unbekannt
Windows Live ID-Anmelde-Assistent Microsoft Corporation 05.06.2010 4,68MB 6.500.3165.0 unbekannt
Windows Live Sync Microsoft Corporation 28.11.2009 2,79MB 14.0.8089.726 unbekannt
Windows Live-Uploadtool Microsoft Corporation 12.05.2009 225KB 14.0.8014.1029 unbekannt
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Nokia 21.01.2010 10/12/2007 6.85.4.0
WinRAR 06.01.2010 3,78MB nötig
Yontoo Layers 1.10.01 23.06.2011 188KB 1.10.01 unbekannt
µTorrent BitTorrent Inc. 22.01.2013 948KB 3.2.3.28705 nötig

Alt 19.02.2013, 21:52   #14
markusg
/// Malware-holic
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



wieso fehlt ab der hälfte die beschriftung?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 22:02   #15
Triati
 
Windows Hostprozess wurde geschlossen - Standard

Windows Hostprozess wurde geschlossen



entschuldigun habe ich Übersehen

Acer eDataSecurity Management Egis Inc. 23.02.2009 63,2MB 2.8.4354 notwendig
Acer eLock Management Acer Inc. 23.02.2009 13,3MB 2.5.4302 notwendig
Acer Empowering Technology Acer Inc. 27.03.2008 217MB 2.5.4301 notwendig
Acer eNet Management Acer Inc. 23.02.2009 8,71MB 2.6.4303 ,......,
Acer ePower Management Acer Inc. 23.02.2009 16,0MB 2.5.4310
Acer ePresentation Management Acer Inc. 23.02.2009 3,53MB 2.5.4300 ,.....,
Acer eSettings Management Acer Inc. 23.02.2009 13,1MB 2.5.4302
Acer GridVista 23.02.2009 1,51MB 2.72.317 Notwendig
Acer Mobility Center Plug-In Acer Inc. 23.02.2009 4,12MB 1.0.4301 unnötIG
Acer ScreenSaver Acer Inc. 27.03.2008 2.11.20071207 unnötig
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 08.02.2013 11.5.502.149 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 08.02.2013 11.5.502.149 notwendig
Adobe Reader 9.5.3 - Deutsch Adobe Systems Incorporated 13.02.2013 118MB 9.5.3 notwendig
AVS Media Player 4.1.9.95 Online Media Technologies Ltd. 26.12.2012 7,50MB
AVS Update Manager 1.0 Online Media Technologies Ltd. 26.12.2012 11,9MB unnötig
AVS Video Converter 8 Online Media Technologies Ltd. 26.12.2012 39,2MB unötig
AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 26.12.2012 6,75MB unnötig
Bing Bar Microsoft Corporation 10.09.2012 527KB 7.1.391.0 unnötig
BittorrentBar_DE Toolbar BittorrentBar_DE 06.01.2011 3,96MB 6.2.7.3 notwendig
Boilsoft AVI to DVD Converter 4.02 Boilsoft, Inc. 24.09.2010 53,3MB unnötig
Broadcom Gigabit Integrated Controller Broadcom Corporation 27.03.2008 820KB 10.50.08 unbekannt
BurnAware Free 3.3.1 Burnaware Technologies 23.06.2011 21,5MB nötig
CCleaner Piriform 23.01.2013 3,41MB 3.27 nötig
Compatibility Pack für 2007 Office System Microsoft Corporation 26.01.2013 12.0.6612.1000 nötig
Conduit Engine Conduit Ltd. 06.01.2011 3,82MB unbekannt
eMule 10.06.2009 10,9MB nötig
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 28.04.2011 3,23MB nötig
Free Video to MP3 Converter version 4.2.20.421 DVDVideoSoft Limited. 28.04.2011 3,56MB nötig
Free YouTube Download version 2.10.34.421 DVDVideoSoft Limited. 28.04.2011 3,71MB nötig
Free YouTube to MP3 Converter version 3.11.32.918 DVDVideoSoft Ltd. 30.09.2012 17,9MB 3.11.32.918 nötig
Google Desktop Google 15.09.2010 39,0MB 5.9.1005.12335 unnötig
Google Toolbar for Internet Explorer Google Inc. 15.01.2013 6,94MB 7.4.3607.2246 unnötig
HDAUDIO Soft Data Fax Modem with SmartCP 23.02.2009 724KB unbekannt
HP Customer Participation Program 14.0 HP 30.12.2012 179MB 14.0nötig
HP Imaging Device Functions 14.0 HP 30.12.2012 3,37MB 14.0 nötig
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP 30.12.2012 41,3MB 14.0 nötig
HP Smart Web Printing 4.60 HP 30.12.2012 26,3MB 4.60nötig
HP Solution Center 14.0 HP 30.12.2012 3,46MB 14.0 nötig
HP Update Hewlett-Packard 30.12.2012 2,97MB 5.002.002.002nötig
IncrediMail 2.0 IncrediMail Ltd. 03.08.2011 17,8MB 6.2.9.5036nötig
IncrediMail MediaBar Deutsch 2 Toolbar IncrediMail MediaBar Deutsch 2 03.08.2011 4,39MB 6.3.30.0nötig
Intel(R) Graphics Media Accelerator Driver 23.02.2009
Intel(R) Matrix Storage Manager 23.02.2009 3,77MB unbekann
Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 06.02.2011 78,4MB 12.02.0000 unbekannt
Java(TM) 6 Update 38 Oracle 21.01.2013 95,7MB 6.0.380
Launch Manager 23.02.2009 3,23MB unbekannt
Logitech Eyetoy Webcam 08.12.2010 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 19.02.2013 12,2MB 1.70.0.1100 nötig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 16.05.2009 36,9MB unbekannt
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 11.05.2009 27,8MB unbekann
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.06.2010 120MB 4.0.30319 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 26.06.2010 24,5MB 4.0.30319 unbekannt
Microsoft Office Live Add-in 1.5 Microsoft Corporation 05.06.2010 506KB 2.0.4024.1unbekannt
Microsoft Office Outlook Connector Microsoft Corporation 28.11.2009 6,13MB 12.0.6423.1000 umbekannt
Microsoft Office Small Business Connectivity Components Microsoft Corporation 27.03.2008 158KB 2.0.7024.0 unbekannt
Microsoft Office Word Viewer 2003 Microsoft Corporation 10.02.2013 11.0.8173.0 unbekannt
Microsoft PowerPoint Viewer Microsoft Corporation 23.12.2012 14.0.6029.1000 nötig
Microsoft Primary Interoperability Assemblies 2005 Microsoft Corporation 07.08.2010 7,77MB 8.0.50727.42 unbekannt
Microsoft Security Essentials Microsoft Corporation 18.02.2013 21,8MB 4.2.223.1nötig
Microsoft Silverlight Microsoft Corporation 09.09.2012 4.1.10329.0 unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 27.06.2009 1,74MB 3.1.0000 unbekannt
Microsoft SQL Server Native Client Microsoft Corporation 14.05.2009 2,63MB 9.00.4035.00 unbekannt
Microsoft SQL Server VSS Writer Microsoft Corporation 14.05.2009 699KB 9.00.4035.00 unbekannt
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 28.11.2009 624KB 1.0.1215.0 unbekannt
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 28.11.2009 1,44MB 1.0.1215.0 unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 31.07.2009 251KB 8.0.50727.4053 unbekannt
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21.06.2011 294KB 8.0.61001 unbekannt
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 06.11.2009 199KB 9.0.30729.4148 unbekannt
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 18.06.2011 592KB 9.0.30729.5570 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 05.11.2009 590KB 9.0.30729 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 07.08.2010 586KB 9.0.30729.4148 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 21.06.2011 594KB 9.0.30729.6161 unbekannt
Movavi Video Converter 12 Movavi 26.12.2012 167MB 12.2.0 unbekannt
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 17.01.2010 34,0KB 4.20.9841.0 unbekannt
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 17.01.2010 34,0KB 4.20.9870.0unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 17.01.2010 1,33MB 4.20.9876.0unbekannt
MyDSC2 My Company Name 07.06.2009 3,45MB 1.0 unbekannt
Nero 9 Trial Nero AG 15.01.2010 unnötig
NTI Backup NOW! 4.7 NewTech Infosystems 27.03.2008 7,22MB 1.00.0000 unbekannt
NTI CD & DVD-Maker NewTech Infosystems 27.03.2008 40,0MB 7 unbekannt
NTI Shadow NewTech Infosystems 27.03.2008 7,33MB 3.7.6.37unbekannt
OpenOffice.org 3.1 OpenOffice.org 23.11.2009 371MB 3.1.9420 notwendig
Opera 12.14 Opera Software ASA 07.02.2013 42,8MB 12.14.1738 notwendig
PC Connectivity Solution Nokia 21.01.2010 9,25MB 8.15.0.0 unbekannt
PC VGA Camer@ Ihr Firmenname 30.12.2012 48,0KB 1.0.2.7 unbekannt
PhoTags Express Smith Micro Software, Inc. 07.06.2009 unbekannt
Photo Notifier and Animation Creator IncrediMail Ltd. 09.02.2013 2,71MB 1.0.0.1009 unbekannt
PowerDVD CyberLink Corporation 23.02.2009 58,8MB 7.32.3730a.0 notwendig
QuickTime 18.12.2009 9,46MB notwendig
RealPlayer RealNetworks 03.08.2010 86,7MB notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 27.03.2008 15,9MB 6.0.1.5543notwendig
Shockwave 07.07.2009 unbekannt
Shop for HP Supplies HP 30.12.2012 179MB 14.0 unnötig
Skype Toolbars Skype Technologies S.A. 22.06.2011 5,86MB 5.3.7555 notwendig
Skype™ 5.10 Skype Technologies S.A. 09.09.2012 19,4MB 5.10.116 notwendig
SLOW-PCfighter SPAMfighter ApS 25.09.2010 13,8MB 1.2.61unbekannt
Synaptics Pointing Device Driver Synaptics 27.03.2008 13,6MB 10.0.15.0 unbekannt
Texas Instruments PCIxx21/x515/xx12 drivers. Texas Instruments Inc. 27.03.2008 964KB 2.00.0002 unbekannt
TuneUp Utilities 2013 TuneUp Software 09.02.2013 78,5MB 13.0.3020.2nötig
Uninstall 1.0.0.1 28.04.2011 27,7MB unbekannt
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 14.05.2009 23,2MB 9.00.4035.00 unbekannt
VLC media player 0.9.9 VideoLAN Team 25.05.2009 63,1MB 0.9.9nötig
Windows 7 Upgrade Advisor Microsoft Corporation 13.11.2012 8,77MB 2.0.5000.0unbekannt
Windows Live Essentials Microsoft Corporation 28.11.2009 44,0MB 14.0.8089.0726unbekannt
Windows Live ID-Anmelde-Assistent Microsoft Corporation 05.06.2010 4,68MB 6.500.3165.0 unbekannt
Windows Live Sync Microsoft Corporation 28.11.2009 2,79MB 14.0.8089.726 unbekannt
Windows Live-Uploadtool Microsoft Corporation 12.05.2009 225KB 14.0.8014.1029 unbekannt
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Nokia 21.01.2010 10/12/2007 6.85.4.0
WinRAR 06.01.2010 3,78MB nötig
Yontoo Layers 1.10.01 23.06.2011 188KB 1.10.01 unbekannt
µTorrent BitTorrent Inc. 22.01.2013 948KB 3.2.3.28705 nötig

Antwort

Themen zu Windows Hostprozess wurde geschlossen
.dll, absturz, administrator, anti-malware, autostart, bild, browser, dateien, englisch, explorer, gelöscht, hardware, helper, hostprozess, hängen, laptop, microsoft, problem, probleme, prozess, quarantäne, software, test, vista, windows



Ähnliche Themen: Windows Hostprozess wurde geschlossen


  1. Microsoft Windows meldet: AdobeFlashPlayer Update Service 11.6 r602 wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (9)
  2. Fehlermeldung: tcbhn wurde geschlossen
    Log-Analyse und Auswertung - 08.07.2013 (11)
  3. tcbhn wurde beendet und geschlossen!
    Log-Analyse und Auswertung - 14.06.2013 (30)
  4. tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 13.06.2013 (47)
  5. Tcbhn wurde beendet und geschlossen - Virus?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (9)
  6. tcbhn.exe wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (17)
  7. tcbhn.exe wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (3)
  8. Tcbhn wurde beendet und geschlossen
    Log-Analyse und Auswertung - 03.05.2013 (7)
  9. Meldung: tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (21)
  10. tcbhn wurde beendet und geschlossen?
    Log-Analyse und Auswertung - 23.04.2013 (8)
  11. tbhcn wurde beendet und geschlossen
    Log-Analyse und Auswertung - 14.03.2013 (23)
  12. tcbhn wurde beendet und geschlossen?
    Plagegeister aller Art und deren Bekämpfung - 22.02.2013 (43)
  13. Langsamer PC, Systemabstürze, Fehlermeldungen (Windows Search Indexerstellung wurde geschlossen,u.a)
    Log-Analyse und Auswertung - 28.09.2011 (35)
  14. Probleme mit windowsupdat(e), Hostprozess für Windowsdienste wurde beendet etc...
    Antiviren-, Firewall- und andere Schutzprogramme - 13.03.2011 (18)
  15. hostprozess für windows-dienste
    Plagegeister aller Art und deren Bekämpfung - 22.01.2011 (19)
  16. Hostprozess für Windows-Dienste wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 01.09.2010 (28)
  17. Lästige Meldungen: Hostprozess für Windows-Dienste wird geschlossen/Autorun blockiert
    Plagegeister aller Art und deren Bekämpfung - 13.06.2010 (3)

Zum Thema Windows Hostprozess wurde geschlossen - Hallo,ich habe ein Problem mit meinen Laptop seit einiger zeit schreibt er immer wieder Windows Hostprozess wird geschlossen mit dem Konnte ich einiger massen Leben obwohl ich nicht weis wozu - Windows Hostprozess wurde geschlossen...
Archiv
Du betrachtest: Windows Hostprozess wurde geschlossen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.